committing changes in /etc made by "-bash"

Package changes:
2023-09-07 07:14:17 +03:00
parent 8c945ffc5e
commit 59d3c2af55
36 changed files with 1 additions and 4726 deletions
--- a/.etckeeper
+++ b/.etckeeper
@@ -12,7 +12,6 @@ mkdir -p './X11/applnk'
 mkdir -p './X11/xorg.conf.d'
 mkdir -p './ansible/roles'
 mkdir -p './authselect/custom'
 mkdir -p './avahi/services'
 mkdir -p './binfmt.d'
 mkdir -p './cagefs/conf.d'
 mkdir -p './cagefs/exclude'
@@ -21,8 +20,7 @@ mkdir -p './cl.selector/php.extensions.d'
 mkdir -p './cloud'
 mkdir -p './cron.weekly'
 mkdir -p './crypto-policies/policies/modules'
-mkdir -p './cups/ppd'
+mkdir -p './cups'
 mkdir -p './cups/ssl'
 mkdir -p './dbus-1/session.d'
 mkdir -p './dconf/db/local.d/locks'
 mkdir -p './dconf/db/site.d/locks'
@@ -62,7 +60,6 @@ mkdir -p './mail/spamassassin/sa-update-keys/private-keys-v1.d'
 mkdir -p './modulefiles'
 mkdir -p './modules-load.d'
 mkdir -p './named'
 mkdir -p './netdata/statsd.d'
 mkdir -p './newrelic-infra/integrations.d'
 mkdir -p './nginx/conf.d/ganool/nginx/modules'
 mkdir -p './nginx/conf.d/ganool/nginx/ngx1/nginx/modules'
@@ -250,12 +247,6 @@ maybe chmod 0644 'authselect/smartcard-auth'
 maybe chmod 0644 'authselect/system-auth'
 maybe chmod 0644 'authselect/user-nsswitch.conf'
 maybe chmod 0644 'authselect/user-nsswitch.conf.save_by_rpm'
 maybe chmod 0755 'avahi'
 maybe chmod 0644 'avahi/avahi-daemon.conf'
 maybe chmod 0755 'avahi/etc'
 maybe chmod 0644 'avahi/etc/localtime'
 maybe chmod 0644 'avahi/hosts'
 maybe chmod 0755 'avahi/services'
 maybe chmod 0755 'awstats'
 maybe chmod 0644 'awstats/awstats.192.168.1.2.conf'
 maybe chmod 0644 'awstats/awstats.club3d.ro.conf'
@@ -551,41 +542,14 @@ maybe chmod 0644 'csh.cshrc'
 maybe chmod 0644 'csh.login'
 maybe chgrp 'lp' 'cups'
 maybe chmod 0755 'cups'
 maybe chgrp 'lp' 'cups/classes.conf'
 maybe chmod 0600 'cups/classes.conf'
 maybe chgrp 'lp' 'cups/client.conf'
 maybe chmod 0644 'cups/client.conf'
 maybe chmod 0644 'cups/cups-browsed.conf'
 maybe chgrp 'lp' 'cups/cups-files.conf'
 maybe chmod 0640 'cups/cups-files.conf'
 maybe chgrp 'lp' 'cups/cups-files.conf.default'
 maybe chmod 0640 'cups/cups-files.conf.default'
 maybe chgrp 'lp' 'cups/cupsd.conf'
 maybe chmod 0640 'cups/cupsd.conf'
 maybe chgrp 'lp' 'cups/cupsd.conf.default'
 maybe chmod 0640 'cups/cupsd.conf.default'
 maybe chgrp 'lp' 'cups/lpoptions'
 maybe chmod 0644 'cups/lpoptions'
 maybe chgrp 'lp' 'cups/ppd'
 maybe chmod 0755 'cups/ppd'
 maybe chgrp 'lp' 'cups/printers.conf'
 maybe chmod 0600 'cups/printers.conf'
 maybe chgrp 'lp' 'cups/snmp.conf'
 maybe chmod 0644 'cups/snmp.conf'
 maybe chgrp 'lp' 'cups/snmp.conf.default'
 maybe chmod 0640 'cups/snmp.conf.default'
 maybe chgrp 'lp' 'cups/ssl'
 maybe chmod 0700 'cups/ssl'
 maybe chmod 0755 'dbus-1'
 maybe chmod 0644 'dbus-1/session.conf'
 maybe chmod 0755 'dbus-1/session.d'
 maybe chmod 0644 'dbus-1/system.conf'
 maybe chmod 0755 'dbus-1/system.d'
 maybe chmod 0644 'dbus-1/system.d/avahi-dbus.conf'
 maybe chmod 0644 'dbus-1/system.d/com.redhat.RHSM1.Facts.conf'
 maybe chmod 0644 'dbus-1/system.d/com.redhat.RHSM1.conf'
 maybe chmod 0644 'dbus-1/system.d/com.redhat.tuned.conf'
 maybe chmod 0444 'dbus-1/system.d/cups.conf'
 maybe chmod 0644 'dbus-1/system.d/nm-dispatcher.conf'
 maybe chmod 0644 'dbus-1/system.d/nm-ifcfg-rh.conf'
 maybe chmod 0644 'dbus-1/system.d/oddjob-mkhomedir.conf'
@@ -989,12 +953,6 @@ maybe chmod 0755 'fonts'
 maybe chmod 0755 'fonts/conf.d'
 maybe chmod 0644 'fonts/conf.d/README'
 maybe chmod 0644 'fonts/fonts.conf'
 maybe chmod 0755 'freeipmi'
 maybe chmod 0600 'freeipmi/freeipmi.conf'
 maybe chmod 0644 'freeipmi/freeipmi_interpret_sel.conf'
 maybe chmod 0644 'freeipmi/freeipmi_interpret_sensor.conf'
 maybe chmod 0600 'freeipmi/ipmidetect.conf'
 maybe chmod 0600 'freeipmi/libipmiconsole.conf'
 maybe chmod 0600 'freshclam.conf'
 maybe chmod 0644 'fstab'
 maybe chmod 0644 'fuse.conf'
@@ -3462,7 +3420,6 @@ maybe chmod 0644 'logrotate.d/aide'
 maybe chmod 0644 'logrotate.d/btmp'
 maybe chmod 0644 'logrotate.d/chrony'
 maybe chmod 0644 'logrotate.d/clamav-unofficial-sigs'
 maybe chmod 0644 'logrotate.d/cups'
 maybe chmod 0644 'logrotate.d/dnf'
 maybe chmod 0644 'logrotate.d/fail2ban'
 maybe chmod 0644 'logrotate.d/firewalld'
@@ -3474,7 +3431,6 @@ maybe chmod 0644 'logrotate.d/mysecureshell'
 maybe chmod 0644 'logrotate.d/mysql'
 maybe chgrp 'named' 'logrotate.d/named'
 maybe chmod 0640 'logrotate.d/named'
 maybe chmod 0644 'logrotate.d/netdata'
 maybe chmod 0644 'logrotate.d/nginx'
 maybe chmod 0644 'logrotate.d/php-fpm'
 maybe chmod 0644 'logrotate.d/ppp'
@@ -4405,16 +4361,9 @@ maybe chgrp 'named' 'named.root.key'
 maybe chmod 0644 'named.root.key'
 maybe chmod 0644 'netconfig'
 maybe chmod 0755 'netdata'
 maybe chgrp 'netdata' 'netdata/.install-type'
 maybe chmod 0644 'netdata/.install-type'
 maybe chgrp 'netdata' 'netdata/edit-config'
 maybe chmod 0755 'netdata/edit-config'
 maybe chmod 0755 'netdata/health.d'
 maybe chmod 0640 'netdata/health.d/ram-usage.conf'
 maybe chmod 0640 'netdata/health.d/swap-usage.conf'
 maybe chmod 0644 'netdata/netdata-updater.conf'
 maybe chmod 0644 'netdata/netdata.conf'
 maybe chmod 0755 'netdata/statsd.d'
 maybe chmod 0644 'networks'
 maybe chmod 0755 'newrelic-infra'
 maybe chmod 0644 'newrelic-infra.yml'
@@ -5120,7 +5069,6 @@ maybe chmod 0644 'pam.d/chsh'
 maybe chmod 0644 'pam.d/cockpit'
 maybe chmod 0644 'pam.d/config-util'
 maybe chmod 0644 'pam.d/crond'
 maybe chmod 0444 'pam.d/cups'
 maybe chmod 0644 'pam.d/dovecot'
 maybe chmod 0644 'pam.d/fingerprint-auth'
 maybe chmod 0644 'pam.d/login'
@@ -6176,7 +6124,6 @@ maybe chmod 0755 'systemd/system/nfs-server.service.requires'
 maybe chmod 0755 'systemd/system/nginx.service.d'
 maybe chmod 0644 'systemd/system/nginx.service.d/php-fpm.conf'
 maybe chmod 0755 'systemd/system/php-fpm.service.d'
 maybe chmod 0755 'systemd/system/printer.target.wants'
 maybe chmod 0755 'systemd/system/redis-sentinel.service.d'
 maybe chmod 0644 'systemd/system/redis-sentinel.service.d/limit.conf'
 maybe chmod 0755 'systemd/system/redis.service.d'
--- a/avahi/avahi-daemon.conf
+++ b/avahi/avahi-daemon.conf
@@ -1,68 +0,0 @@
 # This file is part of avahi.
 #
 # avahi is free software; you can redistribute it and/or modify it
 # under the terms of the GNU Lesser General Public License as
 # published by the Free Software Foundation; either version 2 of the
 # License, or (at your option) any later version.
 #
 # avahi is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
 # License for more details.
 #
 # You should have received a copy of the GNU Lesser General Public
 # License along with avahi; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
 # USA.
 # See avahi-daemon.conf(5) for more information on this configuration
 # file!
 [server]
 #host-name=foo
 #domain-name=local
 #browse-domains=0pointer.de, zeroconf.org
 use-ipv4=yes
 use-ipv6=yes
 #allow-interfaces=eth0
 #deny-interfaces=eth1
 #check-response-ttl=no
 #use-iff-running=no
 #enable-dbus=yes
 #disallow-other-stacks=no
 #allow-point-to-point=no
 #cache-entries-max=4096
 #clients-max=4096
 #objects-per-client-max=1024
 #entries-per-entry-group-max=32
 ratelimit-interval-usec=1000000
 ratelimit-burst=1000
 [wide-area]
 enable-wide-area=yes
 [publish]
 #disable-publishing=no
 #disable-user-service-publishing=no
 #add-service-cookie=no
 #publish-addresses=yes
 publish-hinfo=no
 publish-workstation=no
 #publish-domain=yes
 #publish-dns-servers=192.168.50.1, 192.168.50.2
 #publish-resolv-conf-dns-servers=yes
 #publish-aaaa-on-ipv4=yes
 #publish-a-on-ipv6=no
 [reflector]
 #enable-reflector=no
 #reflect-ipv=no
 [rlimits]
