bogdan/zira-etc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

saving uncommitted changes in /etc prior to dnf run

Browse Source
This commit is contained in:
Bogdan Stoica
2023-06-12 09:28:21 +03:00
parent e785e0b85d
commit c0fa2707f8
44 changed files with 4460 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
.etckeeper
View File

@@ -12,6 +12,7 @@ mkdir -p './X11/applnk'
mkdir -p './X11/xorg.conf.d'
mkdir -p './ansible/roles'
mkdir -p './authselect/custom'
mkdir -p './avahi/services'
mkdir -p './binfmt.d'
mkdir -p './cagefs/conf.d'
mkdir -p './cagefs/exclude'
@@ -19,6 +20,8 @@ mkdir -p './chkconfig.d'
mkdir -p './cl.selector/php.extensions.d'
mkdir -p './cron.weekly'
mkdir -p './crypto-policies/policies/modules'
mkdir -p './cups/ppd'
mkdir -p './cups/ssl'
mkdir -p './cxs/newusers'
mkdir -p './dbus-1/session.d'
mkdir -p './dconf/db/local.d/locks'
@@ -248,6 +251,12 @@ maybe chmod 0644 'authselect/smartcard-auth'
maybe chmod 0644 'authselect/system-auth'
maybe chmod 0644 'authselect/user-nsswitch.conf'
maybe chmod 0644 'authselect/user-nsswitch.conf.save_by_rpm'
maybe chmod 0755 'avahi'
maybe chmod 0644 'avahi/avahi-daemon.conf'
maybe chmod 0755 'avahi/etc'
maybe chmod 0644 'avahi/etc/localtime'
maybe chmod 0644 'avahi/hosts'
maybe chmod 0755 'avahi/services'
maybe chmod 0755 'awstats'
maybe chmod 0644 'awstats/awstats.192.168.1.2.conf'
maybe chmod 0644 'awstats/awstats.club3d.ro.conf'
@@ -441,6 +450,33 @@ maybe chmod 0600 'csf/ui/ui.ban'
maybe chmod 0600 'csf/version.txt'
maybe chmod 0644 'csh.cshrc'
maybe chmod 0644 'csh.login'
maybe chgrp 'lp' 'cups'
maybe chmod 0755 'cups'
maybe chgrp 'lp' 'cups/classes.conf'
maybe chmod 0600 'cups/classes.conf'
maybe chgrp 'lp' 'cups/client.conf'
maybe chmod 0644 'cups/client.conf'
maybe chmod 0644 'cups/cups-browsed.conf'
maybe chgrp 'lp' 'cups/cups-files.conf'
maybe chmod 0640 'cups/cups-files.conf'
maybe chgrp 'lp' 'cups/cups-files.conf.default'
maybe chmod 0640 'cups/cups-files.conf.default'
maybe chgrp 'lp' 'cups/cupsd.conf'
maybe chmod 0640 'cups/cupsd.conf'
maybe chgrp 'lp' 'cups/cupsd.conf.default'
maybe chmod 0640 'cups/cupsd.conf.default'
maybe chgrp 'lp' 'cups/lpoptions'
maybe chmod 0644 'cups/lpoptions'
maybe chgrp 'lp' 'cups/ppd'
maybe chmod 0755 'cups/ppd'
maybe chgrp 'lp' 'cups/printers.conf'
maybe chmod 0600 'cups/printers.conf'
maybe chgrp 'lp' 'cups/snmp.conf'
maybe chmod 0644 'cups/snmp.conf'
maybe chgrp 'lp' 'cups/snmp.conf.default'
maybe chmod 0640 'cups/snmp.conf.default'
maybe chgrp 'lp' 'cups/ssl'
maybe chmod 0700 'cups/ssl'
maybe chmod 0611 'cxs'
maybe chmod 0600 'cxs/changelog.txt'
maybe chmod 0700 'cxs/cpanelsuspend.example.pl'
@@ -489,9 +525,11 @@ maybe chmod 0644 'dbus-1/session.conf'
maybe chmod 0755 'dbus-1/session.d'
maybe chmod 0644 'dbus-1/system.conf'
maybe chmod 0755 'dbus-1/system.d'
maybe chmod 0644 'dbus-1/system.d/avahi-dbus.conf'
maybe chmod 0644 'dbus-1/system.d/com.redhat.RHSM1.Facts.conf'
maybe chmod 0644 'dbus-1/system.d/com.redhat.RHSM1.conf'
maybe chmod 0644 'dbus-1/system.d/com.redhat.tuned.conf'
maybe chmod 0444 'dbus-1/system.d/cups.conf'
maybe chmod 0644 'dbus-1/system.d/nm-dispatcher.conf'
maybe chmod 0644 'dbus-1/system.d/nm-ifcfg-rh.conf'
maybe chmod 0644 'dbus-1/system.d/oddjob-mkhomedir.conf'
@@ -923,6 +961,12 @@ maybe chmod 0755 'fonts'
maybe chmod 0755 'fonts/conf.d'
maybe chmod 0644 'fonts/conf.d/README'
maybe chmod 0644 'fonts/fonts.conf'
maybe chmod 0755 'freeipmi'
maybe chmod 0600 'freeipmi/freeipmi.conf'
maybe chmod 0644 'freeipmi/freeipmi_interpret_sel.conf'
maybe chmod 0644 'freeipmi/freeipmi_interpret_sensor.conf'
maybe chmod 0600 'freeipmi/ipmidetect.conf'
maybe chmod 0600 'freeipmi/libipmiconsole.conf'
maybe chmod 0600 'freshclam.conf'
maybe chmod 0600 'freshclam.conf.rpmnew'
maybe chown 'amavis' 'freshclam.conf.rpmsave'
@@ -3264,6 +3308,7 @@ maybe chmod 0644 'logrotate.d/aide'
maybe chmod 0644 'logrotate.d/btmp'
maybe chmod 0644 'logrotate.d/chrony'
maybe chmod 0644 'logrotate.d/clamav-unofficial-sigs'
maybe chmod 0644 'logrotate.d/cups'
maybe chmod 0644 'logrotate.d/dnf'
maybe chmod 0644 'logrotate.d/fail2ban'
maybe chmod 0640 'logrotate.d/fail2ban.rpmsave'
@@ -4912,6 +4957,7 @@ maybe chmod 0644 'pam.d/chsh'
maybe chmod 0644 'pam.d/cockpit'
maybe chmod 0644 'pam.d/config-util'
maybe chmod 0644 'pam.d/crond'
maybe chmod 0444 'pam.d/cups'
maybe chmod 0644 'pam.d/dovecot'
maybe chmod 0644 'pam.d/fingerprint-auth'
maybe chmod 0644 'pam.d/login'
@@ -5974,6 +6020,7 @@ maybe chmod 0755 'systemd/system/nfs-mountd.service.requires'
maybe chmod 0755 'systemd/system/nfs-server.service.requires'
maybe chmod 0755 'systemd/system/nginx.service.d'
maybe chmod 0755 'systemd/system/php-fpm.service.d'
maybe chmod 0755 'systemd/system/printer.target.wants'
maybe chmod 0755 'systemd/system/redis-sentinel.service.d'
maybe chmod 0644 'systemd/system/redis-sentinel.service.d/limit.conf'
maybe chmod 0755 'systemd/system/redis.service.d'
@@ -6108,6 +6155,7 @@ maybe chmod 0644 'yum.repos.d/almalinux.repo'
maybe chmod 0640 'yum.repos.d/atomic.repo'
maybe chmod 0640 'yum.repos.d/bestcrypt.repo'
maybe chmod 0644 'yum.repos.d/cert-forensics-tools.repo'
maybe chmod 0640 'yum.repos.d/crowdsec_crowdsec.repo'
maybe chmod 0644 'yum.repos.d/docker-ce.repo'
maybe chmod 0644 'yum.repos.d/elrepo.repo'
maybe chmod 0644 'yum.repos.d/epel-modular.repo'