 #rlimit-as=
 #rlimit-core=0
 #rlimit-data=8388608
 #rlimit-fsize=0
 #rlimit-nofile=768
 #rlimit-stack=8388608
 #rlimit-nproc=3
--- a/avahi/etc/localtime
+++ b/avahi/etc/localtime
--- a/avahi/hosts
+++ b/avahi/hosts
@@ -1,27 +0,0 @@
 # This file is part of avahi.
 # 
 # avahi is free software; you can redistribute it and/or modify it
 # under the terms of the GNU Lesser General Public License as
 # published by the Free Software Foundation; either version 2 of the
 # License, or (at your option) any later version.
 #
 # avahi is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
 # License for more details.
 #
 # You should have received a copy of the GNU Lesser General Public
 # License along with avahi; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
 # USA.
 # This file contains static ip address <-> host name mappings.  These
 # can be useful to publish services on behalf of a non-avahi enabled
 # device. Please bear in mind that host names are expected to be
 # fully qualified domain names, i.e. ending in .local!
 # See avahi.hosts(5) for more information on this configuration file!
 # Examples:
 # 192.168.0.1 router.local
 # 2001::81:1 test.local
--- a/cups/classes.conf
+++ b/cups/classes.conf
--- a/cups/client.conf
+++ b/cups/client.conf
--- a/cups/cups-browsed.conf
+++ b/cups/cups-browsed.conf
@@ -1,691 +0,0 @@
 # All configuration options described here can also be supplied on the
 # command line of cups-browsed via the "-o" option. In case of
 # contradicting settings the setting defined in the configuration file
 # will get used.
 # Unknown directives are ignored, also unknown values.
 # Where should cups-browsed save information about the print queues it had
 # generated when shutting down, like whether one of these queues was the
 # default printer, or default option settings of the queues?
 # CacheDir /var/cache/cups
 # Where should cups-browsed create its debug log file (if "DebugLogging file"
 # is set)?
 # LogDir /var/log/cups
 # How should debug logging be done? Into the file
 # /var/log/cups/cups-browsed_log ('file'), to stderr ('stderr'), or
 # not at all ('none')?
 # DebugLogging file
 # DebugLogging stderr
 # DebugLogging file stderr
 # DebugLogging none
 # Which protocols will we use to discover printers on the network?
 # Can use DNSSD and/or CUPS and/or LDAP, or 'none' for neither.
 BrowseRemoteProtocols dnssd cups
 # Which protocols will we use to broadcast shared local printers to the network?
 # Can use DNSSD and/or CUPS, or 'none' for neither.
 # Only CUPS is actually supported, as DNSSD is done by CUPS itself (we ignore
 # DNSSD in this directive).
 # BrowseLocalProtocols none
 # Settings of this directive apply to both BrowseRemoteProtocols and
 # BrowseLocalProtocols.
 # Can use DNSSD and/or CUPS and/or LDAP, or 'none' for neither.
 # BrowseProtocols none
 # Only browse remote printers (via DNS-SD or CUPS browsing) from
 # selected servers using the "BrowseAllow", "BrowseDeny", and
 # "BrowseOrder" directives
 # This serves for restricting the choice of printers in print dialogs
 # to trusted servers or to reduce the number of listed printers in the
 # print dialogs to a more user-friendly amount in large networks with
 # very many shared printers.
 # This only filters the selection of remote printers for which
 # cups-browsed creates local queues. If the print dialog uses other
 # mechanisms to list remote printers as for example direct DNS-SD
 # access, cups-browsed has no influence. cups-browsed also does not
 # prevent the user from manually accessing non-listed printers.
 # "BrowseAllow": Accept printers from these hosts or networks. If
 # there are only "BrowseAllow" lines and no "BrowseOrder" and/or
 # "BrowseDeny" lines, only servers matching at last one "BrowseAllow"
 # line are accepted.
 # "BrowseDeny": Deny printers from these hosts or networks. If there
 # are only "BrowseDeny" lines and no "BrowseOrder" and/or
 # "BrowseAllow" lines, all servers NOT matching any of the
 # "BrowseDeny" lines are accepted.
 # "BrowseOrder": Determine the order in which "BrowseAllow" and
 # "BrowseDeny" lines are applied. With "BrowseOrder Deny,Allow" in the
 # beginning all servers are accepted, then the "BrowseDeny" lines are
 # applied to exclude unwished servers or networks and after that the
 # "BrowseAllow" lines to re-include servers or networks. With
 # "BrowseOrder Allow,Deny" we start with denying all servers, then
 # applying the "BrowseAllow" lines and afterwards the "BrowseDeny"
 # lines.
 # Default for "BrowseOrder" is "Deny.Allow" if there are both
 # "BrowseAllow" and "BrowseDeny" lines.
 # If there are no "Browse..." lines at all, all servers are accepted.
 # BrowseAllow All
 # BrowseAllow cups.example.com
 # BrowseAllow 192.168.1.12
 # BrowseAllow 192.168.1.0/24
 # BrowseAllow 192.168.1.0/255.255.255.0
 # BrowseDeny All
 # BrowseDeny printserver.example.com
 # BrowseDeny 192.168.1.13
 # BrowseDeny 192.168.3.0/24
 # BrowseDeny 192.168.3.0/255.255.255.0
 # BrowseOrder Deny,Allow
 # BrowseOrder Allow,Deny
 # The interval between browsing/broadcasting cycles, local and/or
 # remote, can be adjusted with the BrowseInterval directive.
 # BrowseInterval 60
 # Browsing-related operations such as adding or removing printer queues
 # and broadcasting are each allowed to take up to a given amount of time.
 # It can be configured, in seconds, with the BrowseTimeout directive.
 # Especially queues discovered by CUPS broadcasts will be removed after
 # this timeout if no further broadcast from the server happens.
 # BrowseTimeout 300
 # Filtering of remote printers by other properties than IP addresses
 # of their servers
 # Often the desired selection of printers cannot be reached by only
 # taking into account the IP addresses of the servers. For these cases
 # there is the BrowseFilter directive to filter by most of the known
 # properties of the printer.
 # By default there is no BrowseFilter line meaning that no filtering
 # is applied.
 # To do filtering one can supply one or more BrowseFilter directives
 # like this:
 # BrowseFilter [NOT] [EXACT] <FIELD> [<VALUE>]
 # The BrowseFilter directive always starts with the word
 # "BrowseFilter" and it must at least contain the name of the data
 # field (<FIELD>) of the printer's properties to which it should
 # apply.
 # Available field names are:
 #   name:    Name of the local print queue to be created
 #   host:    Host name of the remote print server
 #   port:    Port through which the printer is accessed on the server
 #   service: DNS/SD service name of the remote printer
 #   domain:  Domain of the remote print server
 # Also all field names in the TXT records of DNS-SD-advertised printers
 # are valid, like "color", "duplex", "pdl", ... If the field name of
 # the filter rule does not exist for the printer, the rule is skipped.
 # The optional <VALUE> field is either the exact value (when the
 # option EXACT is supplied) or a regular expression (Run "man 7 regex"
 # in a terminal window) to be matched with the data field.
 # If no <VALUE> filed is supplied, rules with field names of the TXT
 # record are considered for boolean matching (true/false) of boolean
 # field (like duplex, which can have the values "T" for true and "F"
 # for false).
 # If the option NOT is supplied, the filter rule is fulfilled if the
 # regular expression or the exact value DOES NOT match the content of
 # the data field. In a boolean rule (without <VALUE>) the rule matches
 # false.
 # Regular expressions are always considered case-insensitive and
 # extended POSIX regular expressions. Field names and options (NOT,
 # EXACT) are all evaluated case-insensitive. If there is an error in a
 # regular expression, the BrowseFilter line gets ignored.
 # Especially to note is that supplying any simple string consisting of
 # only letters, numbers, spaces, and some basic special characters as
 # a regular expression matches if it is contained somewhere in the
 # data field.
 # If there is more than one BrowseFilter directive, ALL the directives
 # need to be fulfilled for the remote printer to be accepted. If one
 # is not fulfilled, the printer will get ignored.
 # Examples:
 # Rules for standard data items which are supplied with any remote
 # printer advertised via DNS-SD:
 # Print queue name must contain "hum_res_", this matches
 # "hum_res_mono" or "hum_res_color" but also "old_hum_res_mono":
 # BrowseFilter name hum_res_
 # This matches if the remote host name contains "printserver", like
 # "printserver.local", "printserver2.example.com", "newprintserver":
 # BrowseFilter host printserver
 # This matches all ports with 631 int its number, for example 631,
 # 8631, 10631,...:
 # BrowseFilter port 631
 # This rule matches if the DNS-SD service name contains "@ printserver":
 # Browsefilter service @ printserver
 # Matches all domains with "local" in their names, not only "local" but
 # also things like "printlocally.com":
 # BrowseFilter domain local
 # Examples for rules applying to items of the TXT record:
 # This rule selects PostScript printers, as the "PDL" field in the TXT
 # record contains "postscript" then. This includes also remote CUPS
 # queues which accept PostScript, independent of whether the physical
 # printer behind the CUPS queue accepts PostScript or not.
 # BrowseFilter pdl postscript
 # Color printers usually contain a "Color" entry set to "T" (for true)
 # in the TXT record. This rule selects them:
 # BrowseFilter color
 # This is a similar rule to select only duplex (automatic double-sided
 # printing) printers:
 # BrowseFilter duplex
 # Rules with the NOT option:
 # This rule EXCLUDES printers from all hosts containing "financial" in
 # their names, nice to get rid of the 100s of printers of the
 # financial department:
 # BrowseFilter NOT host financial
 # Get only monochrome printers ("Color" set to "F", meaning false, in
 # the TXT record):
 # BrowseFilter NOT color
 # Rules with more advanced use of regular expressions:
 # Only queue names which BEGIN WITH "hum_res_" are accepted now, so we
 # still get "hum_res_mono" or "hum_res_color" but not
 # "old_hum_res_mono" any more:
 # BrowseFilter name ^hum_res_
 # Server names is accepted if it contains "print_server" OR
 # "graphics_dep_server":
 # BrowseFilter host print_server|graphics_dep_server
 # "printserver1", "printserver2", and "printserver3", nothing else:
 # BrowseFilter host ^printserver[1-3]$
 # Printers understanding at least one of PostScript, PCL, or PDF:
 # BrowseFilter pdl postscript|pcl|pdf
 # Examples for the EXACT option:
 # Only printers from "printserver.local" are accepted:
 # BrowseFilter EXACT host printserver.local
 # Printers from all servers except "prinserver2.local" are accepted:
 # BrowseFilter NOT EXACT host prinserver2.local
 # Use BrowsePoll to poll a particular CUPS server
 # BrowsePoll cups.example.com
 # BrowsePoll cups.example.com:631
 # BrowsePoll cups.example.com:631/version=1.1
 # LDAP browsing configuration
 # The default value for all options is an empty string. Example configuration:
 # BrowseLDAPBindDN cn=cups-browsed,dc=domain,dc=tld
 # BrowseLDAPCACertFile /path/to/server/certificate.pem
 # BrowseLDAPDN ou=printers,dc=domain,dc=tld
 # BrowseLDAPFilter (printerLocation=/Office 1/*)
 # BrowseLDAPPassword s3cret
 # BrowseLDAPServer ldaps://ldap.domain.tld
 # Use DomainSocket to access the local CUPS daemon via another than the
 # default domain socket. "None" or "Off" lets cups-browsed not use CUPS'
 # domain socket.
 # DomainSocket /var/run/cups/cups.sock
 # DomainSocket None
 # DomainSocket Off
 # Set HTTP timeout (in seconds) for requests sent to local/remote
 # resources Note that too short timeouts can make services getting
 # missed when they are present and operations be unneccesarily
 # repeated and too long timeouts can make operations take too long
 # when the server does not respond.
 # HttpLocalTimeout 5
 # HttpRemoteTimeout 10
 # Set OnlyUnsupportedByCUPS to "Yes" will make cups-browsed not create
 # local queues for remote printers for which CUPS creates queues by
 # itself.  These printers are printers advertised via DNS-SD and doing
 # CUPS-supported (currently PWG Raster and Apple Raster) driverless
 # printing, including remote CUPS queues. Queues for other printers
 # (like for legacy PostScript/PCL printers) are always created
 # (depending on the other configuration settings of cups-browsed).
 # With OnlyUnsupportedByCUPS set to "No", cups-browsed creates queues
 # for all printers which it supports, including printers for which
 # CUPS would create queues by itself. Temporary queues created by CUPS
 # will get overwritten. This way it is assured that any extra
 # functionality of cups-browsed will apply to these queues. As queues
 # created by cups-browsed are permanent CUPS queues this setting is
 # also recommended if applications/print dialogs which do not support
 # temporary CUPS queues are installed. This setting is the default.
 # OnlyUnsupportedByCUPS Yes
 # With UseCUPSGeneratedPPDs set to "Yes" cups-browsed creates queues
 # for IPP printers with PPDs generated by the PPD generator of CUPS
 # and not with the one of cups-browsed. So any new development in
 # CUPS' PPD generator gets available. As CUPS' PPD generator is not
 # directly accessible, we need to make CUPS generate a temporary print
 # queue with the desired PPD. Therefore we can only use these PPDs
 # when our queue replaces a temporary CUPS queue, meaning that the
 # queue is for a printer on which CUPS supports driverless printing
 # (IPP 2.x, PDLs: PDF, PWG Raster, and/or Apple Raster) and that its
 # name is the same as CUPS uses for the temporary queue
 # ("LocalQueueNamingIPPPrinter DNS-SD" must be set). The directive
 # applies only to IPP printers, not to remote CUPS queues, to not
 # break clustering. Setting this directive to "No" lets cups-browsed
 # generate the PPD file. Default setting is "Yes".
 # UseCUPSGeneratedPPDs No
 # With the directives LocalQueueNamingRemoteCUPS and
 # LocalQueueNamingIPPPrinter you can determine how the names for local
 # queues generated by cups-browsed are generated, separately for
 # remote CUPS printers and IPP printers.
 # DNS-SD (the default in both cases) bases the naming on the service
 # name of the printer's advertised DNS-SD record. This is exactly the
 # same naming scheme as CUPS uses for its temporary queues, so the
 # local queue from cups-browsed prevents CUPS from listing and
 # creating an additional queue. As DNS-SD service names have to be
 # unique, queue names of printers from different servers will also be
 # unique and so there is no automatic clustering for load-balanced
 # printing.
 # MakeModel bases the queue name on the printer's manufacturer and
 # model names. This scheme cups-browsed used formerly for IPP
 # printers.
 # RemoteName is only available for remote CUPS queues and uses the
 # name of the queue on the remote CUPS server as the local queue's
 # name. This makes printers on different CUPS servers with equal queue
 # names automatically forming a load-balancing cluster as CUPS did
 # formerly (CUPS 1.5.x and older) with CUPS-broadcasted remote
 # printers. This scheme cups-browsed used formerly for remote CUPS
 # printers.
 # LocalQueueNamingRemoteCUPS DNS-SD
 # LocalQueueNamingRemoteCUPS MakeModel
 LocalQueueNamingRemoteCUPS RemoteName
 # LocalQueueNamingIPPPrinter DNS-SD
 # LocalQueueNamingIPPPrinter MakeModel
 # Set IPBasedDeviceURIs to "Yes" if cups-browsed should create its
 # local queues with device URIs with the IP addresses instead of the
 # host names of the remote servers. This mode is there for any
 # problems with host name resolution in the network, especially also
 # if avahi-daemon is only run for printer discovery and already
 # stopped while still printing. By default this mode is turned off,
 # meaning that we use URIs with host names.
 # If you prefer IPv4 or IPv6 IP addresses in the URIs, you can set
 # IPBasedDeviceURIs to "IPv4" to only get IPv4 IP addresses or
 # IPBasedDeviceURIs to "IPv6" to only get IPv6 IP addresses.
 # IPBasedDeviceURIs No
 # IPBasedDeviceURIs Yes
 # IPBasedDeviceURIs IPv4
 # IPBasedDeviceURIs IPv6
 # Set CreateRemoteRawPrinterQueues to "Yes" to let cups-browsed also
 # create local queues pointing to remote raw CUPS queues. Normally,
 # only queues pointing to remote queues with PPD/driver are created
 # as we do not use drivers on the client side, but in some cases
 # accessing a remote raw queue can make sense, for example if the
 # queue forwards the jobs by a special backend like Tea4CUPS.
 # CreateRemoteRawPrinterQueues Yes
 # cups-browsed by default creates local print queues for each shared
 # CUPS print queue which it discovers on remote machines in the local
 # network(s). Set CreateRemoteCUPSPrinterQueues to "No" if you do not
 # want cups-browsed to do this. For example you can set cups-browsed
 # to only create queues for IPP network printers setting
 # CreateIPPPrinterQueues not to "No" and CreateRemoteCUPSPrinterQueues
 # to "No".
 # CreateRemoteCUPSPrinterQueues No
 # Set CreateIPPPrinterQueues to "All" to let cups-browsed discover IPP
 # network printers (native printers, not CUPS queues) with known page
 # description languages (PWG Raster, PDF, PostScript, PCL XL, PCL
 # 5c/e) in the local network and auto-create print queues for them.
 # Set CreateIPPPrinterQueues to "Everywhere" to let cups-browsed
 # discover IPP Everywhere printers in the local network (native
 # printers, not CUPS queues) and auto-create print queues for them.
 # Set CreateIPPPrinterQueues to "AppleRaster" to let cups-browsed
 # discover Apple Raster printers in the local network (native
 # printers, not CUPS queues) and auto-create print queues for them.
 # Set CreateIPPPrinterQueues to "Driverless" to let cups-browsed
 # discover printers designed for driverless use (currently IPP
 # Everywhere and Apple Raster) in the local network (native printers,
 # not CUPS queues) and auto-create print queues for them.
 # Set CreateIPPPrinterQueues to "LocalOnly" to auto-create print
 # queues only for local printers made available as IPP printers. These
 # are for example IPP-over-USB printers, made available via
 # ippusbxd. This is the default.
 # Set CreateIPPPrinterQueues to "No" to not auto-create print queues
 # for IPP network printers.
 # If queues with PPD file are created (see IPPPrinterQueueType
 # directive below) the PPDs are auto-generated by cups-browsed based
 # on properties of the printer polled via IPP. In case of missing
 # information, info from the Bonjour record is used asd as last mean
 # default values.
 # If queues without PPD (see IPPPrinterQueueType directive below) are
 # created clients have to IPP-poll the capabilities of the printer and
 # send option settings as standard IPP attributes. Then we do not poll
 # the capabilities by ourselves to not wake up the printer from
 # power-saving mode when creating the queues. Jobs have to be sent in
 # one of PDF, PWG Raster, or JPEG format. Other formats are not
 # accepted.
 # This functionality is primarily for mobile devices running
 # CUPS to not need a printer setup tool nor a collection of printer
 # drivers and PPDs.
 # CreateIPPPrinterQueues No
 # CreateIPPPrinterQueues LocalOnly
 # CreateIPPPrinterQueues Everywhere
 # CreateIPPPrinterQueues AppleRaster
 # CreateIPPPrinterQueues Everywhere AppleRaster
 # CreateIPPPrinterQueues Driverless
 CreateIPPPrinterQueues All
 # If cups-browsed is automatically creating print queues for native
 # IPP network printers ("CreateIPPPrinterQueues Yes"), the type of
 # queue to be created can be selected by the "IPPPrinterQueueType"
 # directive. The "PPD" (default) setting makes queues with PPD file
 # being created. With "Interface" or "NoPPD" the queue is created with
 # a System V interface script (Not supported with CUPS 2.2.x or
 # later). "Auto" is for backward compatibility and also lets queues
 # with PPD get created.
 # IPPPrinterQueueType PPD
 # IPPPrinterQueueType NoPPD
 # IPPPrinterQueueType Interface
 # IPPPrinterQueueType Auto
 # The NewIPPPrinterQueuesShared directive determines whether a print
 # queue for a newly discovered IPP network printer (not remote CUPS
 # queue) will be shared to the local network or not. This is only
 # valid for newly discovered printers. For printers discovered in an
 # earlier cups-browsed session, cups-browsed will remember whether the
 # printer was shared, so changes by the user get conserved. Default is
 # not to share newly discovered IPP printers.
 # NewIPPPrinterQueuesShared Yes
 # If there is more than one remote CUPS printer whose local queue
 # would get the same name and AutoClustering is set to "Yes" (the
 # default) only one local queue is created which makes up a
 # load-balancing cluster of the remote printers which would get this
 # queue name (implicit class). This means that when several jobs are
 # sent to this queue they get distributed between the printers, using
 # the method chosen by the LoadBalancing directive.
 # Note that the forming of clusters depends on the naming scheme for
 # local queues created by cups-browsed. If you have set
 # LocalQueueNamingRemoteCUPS to "DNSSD" you will not get automatic
 # clustering as the DNS-SD service names are always unique. With
 # LocalQueueNamingRemoteCUPS set to "RemoteName" local queues are
 # named as the CUPS queues on the remote servers are named and so
 # equally named queues on different servers get clustered (this is how
 # CUPS did it in version 1.5.x or older). LocalQueueNamingRemoteCUPS
 # set to "MakeModel" makes remote printers of the same model get
 # clustered. Note that then a cluster can contain more than one queue
 # of the same server.
 # With AutoClustering set to "No", for each remote CUPS printer an
 # individual local queue is created, and to avoid name clashes when
 # using the LocalQueueNamingRemoteCUPS settings "RemoteName" or
 # "MakeModel" "@<server name>" is added to the local queue name.
 # Only remote CUPS printers get clustered, not IPP network printers or
 # IPP-over-USB printers.
 # AutoClustering Yes
 # AutoClustering No
 # Load-balancing printer cluster formation can also be manually
 # controlled by defining explicitly which remote CUPS printers should
 # get clustered together.
 # This is done by the "Cluster" directive:
 # Cluster <QUEUENAME>: <EXPRESSION1> <EXPRESSION2> ...
 # Cluster <QUEUENAME>
 # If no expressions are given, <QUEUENAME> is used as the first and
 # only expression for this cluster.
 # Discovered printers are matched against all the expressions of all
 # defined clusters. The first expression which matches the discovered
 # printer determines to which cluster it belongs. Note that this way a
 # printer can only belong to one cluster. Once matched, further
 # cluster definitions will not checked any more.
 # With the first printer matching a cluster's expression a local queue
 # with the name <QUEUENAME> is created. If more printers are
 # discovered and match this cluster, they join the cluster. Printing
 # to this queue prints to all these printers in a load-balancing
 # manner, according to to the setting of the LoadBalancing directive.
 # Each expression must be a string of characters without spaces. If
 # spaces are needed, replace them by underscores ('_').
 # An expression can be matched in three ways:
 # 1. By the name of the CUPS queue on the remote server
 # 2. By make and model name of the remote printer
 # 3. By the DNS-SD service name of the remote printer
 # Note that the matching is done case-insensitively and any group of
 # non-alphanumerical characters is replaced by a single underscore.
 # So if an expression is "HP_DeskJet_2540" and the remote server
 # reports "hp Deskjet-2540" the printer gets matched to this cluster.
 # If "AutoClustering" is not set to "No" both your manual cluster
 # definitions will be followed and automatic clustering of
 # equally-named remote queues will be performed. If a printer matches
 # in both categories the match to the manually defined cluster has
 # priority. Automatic clustering of equally-named remote printers is
 # not performed if there is a manually defined cluster with this name
 # (at least as the printers do not match this cluster).
 # Examples:
 # To cluster all remote CUPS queues named "laserprinter" in your local
 # network but not cluster any other equally-named remote CUPS printers
 # use (Local queue will get named "laserprinter"):
 # AutoClustering No
 # Cluster laserprinter
 # To cluster all remote CUPS queues of HP LaserJet 4050 printers in a
 # local queue named "LJ4050":
 # Cluster LJ4050: HP_LaserJet_4050
 # As DNS-SD service names are unique in a network you can create a
 # cluster from exactly specified printers (spaces replaced by
 # underscors):
 # Cluster hrdep: oldlaser_@_hr-server1 newlaser_@_hr-server2
 # The LoadBalancing directive switches between two methods of handling
 # load balancing between equally-named remote queues which are
 # represented by one local print queue making up a cluster of them
 # (implicit class).
 # The two methods are:
 # Queuing of jobs on the client (LoadBalancing QueueOnClient):
 # Here we queue up the jobs on the client and regularly check the
 # clustered remote print queues. If we find an idle queue, we pass
 # on a job to it.
 # This is also the method which CUPS uses for classes. Advantage is a
 # more even distribution of the job workload on the servers
 # (especially if the printing speed of the servers is very different),
 # and if a server fails, there are not several jobs stuck or
 # lost. Disadvantage is that if one takes the client (laptop, mobile
 # phone, ...) out of the local network, printing stops with the jobs
 # waiting in the local queue.
 # Queuing of jobs on the servers (LoadBalancing QueueOnServers):
 # Here we check the number of jobs on each of the clustered remote
 # printers and send an incoming job immediately to the remote printer
 # with the lowest amount of jobs in its queue. This way no jobs queue
 # up locally, all jobs which are waiting are waiting on one of the
 # remote servers.
 # Not having jobs waiting locally has the advantage that we can take
 # the local machine from the network and all jobs get printed.
 # Disadvantage is that if a server with a full queue of jobs goes
 # away, the jobs go away, too.
 # Default is queuing the jobs on the client as this is what CUPS does
 # with classes.
 # LoadBalancing QueueOnClient
 # LoadBalancing QueueOnServers
 # With the DefaultOptions directive one or more option settings can be
 # defined to be applied to every print queue newly created by
 # cups-browsed. Each option is supplied as one supplies options with
 # the "-o" command line argument to the "lpadmin" command (Run "man
 # lpadmin" for more details). More than one option can be supplied
 # separating the options by spaces. By default no option settings are
 # pre-defined.
 # Note that print queues which cups-browsed already created before
 # remember their previous settings and so these settings do not get
 # applied.
 # DefaultOptions Option1=Value1 Option2=Value2 Option3 noOption4
 # The AutoShutdown directive specifies whether cups-browsed should
 # automatically terminate when it has no local raw queues set up
 # pointing to any discovered remote printers or no jobs on such queues
 # depending on AutoShutdownOn setting (auto shutdown mode). Setting it
 # to "On" activates the auto-shutdown mode, setting it to "Off"
 # deactiivates it (the default). The special mode "avahi" turns auto
 # shutdown off while avahi-daemon is running and on when avahi-daemon
 # stops. This allows running cups-browsed on-demand when avahi-daemon
 # is run on-demand.
 # AutoShutdown Off
 # AutoShutdown On
 # AutoShutdown avahi
 # The AutoShutdownOn directive determines what event cups-browsed
 # considers as inactivity in auto shutdown mode. "NoQueues" (the
 # default) means that auto shutdown is initiated when there are no
 # queues for discovered remote printers generated by cups-browsed any
 # more. "NoJobs" means that all queues generated by cups-browsed are
 # without jobs.
 # AutoShutdownOn NoQueues
 # AutoShutdownOn NoJobs
 # The AutoShutdownTimeout directive specifies after how many seconds
 # without local raw queues set up pointing to any discovered remote
 # printers or jobs on these queues cups-browsed should actually shut
 # down in auto shutdown mode. Default is 30 seconds, 0 means immediate
 # shutdown.
 # AutoShutdownTimeout 30
--- a/cups/cups-files.conf
+++ b/cups/cups-files.conf
@@ -1,93 +0,0 @@
 #
 # File/directory/user/group configuration file for the CUPS scheduler.
 # See "man cups-files.conf" for a complete description of this file.
 #
 # List of events that are considered fatal errors for the scheduler...
 #FatalErrors config
 # Do we call fsync() after writing configuration or status files?
 #SyncOnClose Yes
 # Default user and group for filters/backends/helper programs; this cannot be
 # any user or group that resolves to ID 0 for security reasons...
 #User lp
 #Group lp
 # Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
 # This cannot contain the Group value for security reasons...
 SystemGroup sys root wheel
 # User that is substituted for unauthenticated (remote) root accesses...
 #RemoteRoot remroot
 # Do we allow file: device URIs other than to /dev/null?
 #FileDevice No
 # Permissions for configuration and log files...
 #ConfigFilePerm 0640
 #LogFilePerm 00600
 # Location of the file logging all access to the scheduler; may be the name
 # "syslog" (syslog means systemd journal by default). If not an absolute path, the value of ServerRoot is used as the
 # root directory.  Also see the "AccessLogLevel" directive in cupsd.conf.
 AccessLog syslog
 # Location of cache files used by the scheduler...
 #CacheDir /var/cache/cups
 # Location of data files used by the scheduler...
 #DataDir /usr/share/cups
 # Location of the static web content served by the scheduler...
 #DocumentRoot /usr/share/cups/www
 # Location of the file logging all messages produced by the scheduler and any
 # helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
 # of ServerRoot is used as the root directory.  Also see the "LogLevel"
 # directive in cupsd.conf.
 ErrorLog syslog
 # Location of fonts used by older print filters...
 #FontPath /usr/share/cups/fonts
 # Location of LPD configuration
 #LPDConfigFile 
 # Location of the file logging all pages printed by the scheduler and any
 # helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
 # of ServerRoot is used as the root directory.  Also see the "PageLogFormat"
 # directive in cupsd.conf.
 PageLog syslog
 # Location of the file listing all of the local printers...
 #Printcap /etc/printcap
 # Format of the Printcap file...
 #PrintcapFormat bsd
 #PrintcapFormat plist
 #PrintcapFormat solaris
 # Location of all spool files...
 #RequestRoot /var/spool/cups
 # Location of helper programs...
 #ServerBin /usr/lib/cups
 # SSL/TLS keychain for the scheduler...
 #ServerKeychain ssl
 # Location of other configuration files...
 #ServerRoot /etc/cups
 # Location of Samba configuration file...
 #SMBConfigFile 
 # Location of scheduler state files...
 #StateDir /var/run/cups
 # Location of scheduler/helper temporary files. This directory is emptied on
 # scheduler startup and cannot be one of the standard (public) temporary
 # directory locations for security reasons...
 #TempDir /var/spool/cups/tmp
--- a/cups/cups-files.conf.default
+++ b/cups/cups-files.conf.default
@@ -1,93 +0,0 @@
 #
 # File/directory/user/group configuration file for the CUPS scheduler.
 # See "man cups-files.conf" for a complete description of this file.
 #
 # List of events that are considered fatal errors for the scheduler...
 #FatalErrors config
 # Do we call fsync() after writing configuration or status files?
 #SyncOnClose Yes
 # Default user and group for filters/backends/helper programs; this cannot be
 # any user or group that resolves to ID 0 for security reasons...
 #User lp
 #Group lp
 # Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
 # This cannot contain the Group value for security reasons...
 SystemGroup sys root wheel
 # User that is substituted for unauthenticated (remote) root accesses...
 #RemoteRoot remroot
 # Do we allow file: device URIs other than to /dev/null?
 #FileDevice No
 # Permissions for configuration and log files...
 #ConfigFilePerm 0640
 #LogFilePerm 00600
 # Location of the file logging all access to the scheduler; may be the name
 # "syslog" (syslog means systemd journal by default). If not an absolute path, the value of ServerRoot is used as the
 # root directory.  Also see the "AccessLogLevel" directive in cupsd.conf.
 AccessLog syslog
 # Location of cache files used by the scheduler...
 #CacheDir /var/cache/cups
 # Location of data files used by the scheduler...
 #DataDir /usr/share/cups
 # Location of the static web content served by the scheduler...
 #DocumentRoot /usr/share/cups/www
 # Location of the file logging all messages produced by the scheduler and any
 # helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
 # of ServerRoot is used as the root directory.  Also see the "LogLevel"
 # directive in cupsd.conf.
 ErrorLog syslog
 # Location of fonts used by older print filters...
 #FontPath /usr/share/cups/fonts
 # Location of LPD configuration
 #LPDConfigFile 
 # Location of the file logging all pages printed by the scheduler and any
 # helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
 # of ServerRoot is used as the root directory.  Also see the "PageLogFormat"
 # directive in cupsd.conf.
 PageLog syslog
 # Location of the file listing all of the local printers...
 #Printcap /etc/printcap
 # Format of the Printcap file...
 #PrintcapFormat bsd