1
X11/fontpath.d/liberation-mono-fonts Symbolic link
View File

@@ -0,0 +1 @@
/usr/share/fonts/liberation-mono

68
avahi/avahi-daemon.conf Normal file
View File

@@ -0,0 +1,68 @@
# This file is part of avahi.
#
# avahi is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# avahi is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with avahi; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
# USA.
# See avahi-daemon.conf(5) for more information on this configuration
# file!
[server]
#host-name=foo
#domain-name=local
#browse-domains=0pointer.de, zeroconf.org
use-ipv4=yes
use-ipv6=yes
#allow-interfaces=eth0
#deny-interfaces=eth1
#check-response-ttl=no
#use-iff-running=no
#enable-dbus=yes
#disallow-other-stacks=no
#allow-point-to-point=no
#cache-entries-max=4096
#clients-max=4096
#objects-per-client-max=1024
#entries-per-entry-group-max=32
ratelimit-interval-usec=1000000
ratelimit-burst=1000
[wide-area]
enable-wide-area=yes
[publish]
#disable-publishing=no
#disable-user-service-publishing=no
#add-service-cookie=no
#publish-addresses=yes
publish-hinfo=no
publish-workstation=no
#publish-domain=yes
#publish-dns-servers=192.168.50.1, 192.168.50.2
#publish-resolv-conf-dns-servers=yes
#publish-aaaa-on-ipv4=yes
#publish-a-on-ipv6=no
[reflector]
#enable-reflector=no
#reflect-ipv=no
[rlimits]
#rlimit-as=
#rlimit-core=0
#rlimit-data=8388608
#rlimit-fsize=0
#rlimit-nofile=768
#rlimit-stack=8388608
#rlimit-nproc=3

BIN
avahi/etc/localtime Normal file
View File

Binary file not shown.

27
avahi/hosts Normal file
View File

@@ -0,0 +1,27 @@
# This file is part of avahi.
#
# avahi is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# avahi is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with avahi; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
# USA.
# This file contains static ip address <-> host name mappings. These
# can be useful to publish services on behalf of a non-avahi enabled
# device. Please bear in mind that host names are expected to be
# fully qualified domain names, i.e. ending in .local!
# See avahi.hosts(5) for more information on this configuration file!
# Examples:
# 192.168.0.1 router.local
# 2001::81:1 test.local

142
csf/csf.deny
View File

@@ -15,52 +15,6 @@
# tcp/udp|in/out|s/d=port,port,...|s/d=ip
#
# See readme.txt for more information regarding advanced port filtering
34.89.192.236 # lfd: (PERMBLOCK) 34.89.192.236 (DE/Germany/Hesse/Frankfurt am Main/236.192.89.34.bc.googleusercontent.com) has had more than 2 temp blocks in the last 86400 secs - Mon Feb 27 04:34:57 2023
34.76.203.88 # lfd: (PERMBLOCK) 34.76.203.88 (BE/Belgium/Brussels Capital/Brussels/88.203.76.34.bc.googleusercontent.com) has had more than 2 temp blocks in the last 86400 secs - Mon Feb 27 07:26:03 2023
84.17.48.162 # lfd: (PERMBLOCK) 84.17.48.162 (DE/Germany/Hesse/Frankfurt am Main/unn-84-17-48-162.cdn77.com) has had more than 2 temp blocks in the last 86400 secs - Sat Mar 25 02:59:09 2023
78.38.80.246 # lfd: (PERMBLOCK) 78.38.80.246 (IR/Iran/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 13:14:07 2023
197.5.145.30 # lfd: (PERMBLOCK) 197.5.145.30 (TN/Tunisia/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 13:15:27 2023
65.109.184.234 # lfd: (PERMBLOCK) 65.109.184.234 (FI/Finland/Uusimaa/Helsinki/static.234.184.109.65.clients.your-server.de) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 13:21:53 2023
179.49.208.27 # lfd: (PERMBLOCK) 179.49.208.27 (CL/Chile/Santiago Metropolitan/La Pintana/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 13:21:53 2023
80.249.147.0/24 # lfd: (NETBLOCK) 80.249.147.0/24 (RU/Russia/St.-Petersburg/St Petersburg/-) has had more than 2 blocks in the last 86400 secs - Tue Mar 28 13:42:30 2023
84.38.183.79 # lfd: (PERMBLOCK) 84.38.183.79 (RU/Russia/St.-Petersburg/St Petersburg/sports-project.ru) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 13:49:25 2023
91.185.40.251 # lfd: (PERMBLOCK) 91.185.40.251 (RU/Russia/Irkutsk Oblast/Irkutsk/91-185-40-251-cheremhovo.dsi.ru) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 13:50:36 2023
188.68.223.100 # lfd: (PERMBLOCK) 188.68.223.100 (RU/Russia/St.-Petersburg/St Petersburg/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 14:32:29 2023
80.249.145.167 # lfd: (PERMBLOCK) 80.249.145.167 (RU/Russia/St.-Petersburg/St Petersburg/alarmdesignconsulting.com) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 14:36:00 2023
94.254.0.234 # lfd: (PERMBLOCK) 94.254.0.234 (SE/Sweden/Skåne County/Lund/h-94-254-0-234.na.cust.bahnhof.se) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 15:02:02 2023
109.150.115.106 # lfd: (PERMBLOCK) 109.150.115.106 (GB/United Kingdom/Hampshire/Lymington/host109-150-115-106.range109-150.btcentralplus.com) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 15:18:24 2023
178.62.205.28 # lfd: (PERMBLOCK) 178.62.205.28 (NL/Netherlands/North Holland/Amsterdam/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 15:19:14 2023
45.252.79.62 # lfd: (PERMBLOCK) 45.252.79.62 (IN/India/National Capital Territory of Delhi/New Delhi/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 15:29:05 2023
31.184.253.158 # lfd: (PERMBLOCK) 31.184.253.158 (RU/Russia/St.-Petersburg/St Petersburg/741362598w2eivf.sabush.date) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 16:48:42 2023
177.170.125.118 # lfd: (PERMBLOCK) 177.170.125.118 (BR/Brazil/Sao Paulo/Guaratingueta/177-170-125-118.user.vivozap.com.br) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 16:59:13 2023
129.226.205.241 # lfd: (PERMBLOCK) 129.226.205.241 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 17:34:46 2023
187.200.47.24 # lfd: (PERMBLOCK) 187.200.47.24 (MX/Mexico/México/Toluca/dsl-187-200-47-24-dyn.prod-infinitum.com.mx) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 17:36:01 2023
80.249.144.26 # lfd: (PERMBLOCK) 80.249.144.26 (RU/Russia/St.-Petersburg/St Petersburg/mail.ru) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 17:58:28 2023
159.65.232.20 # lfd: (PERMBLOCK) 159.65.232.20 (US/United States/New Jersey/North Bergen/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 19:48:03 2023
193.36.84.115 # lfd: (PERMBLOCK) 193.36.84.115 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 19:48:18 2023
212.93.191.116 # lfd: (PERMBLOCK) 212.93.191.116 (SA/Saudi Arabia/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 19:58:09 2023
91.122.197.235 # lfd: (PERMBLOCK) 91.122.197.235 (RU/Russia/Arkhangelskaya/Arkhangelsk/ip-235-197-122-091.pools.atnet.ru) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 21:12:35 2023
89.58.37.227 # lfd: (PERMBLOCK) 89.58.37.227 (DE/Germany/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 21:21:26 2023