 #PrintcapFormat plist
 #PrintcapFormat solaris
 # Location of all spool files...
 #RequestRoot /var/spool/cups
 # Location of helper programs...
 #ServerBin /usr/lib/cups
 # SSL/TLS keychain for the scheduler...
 #ServerKeychain ssl
 # Location of other configuration files...
 #ServerRoot /etc/cups
 # Location of Samba configuration file...
 #SMBConfigFile 
 # Location of scheduler state files...
 #StateDir /var/run/cups
 # Location of scheduler/helper temporary files. This directory is emptied on
 # scheduler startup and cannot be one of the standard (public) temporary
 # directory locations for security reasons...
 #TempDir /var/spool/cups/tmp
--- a/cups/cupsd.conf
+++ b/cups/cupsd.conf
@@ -1,192 +0,0 @@
 MaxLogSize 0
 #
 # Configuration file for the CUPS scheduler.  See "man cupsd.conf" for a
 # complete description of this file.
 #
 # Log general information in error_log - change "warn" to "debug"
 # for troubleshooting...
 LogLevel warn
 # Only listen for connections from the local machine.
 Listen localhost:631
 Listen /var/run/cups/cups.sock
 # Show shared printers on the local network.
 Browsing On
 BrowseLocalProtocols dnssd
 # Default authentication type, when authentication is required...
 DefaultAuthType Basic
 # Web interface setting...
 WebInterface Yes
 # Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)
 IdleExitTimeout 0
 # Restrict access to the server...
 <Location />
  Order allow,deny
 </Location>
 # Restrict access to the admin pages...
 <Location /admin>
  Order allow,deny
 </Location>
 # Restrict access to configuration files...
 <Location /admin/conf>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
 </Location>
 # Restrict access to log files...
 <Location /admin/log>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
 </Location>
 # Set the default printer/job policies...
 <Policy default>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default
  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    Order deny,allow
  </Limit>
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit CUPS-Get-Document>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit All>
    Order deny,allow
  </Limit>
 </Policy>
 # Set the authenticated printer/job policies...
 <Policy authenticated>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default
  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    AuthType Default
    Order deny,allow
  </Limit>
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit All>
    Order deny,allow
  </Limit>
 </Policy>
 # Set the kerberized printer/job policies...
 <Policy kerberos>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default
  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    AuthType Negotiate
    Order deny,allow
  </Limit>
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
    AuthType Negotiate
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    AuthType Negotiate
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit All>
    Order deny,allow
  </Limit>
 </Policy>
--- a/cups/cupsd.conf.default
+++ b/cups/cupsd.conf.default
@@ -1,192 +0,0 @@
 MaxLogSize 0
 #
 # Configuration file for the CUPS scheduler.  See "man cupsd.conf" for a
 # complete description of this file.
 #
 # Log general information in error_log - change "warn" to "debug"
 # for troubleshooting...
 LogLevel warn
 # Only listen for connections from the local machine.
 Listen localhost:631
 Listen /var/run/cups/cups.sock
 # Show shared printers on the local network.
 Browsing On
 BrowseLocalProtocols dnssd
 # Default authentication type, when authentication is required...
 DefaultAuthType Basic
 # Web interface setting...
 WebInterface Yes
 # Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)
 IdleExitTimeout 0
 # Restrict access to the server...
 <Location />
  Order allow,deny
 </Location>
 # Restrict access to the admin pages...
 <Location /admin>
  Order allow,deny
 </Location>
 # Restrict access to configuration files...
 <Location /admin/conf>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
 </Location>
 # Restrict access to log files...
 <Location /admin/log>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
 </Location>
 # Set the default printer/job policies...
 <Policy default>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default
  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    Order deny,allow
  </Limit>
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit CUPS-Get-Document>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit All>
    Order deny,allow
  </Limit>
 </Policy>
 # Set the authenticated printer/job policies...
 <Policy authenticated>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default
  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    AuthType Default
    Order deny,allow
  </Limit>
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    AuthType Default
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit All>
    Order deny,allow
  </Limit>
 </Policy>
 # Set the kerberized printer/job policies...
 <Policy kerberos>
  # Job/subscription privacy...
  JobPrivateAccess default
  JobPrivateValues default
  SubscriptionPrivateAccess default
  SubscriptionPrivateValues default
  # Job-related operations must be done by the owner or an administrator...
  <Limit Create-Job Print-Job Print-URI Validate-Job>
    AuthType Negotiate
    Order deny,allow
  </Limit>
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
    AuthType Negotiate
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>
  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    AuthType Negotiate
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>
  <Limit All>
    Order deny,allow
  </Limit>
 </Policy>
--- a/cups/lpoptions
+++ b/cups/lpoptions
--- a/cups/printers.conf
+++ b/cups/printers.conf
--- a/cups/snmp.conf
+++ b/cups/snmp.conf
@@ -1,7 +0,0 @@
 #
 # SNMP configuration file for CUPS.  See "man cups-snmp.conf" for a complete
 # description of this file.
 #
 Address @LOCAL
 Community public
--- a/cups/snmp.conf.default
+++ b/cups/snmp.conf.default
@@ -1,7 +0,0 @@
 #
 # SNMP configuration file for CUPS.  See "man cups-snmp.conf" for a complete
 # description of this file.
 #
 Address @LOCAL
 Community public
--- a/dbus-1/system.d/avahi-dbus.conf
+++ b/dbus-1/system.d/avahi-dbus.conf
@@ -1,32 +0,0 @@
 <!DOCTYPE busconfig PUBLIC
          "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
          "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
 <busconfig>
  <!-- Only root or user avahi can own the Avahi service -->
  <policy user="avahi">
    <allow own="org.freedesktop.Avahi"/>
  </policy>
  <policy user="root">
    <allow own="org.freedesktop.Avahi"/>
  </policy>
  <!-- Allow anyone to invoke methods on Avahi server, except SetHostName -->
  <policy context="default">
    <allow send_destination="org.freedesktop.Avahi"/>
    <allow receive_sender="org.freedesktop.Avahi"/>
    <deny send_destination="org.freedesktop.Avahi"
          send_interface="org.freedesktop.Avahi.Server" send_member="SetHostName"/>
  </policy>
  <!-- Allow everything, including access to SetHostName to users of the group "avahi" -->
  <policy group="avahi">
    <allow send_destination="org.freedesktop.Avahi"/>
    <allow receive_sender="org.freedesktop.Avahi"/>
  </policy>
  <policy user="root">
    <allow send_destination="org.freedesktop.Avahi"/>
    <allow receive_sender="org.freedesktop.Avahi"/>
  </policy>
 </busconfig>
--- a/dbus-1/system.d/cups.conf
+++ b/dbus-1/system.d/cups.conf
@@ -1,13 +0,0 @@
 <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
 <busconfig>
  <!-- Only root can send this message -->
  <policy user="root">
    <allow send_interface="com.redhat.PrinterSpooler"/>
  </policy>
  <!-- Allow any connection to receive the message -->
  <policy context="default">
    <allow receive_interface="com.redhat.PrinterSpooler"/>
  </policy>
 </busconfig>
--- a/freeipmi/freeipmi.conf
+++ b/freeipmi/freeipmi.conf
@@ -1,603 +0,0 @@
 #####################################################################################################
 #
 # FreeIPMI configuration
 #
 # The FreeIPMI configuration file can be used to set alternate default
 # values to many FreeIPMI tools so values don't have to be configured on
 # the command line.  This allows users to avoid typing in a long list of
 # command line options every time a command is executed. It can also be
 # used to hide usernames, passwords, and other sensitive information
 # from the ps(1) command.
 #
 # For more information on the fields below, please see the manpage
 # freeipmi.conf(5).
 #
 # Albert Chu
 # <chu11 at llnl dot gov>.
 #
 # P.S.  If you configure different values, remember to uncomment the line :-)
 #
 #####################################################################################################
 #
 # General Options
 #
 # The following options are options generally available to all tools,
 # although specific options may be ignored by some.
 #
 # driver-type KCS
 #
 # disable-auto-probe DISABLE
 #
 # driver-address 0xCA2
 #
 # driver-device /my/device/path
 #
 # register-spacing 1
 #
 # target-channel-number 0
 #
 # target-slave-address 0x20
 #
 # username myusername
 #
 # password mypassword
 #
 # k_g mykey
 #
 ## session-timeout specified in milliseconds
 # session-timeout 20000
 #
 ## retransmission-timeout specified in milliseconds
 # retransmission-timeout 1000
 #
 # authentication-type MD5
 #
 # cipher-suite-id 3
 #
 # privilege-level ADMIN
 #
 # workaround-flags workaround1 workaround2 workaround3
 #
 #####################################################################################################
 #
 # SDR OPTIONS
 #
 # The following options are specific to tools that use the sensor data
 # repository (SDR). They will be ignored by all other tools.
 #
 # quiet-cache DISABLE
 #
 # sdr-cache-directory /my/sdr/path
 #
 #####################################################################################################
 #
 # TIME OPTIONS
 #
 # The following options are specific to tools that may output time
 # values.  They will be ignored by all other tools.
 #
 # utc-to-localtime DISABLE
 #
 # localtime-to-utc DISABLE
 #
 # utc-offset 0
 #
 #####################################################################################################
 #
 # HOSTRANGED OPTIONS
 #
 # The following options are specific to tools that support hostranged
 # output. They will be ignored by all other tools.
 #
 # buffer-output DISABLE
 #
 # consolidate-output DISABLE
 #
 # fanout 64
 #
 # eliminate DISABLE
 #
 # always-prefix DISABLE
 #
 #####################################################################################################
 #
 # BMC-CONFIG OPTIONS
 #
 # The following options are specific to bmc-config(8).  They will be
 # ignored by other tools.
 #
 # bmc-config-username myusername
 #
 # bmc-config-password mypassword
 #
 # bmc-config-k_g mykey
 #
 # bmc-config-authentication-type MD5
 #
 # bmc-config-cipher-suite-id 3
 #
 # bmc-config-privilege-level ADMIN
 #
 # bmc-config-workaround-flags workaround1 workaround2 workaround3
 #
 # bmc-config-verbose-count 0
 #
 #####################################################################################################