31.220.51.105 # lfd: (PERMBLOCK) 31.220.51.105 (US/United States/North Carolina/Asheville/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 21:29:22 2023
102.128.78.42 # lfd: (PERMBLOCK) 102.128.78.42 (ZW/Zimbabwe/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 21:31:12 2023
38.54.38.122 # lfd: (PERMBLOCK) 38.54.38.122 (SA/Saudi Arabia/Riyadh Region/Riyadh/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 21:32:47 2023
95.71.126.225 # lfd: (PERMBLOCK) 95.71.126.225 (RU/Russia/Belgorod Oblast/Belgorod/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 22:07:55 2023
195.248.240.28 # lfd: (PERMBLOCK) 195.248.240.28 (DE/Germany/Bavaria/Nuremberg/-) has had more than 2 temp blocks in the last 86400 secs - Tue Mar 28 23:50:15 2023
89.36.20.218 # lfd: (PERMBLOCK) 89.36.20.218 (RO/Romania/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 00:04:23 2023
220.248.15.10 # lfd: (PERMBLOCK) 220.248.15.10 (CN/China/Shanghai/Shanghai/-) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 00:06:18 2023
200.46.157.10 # lfd: (PERMBLOCK) 200.46.157.10 (PA/Panama/Provincia de Panama/Panama City/-) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 01:36:21 2023
5.63.8.171 # lfd: (PERMBLOCK) 5.63.8.171 (IR/Iran/Tehran/Tehran/5-63-8-171.faraso.org) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 11:30:48 2023
178.128.215.158 # lfd: (PERMBLOCK) 178.128.215.158 (SG/Singapore/-/-/secure.stackdaemon.com) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 15:22:19 2023
43.156.93.142 # lfd: (PERMBLOCK) 43.156.93.142 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 15:22:19 2023
143.198.238.143 # lfd: (PERMBLOCK) 143.198.238.143 (US/United States/California/Santa Clara/-) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 16:33:55 2023
92.241.82.242 # lfd: (PERMBLOCK) 92.241.82.242 (GE/Georgia/Kalaki Tbilisi/Tbilisi/host-92-241-82-242-customer.wanex.net) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 17:35:20 2023
193.36.84.171 # lfd: (PERMBLOCK) 193.36.84.171 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 22:10:39 2023
8.219.40.72 # lfd: (PERMBLOCK) 8.219.40.72 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 22:13:25 2023
5.63.8.167 # lfd: (PERMBLOCK) 5.63.8.167 (IR/Iran/Tehran/Tehran/5-63-8-167.faraso.org) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 22:13:30 2023
213.87.101.176 # lfd: (PERMBLOCK) 213.87.101.176 (RU/Russia/Amur Oblast/Blagoveshchensk/mail.aviatechnology.aero) has had more than 2 temp blocks in the last 86400 secs - Wed Mar 29 23:58:34 2023
86.57.237.202 # lfd: (PERMBLOCK) 86.57.237.202 (BY/Belarus/Minsk City/Minsk/mm-202-237-57-86.static.mgts.by) has had more than 2 temp blocks in the last 86400 secs - Thu Mar 30 03:02:59 2023
196.220.67.231 # lfd: (PERMBLOCK) 196.220.67.231 (NG/Nigeria/Kaduna State/Samaru/-) has had more than 2 temp blocks in the last 86400 secs - Thu Mar 30 03:04:09 2023
46.105.35.88 # lfd: (PERMBLOCK) 46.105.35.88 (FR/France/-/-/pmx-d16.cylian.network) has had more than 2 temp blocks in the last 86400 secs - Thu Mar 30 03:06:19 2023
217.237.118.130 # lfd: (PERMBLOCK) 217.237.118.130 (DE/Germany/Saxony/Dresden/pd9ed7682.dip0.t-ipconnect.de) has had more than 2 temp blocks in the last 86400 secs - Thu Mar 30 03:30:47 2023
212.233.113.86 # lfd: (PERMBLOCK) 212.233.113.86 (RU/Russia/Moscow/Moscow/mail.sokur-pr.ru) has had more than 2 temp blocks in the last 86400 secs - Thu Mar 30 04:12:56 2023
43.128.188.206 # lfd: (PERMBLOCK) 43.128.188.206 (IN/India/Maharashtra/Mumbai/-) has had more than 2 temp blocks in the last 86400 secs - Thu Mar 30 04:14:01 2023
@@ -964,3 +918,99 @@
194.242.57.232 # lfd: (PERMBLOCK) 194.242.57.232 (DE/Germany/North Rhine-Westphalia/Düsseldorf/vmi1309997.contaboserver.net) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 06:41:50 2023
40.122.67.251 # lfd: (PERMBLOCK) 40.122.67.251 (US/United States/Iowa/Des Moines/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 06:46:25 2023
2.56.91.113 # lfd: (PERMBLOCK) 2.56.91.113 (HK/Hong Kong/-/-/hosted-by.ihc.ru) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 06:47:25 2023
185.238.199.145 # lfd: (PERMBLOCK) 185.238.199.145 (RU/Russia/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 11:01:25 2023
85.114.119.22 # lfd: (PERMBLOCK) 85.114.119.22 (PS/Palestine/Gaza/Gaza/22.119.114.85.customers.fusion.ps) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 11:03:15 2023
91.205.219.185 # lfd: (PERMBLOCK) 91.205.219.185 (UA/Ukraine/Crimea/Simferopol/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 12:03:50 2023
54.196.254.48 # lfd: (PERMBLOCK) 54.196.254.48 (US/United States/Virginia/Ashburn/ec2-54-196-254-48.compute-1.amazonaws.com) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 13:06:56 2023
188.166.251.87 # lfd: (PERMBLOCK) 188.166.251.87 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 14:31:48 2023
49.128.182.213 # lfd: (PERMBLOCK) 49.128.182.213 (ID/Indonesia/Central Java/Surakarta/mail.kaliaagro.com) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 14:51:55 2023
196.191.116.209 # lfd: (PERMBLOCK) 196.191.116.209 (ET/Ethiopia/Gambela/Gambela/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 15:00:26 2023
43.133.12.204 # lfd: (PERMBLOCK) 43.133.12.204 (JP/Japan/Tokyo/Tokyo/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 15:42:45 2023
92.222.22.140 # lfd: (PERMBLOCK) 92.222.22.140 (FR/France/Île-de-France/Paris/vps-f5a3122b.vps.ovh.net) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 1 16:39:35 2023
182.93.84.143 # lfd: (PERMBLOCK) 182.93.84.143 (NP/Nepal/Bagmati Province/Kathmandu/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 2 00:35:06 2023
212.62.96.218 # lfd: (PERMBLOCK) 212.62.96.218 (SA/Saudi Arabia/Riyadh Region/Riyadh/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 2 06:40:55 2023
41.93.49.4 # lfd: (PERMBLOCK) 41.93.49.4 (TZ/Tanzania/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 2 15:12:10 2023
95.180.102.119 # lfd: (PERMBLOCK) 95.180.102.119 (RS/Serbia/Belgrade/Semlin/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 2 15:12:10 2023
43.134.128.50 # lfd: (PERMBLOCK) 43.134.128.50 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 2 15:13:45 2023
37.32.21.29 # lfd: (PERMBLOCK) 37.32.21.29 (IR/Iran/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 2 15:13:45 2023
8.219.175.111 # lfd: (PERMBLOCK) 8.219.175.111 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 2 15:17:45 2023
178.62.119.233 # lfd: (PERMBLOCK) 178.62.119.233 (GB/United Kingdom/England/Enfield/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 3 00:22:15 2023
93.189.190.39 # lfd: (PERMBLOCK) 93.189.190.39 (IT/Italy/Friuli Venezia Giulia/Udine/host39-190-189-93.soho.nordext.net) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 3 09:51:55 2023
8.219.63.236 # lfd: (PERMBLOCK) 8.219.63.236 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 3 12:40:05 2023
80.19.204.177 # lfd: (PERMBLOCK) 80.19.204.177 (IT/Italy/Catania/Scordia/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 3 18:23:00 2023
103.99.36.22 # lfd: (PERMBLOCK) 103.99.36.22 (IN/India/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 3 22:51:33 2023
5.172.95.134 # lfd: (PERMBLOCK) 5.172.95.134 (IT/Italy/Province of Brescia/Brescia/host-5.172.95-134.pool.intred.it) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 4 00:09:09 2023
197.5.145.8 # lfd: (PERMBLOCK) 197.5.145.8 (TN/Tunisia/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 4 15:04:18 2023
46.101.5.100 # lfd: (PERMBLOCK) 46.101.5.100 (GB/United Kingdom/England/Islington/-) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 4 15:04:19 2023
103.149.74.0/24 # lfd: (NETBLOCK) 103.149.74.0/24 (BD/Bangladesh/-/-/-) has had more than 2 blocks in the last 86400 secs - Sun Jun 4 16:53:47 2023
157.245.156.149 # lfd: (PERMBLOCK) 157.245.156.149 (SG/Singapore/-/-/website.com) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 4 17:02:28 2023
128.199.102.17 # lfd: (PERMBLOCK) 128.199.102.17 (SG/Singapore/-/-/jjy-erp.com) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 4 18:09:04 2023
101.32.178.108 # lfd: (PERMBLOCK) 101.32.178.108 (HK/Hong Kong/Central and Western District/Central/-) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 4 18:09:05 2023
185.74.5.184 # lfd: (PERMBLOCK) 185.74.5.184 (UZ/Uzbekistan/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 01:13:19 2023
167.172.190.187 # lfd: (PERMBLOCK) 167.172.190.187 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 05:27:03 2023
92.114.19.250 # lfd: (PERMBLOCK) 92.114.19.250 (IR/Iran/-/-/250.mobinnet.net) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 05:40:19 2023
185.74.4.17 # lfd: (PERMBLOCK) 185.74.4.17 (UZ/Uzbekistan/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 05:41:39 2023
213.135.131.49 # lfd: (PERMBLOCK) 213.135.131.49 (RU/Russia/Tambov Oblast/Tambov/-) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 07:41:34 2023