 #
 # BMC-DEVICE OPTIONS
 #
 # The following options are specific to bmc-device(8).  They will be
 # ignored by other tools.
 #
 # bmc-device-username myusername
 #
 # bmc-device-password mypassword
 #
 # bmc-device-k_g mykey
 #
 # bmc-device-authentication-type MD5
 #
 # bmc-device-cipher-suite-id 3
 #
 # bmc-device-privilege-level ADMIN
 #
 # bmc-device-workaround-flags workaround1 workaround2 workaround3
 #
 #####################################################################################################
 #
 # BMC-INFO OPTIONS
 #
 # The following options are specific to bmc-info(8).  They will be
 # ignored by other tools.
 #
 # bmc-info-username myusername
 #
 # bmc-info-password mypassword
 #
 # bmc-info-k_g mykey
 #
 # bmc-info-authentication-type MD5
 #
 # bmc-info-cipher-suite-id 3
 #
 # bmc-info-privilege-level USER
 #
 # bmc-info-workaround-flags workaround1 workaround2 workaround3
 #
 # bmc-info-interpret-oem-data DISABLE
 #
 #####################################################################################################
 #
 # BMC-WATCHDOG OPTIONS
 #
 # The following options are specific to bmc-watchdog(8).  They will be
 # ignored by other tools.
 #
 # bmc-watchdog-workaround-flags workaround1 workaround2 workaround3
 #
 # bmc-watchdog-verbose-logging DISABLE
 #
 # bmc-watchdog-no-logging DISABLE
 #
 #####################################################################################################
 #
 # IPMI-CHASSIS OPTIONS
 #
 # The following options are specific to ipmi-chassis(8).  They will be
 # ignored by other tools.
 #
 # ipmi-chassis-username myusername
 #
 # ipmi-chassis-password mypassword
 #
 # ipmi-chassis-k_g mykey
 #
 # ipmi-chassis-authentication-type MD5
 #
 # ipmi-chassis-cipher-suite-id 3
 #
 # ipmi-chassis-privilege-level ADMIN
 #
 # ipmi-chassis-workaround-flags workaround1 workaround2 workaround3
 #
 #####################################################################################################
 #
 # IPMI-CHASSIS-CONFIG OPTIONS
 #
 # The following options are specific to ipmi-chassis-config(8).  They will be
 # ignored by other tools.
 #
 # ipmi-chassis-config-username myusername
 #
 # ipmi-chassis-config-password mypassword
 #
 # ipmi-chassis-config-k_g mykey
 #
 # ipmi-chassis-config-authentication-type MD5
 #
 # ipmi-chassis-config-cipher-suite-id 3
 #
 # ipmi-chassis-config-privilege-level ADMIN
 #
 # ipmi-chassis-config-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-chassis-config-verbose-count 0
 #
 #####################################################################################################
 #
 # IPMI-DCMI OPTIONS
 #
 # The following options are specific to ipmi-dcmi(8).  They will be
 # ignored by other tools.
 #
 # ipmi-dcmi-username myusername
 #
 # ipmi-dcmi-password mypassword
 #
 # ipmi-dcmi-k_g mykey
 #
 # ipmi-dcmi-authentication-type MD5
 #
 # ipmi-dcmi-cipher-suite-id 3
 #
 # ipmi-dcmi-privilege-level ADMIN
 #
 # ipmi-dcmi-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-dcmi-interpret-oem-data DISABLE
 #
 #####################################################################################################
 #
 # IPMI-FRU OPTIONS
 #
 # The following options are specific to ipmi-fru(8).  They will be
 # ignored by other tools.
 #
 # ipmi-fru-username myusername
 #
 # ipmi-fru-password mypassword
 #
 # ipmi-fru-k_g mykey
 #
 # ipmi-fru-authentication-type MD5
 #
 # ipmi-fru-cipher-suite-id 3
 #
 # ipmi-fru-privilege-level USER
 #
 # ipmi-fru-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-fru-verbose-count 0
 #
 # ipmi-fru-bridge-fru DISABLE
 #
 # ipmi-fru-interpret-oem-data DISABLE
 #
 #####################################################################################################
 #
 # IPMI-OEM OPTIONS
 #
 # The following options are specific to ipmi-oem(8).  They will be
 # ignored by other tools.
 #
 # ipmi-oem-username myusername
 #
 # ipmi-oem-password mypassword
 #
 # ipmi-oem-k_g mykey
 #
 # ipmi-oem-authentication-type MD5
 #
 # ipmi-oem-cipher-suite-id 3
 #
 # ipmi-oem-privilege-level ADMIN
 #
 # ipmi-oem-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-oem-verbose-count 0
 #
 #####################################################################################################
 #
 # IPMI-PEF-CONFIG OPTIONS
 #
 # The following options are specific to ipmi-pef-config(8).  They will be
 # ignored by other tools.
 #
 # ipmi-pef-config-username myusername
 #
 # ipmi-pef-config-password mypassword
 #
 # ipmi-pef-config-k_g mykey
 #
 # ipmi-pef-config-authentication-type MD5
 #
 # ipmi-pef-config-cipher-suite-id 3
 #
 # ipmi-pef-config-privilege-level ADMIN
 #
 # ipmi-pef-config-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-pef-config-verbose-count 0
 #
 #####################################################################################################
 #
 # IPMI-PET OPTIONS
 #
 # The following options are specific to ipmi-pet(8).  They will be
 # ignored by other tools.
 #
 # ipmi-pet-username myusername
 #
 # ipmi-pet-password mypassword
 #
 # ipmi-pet-k_g mykey
 #
 # ipmi-pet-authentication-type MD5
 #
 # ipmi-pet-cipher-suite-id 3
 #
 # ipmi-pet-privilege-level OPERATOR
 #
 # ipmi-pet-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-pet-verbose-count 0
 #
 # ipmi-pet-output-event-severity DISABLE
 #
 # ipmi-pet-output-event-state DISABLE
 #
 # ipmi-pet-event-state-config-file /my/event.conf
 #
 # ipmi-pet-interpret-oem-data DISABLE
 #
 # ipmi-pet-entity-sensor-names DISABLE
 #
 # ipmi-pet-no-sensor-type-output DISABLE
 #
 # ipmi-pet-comma-separated-output DISABLE
 #
 # ipmi-pet-no-header-output DISABLE
 #
 # ipmi-pet-non-abbreviated-units DISABLE
 #
 #####################################################################################################
 #
 # IPMI-RAW OPTIONS
 #
 # The following options are specific to ipmi-raw(8).  They will be
 # ignored by other tools.
 #
 # ipmi-raw-username myusername
 #
 # ipmi-raw-password mypassword
 #
 # ipmi-raw-k_g mykey
 #
 # ipmi-raw-authentication-type MD5
 #
 # ipmi-raw-cipher-suite-id 3
 #
 # ipmi-raw-privilege-level ADMIN
 #
 # ipmi-raw-workaround-flags workaround1 workaround2 workaround3
 #
 #####################################################################################################
 #
 # IPMI-SEL OPTIONS
 #
 # The following options are specific to ipmi-sel(8).  They will be
 # ignored by other tools.
 #
 # ipmi-sel-username myusername
 #
 # ipmi-sel-password mypassword
 #
 # ipmi-sel-k_g mykey
 #
 # ipmi-sel-authentication-type MD5
 #
 # ipmi-sel-cipher-suite-id 3
 #
 # ipmi-sel-privilege-level OPERATOR
 #
 # ipmi-sel-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-sel-verbose-count 0
 #
 # ipmi-sel-sensor-types temperature fan
 #
 # ipmi-sel-exclude-sensor-types temperature fan
 #
 # ipmi-sel-system-event-only DISABLE
 #
 # ipmi-sel-oem-event-only DISABLE
 #
 # ipmi-sel-output-manufacturer-id DISABLE
 #
 # ipmi-sel-output-event-state DISABLE
 #
 # ipmi-sel-event-state-config-file /my/event.conf
 #
 # ipmi-sel-interpret-oem-data DISABLE
 #
 # ipmi-sel-output-oem-event-strings DISABLE
 #
 # ipmi-sel-entity-sensor-names DISABLE
 #
 # ipmi-sel-no-sensor-type-output DISABLE
 #
 # ipmi-sel-comma-separated-output DISABLE
 #
 # ipmi-sel-no-header-output DISABLE
 #
 # ipmi-sel-non-abbreviated-units DISABLE
 #
 # ipmi-sel-legacy-output DISABLE
 #
 #####################################################################################################
 #
 # IPMI-SENSORS OPTIONS
 #
 # The following options are specific to ipmi-sensors(8).  They will be
 # ignored by other tools.
 #
 # ipmi-sensors-username myusername
 #
 # ipmi-sensors-password mypassword
 #
 # ipmi-sensors-k_g mykey
 #
 # ipmi-sensors-authentication-type MD5
 #
 # ipmi-sensors-cipher-suite-id 3
 #
 # ipmi-sensors-privilege-level OPERATOR
 #
 # ipmi-sensors-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-sensors-verbose-count 0
 #
 # ipmi-sensors-quiet-readings DISABLE
 #
 # ipmi-sensors-record-ids 1 2 3 4
 #
 # ipmi-sensors-exclude-record-ids 1 2 3 4
 #
 # ipmi-sensors-sensor-types temperature fan
 #
 # ipmi-sensors-exclude-sensor-types temperature fan
 #
 # ipmi-sensors-bridge-sensors DISABLE
 #
 # ipmi-sensors-shared-sensors DISABLE
 #
 # ipmi-sensors-interpret-oem-data DISABLE
 #
 # ipmi-sensors-ignore-not-available-sensors DISABLE
 #
 # ipmi-sensors-ignore-unrecognized-events DISABLE
 #
 # ipmi-sensors-output-event-bitmask DISABLE
 #
 # ipmi-sensors-output-sensor-state DISABLE
 #
 # ipmi-sensors-sensor-state-config-file /my/sensor.conf
 #
 # ipmi-sensors-entity-sensor-names DISABLE
 #
 # ipmi-sensors-output-sensor-thresholds DISABLE
 #
 # ipmi-sensors-no-sensor-type-output DISABLE
 #
 # ipmi-sensors-comma-separated-output DISABLE
 #
 # ipmi-sensors-no-header-output DISABLE
 #
 # ipmi-sensors-non-abbreviated-units DISABLE
 #
 # ipmi-sensors-legacy-output DISABLE
 #
 # ipmi-sensors-ipmimonitoring-legacy-output DISABLE
 #
 #####################################################################################################
 #
 # IPMI-SENSORS-CONFIG OPTIONS
 #
 # The following options are specific to ipmi-sensors-config(8).  They will be
 # ignored by other tools.
 #
 # ipmi-sensors-config-username myusername
 #
 # ipmi-sensors-config-password mypassword
 #
 # ipmi-sensors-config-k_g mykey
 #
 # ipmi-sensors-config-authentication-type MD5
 #
 # ipmi-sensors-config-cipher-suite-id 3
 #
 # ipmi-sensors-config-privilege-level OPERATOR
 #
 # ipmi-sensors-config-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmi-sensors-config-verbose-count 0
 #
 #####################################################################################################
 #
 # IPMICONSOLE OPTIONS
 #
 # The following options are specific to ipmiconsole(8).  They will be
 # ignored by other tools.
 #
 # ipmiconsole-username myusername
 #
 # ipmiconsole-password mypassword
 #
 # ipmiconsole-k_g mykey
 #
 # ipmiconsole-authentication-type MD5
 #
 # ipmiconsole-cipher-suite-id 3
 #
 # ipmiconsole-privilege-level ADMIN
 #
 # ipmiconsole-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmiconsole-escape-char &
 #
 # ipmiconsole-dont-steal DISABLE
 #
 # ipmiconsole-serial-keepalive DISABLE
 #
 # ipmiconsole-serial-keepalive-empty DISABLE
 #
 # ipmiconsole-lock-memory DISABLE
 #
 #####################################################################################################
 #
 # IPMIPOWER OPTIONS
 #
 # The following options are specific to ipmipower(8).  They will be
 # ignored by other tools.
 #
 # ipmipower-username myusername
 #
 # ipmipower-password mypassword
 #
 # ipmipower-k_g mykey
 #
 # ipmipower-authentication-type MD5
 #
 # ipmipower-cipher-suite-id 3
 #
 # ipmipower-privilege-level OPERATOR
 #
 # ipmipower-workaround-flags workaround1 workaround2 workaround3
 #
 # ipmipower-on-if-off DISABLE
 #
 # ipmipower-wait-until-on DISABLE
 #
 # ipmipower-wait-until-off DISABLE
 #
 # ipmipower-oem-power-type oem-power-type
 #
 ## ipmipower-retransmission-wait-timeout specified in milliseconds
 # ipmipower-retransmission-wait-timeout 500
 #
 # ipmipower-retransmission-backoff-count 8
 #
 ## ipmipower-ping-interval specified in milliseconds
 # ipmipower-ping-interval 5000
 #
 ## ipmipower-ping-timeout specified in milliseconds
 # ipmipower-ping-timeout 30000
 #
 # ipmipower-ping-packet-count 10
 #
 ## ipmipower-ping-percent specified in integer percentage
 # ipmipower-ping-percent 50
 #
 # ipmipower-ping-consec-count 5
 #
 #####################################################################################################
--- a/freeipmi/freeipmi_interpret_sel.conf
+++ b/freeipmi/freeipmi_interpret_sel.conf
--- a/freeipmi/freeipmi_interpret_sensor.conf
+++ b/freeipmi/freeipmi_interpret_sensor.conf
--- a/freeipmi/ipmidetect.conf
+++ b/freeipmi/ipmidetect.conf
@@ -1,16 +0,0 @@
 ##########################################################################################################
 #
 # IPMIdetect configuration file.
 #
 # For more information on the fields below, please see the manpage
 # ipmidetect.conf(5).
 #
 # P.S.  If you configure different values, remember to uncomment the line :-)
 #
 ##########################################################################################################
 #
 # hostnames <host1> <host2> <host3> ...
 #
 # port <num>
 #
 # timeout_len <seconds>
--- a/freeipmi/libipmiconsole.conf
+++ b/freeipmi/libipmiconsole.conf
@@ -1,73 +0,0 @@
 ##########################################################################################################
 #
 # Libipmiconsole defaults
 #
 # This configuration file defines a number of defaults for the
 # libipmiconsole library.  The configuration of these defaults may be
 # useful for environments in which programs link to libipmiconsole but
 # do not support configuration of libipmiconsole parameters.  For more
 # detailed descriptions and configuration information see
 # libipmiconsole.conf(5) or ipmiconsole.h.
 #
 # If you configure different values, remember to uncomment the line :-)
 #
 ##########################################################################################################
 #
 ## Context IPMI Config
 ##
 ## Every SOL session is housed within an libipmiconsole context.  The
 ## following defines IPMI config default values for each context
 ## created.
 #
 # libipmiconsole-context-username myusername
 #
 # libipmiconsole-context-password mypassword
 #
 # libipmiconsole-context-k_g mykey
 #
 # libipmiconsole-context-privilege-level ADMIN
 #
 # libipmiconsole-context-cipher-suite-id 3
 #
 # libipmiconsole-context-workaround-flags workaround1 workaround2
 #
 ##########################################################################################################
 #
 ## Context Protocol Config
 ##
 ## Every SOL session is housed within an libipmiconsole context.  The
 ## following defines protocol config default values for each context
 ## created.
 #
 # libipmiconsole-context-session-timeout-len 60000
 #
 # libipmiconsole-context-retransmission-timeout-len 500
 #
 # libipmiconsole-context-retransmission-backoff-count 2
 #
 # libipmiconsole-context-keepalive-timeout-len 20000
 #
 # libipmiconsole-context-retransmission-keepalive-timeout-len 5000
 #
 # libipmiconsole-context-acceptable-packet-errors-count 16
 #
 # libipmiconsole-context-maximum-retransmission-count 16
 #
 ##########################################################################################################
 #
 ## Context Engine Config
 ##
 ## Every SOL session is housed within an libipmiconsole context.  The
 ## following defines engine config default values for each context
 ## created.  Knowledge of the libipmiconsole library may be necessary
 ## to understand the meaning of these settings.  Please see the
 ## ipmiconsole.h header file for additional information on the
 ## library.
 #
 # libipmiconsole-context-engine-flags flag1 flag2
 #
 # libipmiconsole-context-behavior-flags flag1 flag2
 #
 # libipmiconsole-context-debug-flags flag1 flag2
 #
 ##########################################################################################################
--- a/logrotate.d/cups
+++ b/logrotate.d/cups
@@ -1,5 +0,0 @@
 /var/log/cups/*_log {
    missingok
    notifempty
    sharedscripts
 }
--- a/logrotate.d/netdata
+++ b/logrotate.d/netdata
@@ -1,12 +0,0 @@
 /var/log/netdata/*.log {
 	daily
 	missingok
 	rotate 14
 	compress
 	delaycompress
 	notifempty
 	sharedscripts
 	postrotate
 		/bin/kill -HUP `cat /run/netdata/netdata.pid 2>/dev/null` 2>/dev/null || true
 	endscript
 }
--- a/netdata/.install-type
+++ b/netdata/.install-type
@@ -1,3 +0,0 @@
 INSTALL_TYPE='binpkg-rpm'
 PREBUILT_ARCH='x86_64'
 PREBUILT_DISTRO=' '
--- a/netdata/edit-config
+++ b/netdata/edit-config
@@ -1,325 +0,0 @@
 #!/usr/bin/env sh
 # shellcheck disable=SC1091
 [ -f /etc/profile ] && . /etc/profile
 set -e
 script_dir="$(CDPATH="" cd -- "$(dirname -- "$0")" && pwd -P)"
 usage() {
  check_directories
  cat <<EOF
 USAGE:
  ${0} [options] FILENAME
  Copy and edit the stock config file named: FILENAME
  if FILENAME is already copied, it will be edited as-is.
  Stock config files at: '${NETDATA_STOCK_CONFIG_DIR}'
  User  config files at: '${NETDATA_USER_CONFIG_DIR}'
  The editor to use can be specified either by setting the EDITOR
  environment variable, or by using the --editor option.
  The file to edit can also be specified using the --file option.
  For a list of known config files, run '${0} --list'
 EOF
  exit 0
 }
 error() {
  echo >&2 "ERROR: ${1}"
 }
 abspath() {
  if [ -d "${1}/" ]; then
    echo "$(cd "${1}" && /usr/bin/env PWD= pwd -P)/"
  elif [ -f "${1}" ]; then
    echo "$(cd "$(dirname "${1}")" && /usr/bin/env PWD= pwd -P)/$(basename "${1}")"
  elif echo "${1}" | grep -q '/'; then
    if echo "${1}" | grep -q '^/'; then
      mkdir -p "$(dirname "${1}")"
      echo "$(cd "$(dirname "${1}")" && /usr/bin/env PWD= pwd -P)/$(basename "${1}")"
    else
      mkdir -p "${script_dir}/$(dirname "${1}")"
      echo "${script_dir}/${1}"
    fi
  else
    echo "${script_dir}/${1}"
  fi
 }
 is_prefix() {
  echo "${2}" | grep -qE "^${1}"
  return $?
 }
 check_directories() {
  if [ -f "${script_dir}/.container-hostname" ]; then
    NETDATA_USER_CONFIG_DIR="${script_dir}"
    NETDATA_STOCK_CONFIG_DIR="/usr/lib/netdata/conf.d"
    return
  fi
  if [ -e "${script_dir}/.environment" ]; then
    OLDPATH="${PATH}"
    # shellcheck disable=SC1091
    . "${script_dir}/.environment"
    PATH="${OLDPATH}"
  fi
  if [ -n "${NETDATA_PREFIX}" ] && [ -d "${NETDATA_PREFIX}/usr/lib/netdata/conf.d" ]; then
    stock_dir="${NETDATA_PREFIX}/usr/lib/netdata/conf.d"
  elif [ -n "${NETDATA_PREFIX}" ] && [ -d "${NETDATA_PREFIX}/lib/netdata/conf.d" ]; then
    stock_dir="${NETDATA_PREFIX}/lib/netdata/conf.d"
  elif [ -d "${script_dir}/../../usr/lib/netdata/conf.d" ]; then
    stock_dir="${script_dir}/../../usr/lib/netdata/conf.d"
  elif [ -d "${script_dir}/../../lib/netdata/conf.d" ]; then
    stock_dir="${script_dir}/../../lib/netdata/conf.d"
  elif [ -d "/usr/lib/netdata/conf.d" ]; then
    stock_dir="/usr/lib/netdata/conf.d"
  fi
  [ -z "${NETDATA_USER_CONFIG_DIR}" ] && NETDATA_USER_CONFIG_DIR="${script_dir}"
  [ -z "${NETDATA_STOCK_CONFIG_DIR}" ] && NETDATA_STOCK_CONFIG_DIR="${stock_dir}"
  if [ -z "${NETDATA_STOCK_CONFIG_DIR}" ]; then
    error "Unable to find stock config directory."
    exit 1
  fi
 }
 check_editor() {
  if [ -z "${editor}" ]; then
    if [ -n "${EDITOR}" ] && command -v "${EDITOR}" >/dev/null 2>&1; then
      editor="${EDITOR}"
    elif command -v editor >/dev/null 2>&1; then
      editor="editor"
    elif command -v vi >/dev/null 2>&1; then
      editor="vi"
    else
      error "Unable to find a usable editor, tried \${EDITOR} (${EDITOR}), editor, and vi."
      exit 1
    fi
  elif ! command -v "${editor}" >/dev/null 2>&1; then
    error "Unable to locate user specified editor ${editor}, is it in your PATH?"
    exit 1
  fi
 }
 running_in_container() {
  [ -e /.dockerenv ] && return 0
  [ -e /.dockerinit ] && return 0
  [ -r /proc/1/environ ] && tr '\000' '\n' </proc/1/environ | grep -Eiq '^container=podman' && return 0
  grep -qF -e /docker/ -e /libpod- /proc/self/cgroup 2>/dev/null && return 0
 }
 get_docker_command() {
  if [ -x "${docker}" ]; then
    return 0
  elif command -v docker >/dev/null 2>&1; then
    docker="$(command -v docker)"
  elif command -v podman >/dev/null 2>&1; then
    docker="$(command -v podman)"
  else
    error "Unable to find a usable container tool stack. I support Docker and Podman."
    exit 1
  fi
 }
 run_in_container() {
  ${docker} exec "${1}" /bin/sh -c "${2}" || return 1
  return 0
 }
 check_for_container() {
  get_docker_command
  ${docker} container inspect "${1}" >/dev/null 2>&1 || return 1
  run_in_container "${1}" "[ -d \"${NETDATA_STOCK_CONFIG_DIR}\" ]" >/dev/null 2>&1 || return 1
  return 0
 }
 handle_container() {
  if running_in_container; then
    return 0
  elif [ -z "${container}" ] && [ -f "${script_dir}/.container-hostname" ]; then
    echo >&2 "Autodetected containerized Netdata instance. Attempting to autodetect container ID."
    possible_container="$(cat "${script_dir}/.container-hostname")"
    if check_for_container "${possible_container}"; then
      container="${possible_container}"
    elif check_for_container netdata; then
      container="netdata"
    else
      error "Could not autodetect container ID. It must be supplied on the command line with the --container option."
      exit 1
    fi
    echo >&2 "Found Netdata container with ID or name ${container}"
  elif [ -n "${container}" ]; then
    if ! check_for_container "${container}"; then
      error "No container with ID or name ${container} exists."
      exit 1
    fi
  fi
 }
 list_files() {
  check_directories
  handle_container
  if test -t && command -v tput > /dev/null 2>&1; then
    width="$(tput cols)"
  fi
  if [ -z "${container}" ]; then
    if [ "$(uname -s)" = "Linux" ]; then
      # shellcheck disable=SC2046,SC2086
      files="$(cd "${NETDATA_STOCK_CONFIG_DIR}" && ls ${width:+-C} ${width:+-w ${width}} $(find . -type f | cut -d '/' -f 2-))"
    elif [ "$(uname -s)" = "FreeBSD" ]; then
      if [ -n "${width}" ]; then
        export COLUMNS="${width}"
      fi
      # shellcheck disable=SC2046
      files="$(cd "${NETDATA_STOCK_CONFIG_DIR}" && ls ${width:+-C} $(find . -type f | cut -d '/' -f 2-))"
    else
      # shellcheck disable=SC2046
      files="$(cd "${NETDATA_STOCK_CONFIG_DIR}" && ls $(find . -type f | cut -d '/' -f 2-))"
    fi
  else
    files="$(run_in_container "${container}" "cd /usr/lib/netdata/conf.d && ls ${width:+-C} ${width:+-w ${width}} \$(find . -type f | cut -d '/' -f 2-)")"
  fi
  if [ -z "${files}" ]; then
    error "Failed to find any configuration files."
    exit 1
  fi
  cat <<EOF
 The following configuration files are known to this script:
 ${files}
 EOF
  exit 0
 }
 parse_args() {
  while [ -n "${1}" ]; do
    case "${1}" in
      "--help") usage ;;
      "--list") list_files ;;
      "--file")
        if [ -n "${2}" ]; then
          file="${2}"
          shift 1
        else
          error "No file specified to edit."
          exit 1
        fi
        ;;
      "--container")
        if [ -n "${2}" ]; then
          container="${2}"
          shift 1
        else
          error "No container ID or name specified with the --container option."
          exit 1
        fi
        ;;
      "--editor")
        if [ -n "${2}" ]; then
          editor="${2}"
          shift 1
        else
          error "No editor specified with the --editor option."
          exit 1
        fi
        ;;
      *)
        if [ -z "${2}" ]; then
          file="${1}"
        else
          error "Unrecognized option ${1}."
          exit 1
        fi
        ;;
    esac
    shift 1
  done
  [ -z "${file}" ] && usage
  absfile="$(abspath "${file}")"
  if ! is_prefix "${script_dir}" "${absfile}"; then
    error "${file} is not located under ${script_dir}"
    exit 1
  fi
  file="${absfile##"${script_dir}"}"
 }
 copy_native() {
  if [ ! -w "${NETDATA_USER_CONFIG_DIR}" ]; then
    error "Cannot write to ${NETDATA_USER_CONFIG_DIR}!"
    exit 1
  fi
  if [ -f "${NETDATA_STOCK_CONFIG_DIR}/${1}" ]; then
    echo >&2 "Copying '${NETDATA_STOCK_CONFIG_DIR}/${1}' to '${NETDATA_USER_CONFIG_DIR}/${1}' ... "
    cp -p "${NETDATA_STOCK_CONFIG_DIR}/${1}" "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1
  else
    echo >&2 "Creating empty '${NETDATA_USER_CONFIG_DIR}/${1}' ... "
    touch "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1
  fi
 }
 copy_container() {
  if [ ! -w "${NETDATA_USER_CONFIG_DIR}" ]; then
    error "Cannot write to ${NETDATA_USER_CONFIG_DIR}!"
    exit 1
  fi
  if run_in_container "${container}" "[ -f \"${NETDATA_STOCK_CONFIG_DIR}/${1}\" ]"; then
    echo >&2 "Copying '${NETDATA_STOCK_CONFIG_DIR}/${1}' to '${NETDATA_USER_CONFIG_DIR}/${1}' ... "
    ${docker} cp -a "${container}:${NETDATA_STOCK_CONFIG_DIR}/${1}" "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1
  else
    echo >&2 "Creating empty '${NETDATA_USER_CONFIG_DIR}/${1}' ... "
    touch "${NETDATA_USER_CONFIG_DIR}/${1}" || exit 1
  fi
 }
 copy() {
  if [ -f "${NETDATA_USER_CONFIG_DIR}/${1}" ]; then
    return 0
  elif [ -n "${container}" ]; then
    copy_container "${1}"
  else
    copy_native "${1}"
  fi
 }
 edit() {
  echo >&2 "Editing '${1}' ..."
  # check we can edit
  if [ ! -w "${1}" ]; then
    error "Cannot write to ${1}!"
    exit 1
  fi
  "${editor}" "${1}"
  exit $?
 }
 main() {
  parse_args "${@}"
  check_directories
  check_editor
  handle_container
  copy "${file}"
  edit "${absfile}"
 }
 main "${@}"
--- a/netdata/netdata-updater.conf
+++ b/netdata/netdata-updater.conf
@@ -1,21 +0,0 @@
 # Configuration for netdata-updater.sh script.
 #
 # When run non-interactively, the updater script will delay some
 # random number of seconds up to NETDATA_UPDATER_JITTER before
 # actually running the update. The default is 3600 (one
 # hour). Most users should not need to change this.
 #NETDATA_UPDATER_JITTER="3600"
 # On systems using our native packages, the updater will by default
 # attempt to install optional plugin packages that would be installed by
 # default on clean installs if those packages are supported on the system.
 #
 # This behavior can be disabled on a per-package basis using the below
 # variables. Setting the variable to a value other than 0 will disable
 # the corresponding package (note that you still need to remove the package
 # yourself if you don0t want it, this just controls whether the updater
 # will try to ensure it’s installed or not).
 #
 # NETDATA_NO_SYSTEMD_JOURNAL controls the `netdata-plugin-systemd-journal`
 # package, which provides the systemd journal plugin for Netdata.
 #NETDATA_NO_SYSTEMD_JOURNAL="0"
--- a/netdata/netdata.conf
+++ b/netdata/netdata.conf
@@ -1,23 +0,0 @@
 # netdata configuration
 #
 # You can get the latest version of this file, using:
 #
 #  netdatacli dumpconfig > /etc/netdata/netdata.conf
 #
 # You can also download it using:
 #
 #  wget -O /etc/netdata/netdata.conf http://localhost:19999/netdata.conf
 # or
 #  curl -o /etc/netdata/netdata.conf http://localhost:19999/netdata.conf
 #
 # You can uncomment and change any of the options below.
 # The value shown in the commented settings, is the default value.
 #
 [global]
    run as user = netdata
    # default storage size - increase for longer data retention
    page cache size = 32
    dbengine multihost disk space = 256
--- a/pam.d/cups
+++ b/pam.d/cups
@@ -1,4 +0,0 @@
 #%PAM-1.0
 # Use password-auth common PAM configuration for the daemon
 auth        include     password-auth
 account     include     password-auth
--- a/systemd/system/dbus-org.freedesktop.Avahi.service
+++ b/systemd/system/dbus-org.freedesktop.Avahi.service
@@ -1 +0,0 @@
 /usr/lib/systemd/system/avahi-daemon.service
--- a/systemd/system/multi-user.target.wants/avahi-daemon.service
+++ b/systemd/system/multi-user.target.wants/avahi-daemon.service
@@ -1 +0,0 @@
 /usr/lib/systemd/system/avahi-daemon.service
--- a/systemd/system/multi-user.target.wants/cups.path
+++ b/systemd/system/multi-user.target.wants/cups.path
@@ -1 +0,0 @@
 /usr/lib/systemd/system/cups.path
--- a/systemd/system/multi-user.target.wants/cups.service
+++ b/systemd/system/multi-user.target.wants/cups.service
@@ -1 +0,0 @@
 /usr/lib/systemd/system/cups.service
--- a/systemd/system/printer.target.wants/cups.service
+++ b/systemd/system/printer.target.wants/cups.service
@@ -1 +0,0 @@
 /usr/lib/systemd/system/cups.service
--- a/systemd/system/sockets.target.wants/avahi-daemon.socket
+++ b/systemd/system/sockets.target.wants/avahi-daemon.socket
@@ -1 +0,0 @@
 /usr/lib/systemd/system/avahi-daemon.socket
--- a/systemd/system/sockets.target.wants/cups.socket
+++ b/systemd/system/sockets.target.wants/cups.socket
@@ -1 +0,0 @@
 /usr/lib/systemd/system/cups.socket
		`@@ -1 +0,0 @@`
			`/usr/lib/systemd/system/avahi-daemon.service`
		`@@ -1 +0,0 @@`
			`/usr/lib/systemd/system/avahi-daemon.socket`