177.54.130.48 # lfd: (PERMBLOCK) 177.54.130.48 (BR/Brazil/Maranhao/São Luís/-) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 12:08:27 2023
103.235.34.82 # lfd: (PERMBLOCK) 103.235.34.82 (ID/Indonesia/Jakarta/Jakarta/-) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 22:33:16 2023
45.240.88.165 # lfd: (PERMBLOCK) 45.240.88.165 (EG/Egypt/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 5 22:40:07 2023
206.189.232.29 # lfd: (PERMBLOCK) 206.189.232.29 (US/United States/New Jersey/North Bergen/-) has had more than 2 temp blocks in the last 86400 secs - Tue Jun 6 04:46:34 2023
217.11.189.230 # lfd: (PERMBLOCK) 217.11.189.230 (TJ/Tajikistan/Dushanbe/Dushanbe/-) has had more than 2 temp blocks in the last 86400 secs - Tue Jun 6 04:55:45 2023
88.135.42.164 # lfd: (PERMBLOCK) 88.135.42.164 (IR/Iran/-/-/80-135-42-164.laser.ir) has had more than 2 temp blocks in the last 86400 secs - Tue Jun 6 08:00:26 2023
47.74.112.8 # lfd: (PERMBLOCK) 47.74.112.8 (AU/Australia/New South Wales/Sydney/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 03:22:36 2023
167.172.229.180 # lfd: (PERMBLOCK) 167.172.229.180 (US/United States/New Jersey/Clifton/erp.ihcksa) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 03:22:36 2023
103.237.145.121 # lfd: (PERMBLOCK) 103.237.145.121 (VN/Vietnam/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 03:27:01 2023
20.71.80.251 # lfd: (PERMBLOCK) 20.71.80.251 (NL/Netherlands/North Holland/Amsterdam/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 03:28:11 2023
8.219.134.77 # lfd: (PERMBLOCK) 8.219.134.77 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 03:28:12 2023
2.136.243.236 # lfd: (PERMBLOCK) 2.136.243.236 (ES/Spain/Madrid/Madrid/236.red-2-136-243.staticip.rima-tde.net) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 04:05:20 2023
190.123.34.126 # lfd: (PERMBLOCK) 190.123.34.126 (EC/Ecuador/Provincia del Guayas/Guayaquil/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 10:00:55 2023
193.36.84.187 # lfd: (PERMBLOCK) 193.36.84.187 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 12:36:21 2023
8.219.202.109 # lfd: (PERMBLOCK) 8.219.202.109 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 12:36:31 2023
23.147.229.189 # lfd: (PERMBLOCK) 23.147.229.189 (US/United States/Georgia/Atlanta/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 13:18:30 2023
218.49.184.66 # lfd: (PERMBLOCK) 218.49.184.66 (KR/South Korea/Sejong-si/Sejong/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 15:49:04 2023
46.101.242.117 # lfd: (PERMBLOCK) 46.101.242.117 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 18:05:41 2023
47.250.42.126 # lfd: (PERMBLOCK) 47.250.42.126 (MY/Malaysia/Kuala Lumpur/Kuala Lumpur/-) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 18:06:21 2023
212.227.8.25 # lfd: (PERMBLOCK) 212.227.8.25 (DE/Germany/Baden-Wurttemberg/Schonaich/jojojux.de) has had more than 2 temp blocks in the last 86400 secs - Wed Jun 7 20:06:01 2023
37.32.21.50 # lfd: (PERMBLOCK) 37.32.21.50 (IR/Iran/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 00:04:03 2023
185.110.191.30 # lfd: (PERMBLOCK) 185.110.191.30 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 01:29:11 2023
62.193.106.227 # lfd: (PERMBLOCK) 62.193.106.227 (EG/Egypt/Cairo Governorate/Cairo/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 06:26:27 2023
217.29.49.103 # lfd: (PERMBLOCK) 217.29.49.103 (RU/Russia/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 10:01:55 2023
202.60.226.13 # lfd: (PERMBLOCK) 202.60.226.13 (HK/Hong Kong/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 13:10:46 2023
34.101.51.34 # lfd: (PERMBLOCK) 34.101.51.34 (ID/Indonesia/Jakarta/Jakarta/34.51.101.34.bc.googleusercontent.com) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 17:27:40 2023
118.161.225.188 # lfd: (PERMBLOCK) 118.161.225.188 (TW/Taiwan/Taoyuan/Bade District/118-161-225-188.dynamic-ip.hinet.net) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 17:27:40 2023
154.116.70.232 # lfd: (PERMBLOCK) 154.116.70.232 (GA/Gabon/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 17:37:01 2023
84.42.28.190 # lfd: (PERMBLOCK) 84.42.28.190 (RU/Russia/Tver Oblast/Tver/-) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 22:46:53 2023
212.35.72.18 # lfd: (PERMBLOCK) 212.35.72.18 (JO/Jordan/Madaba/Madaba/212.35.72.18.ua.batelco.jo) has had more than 2 temp blocks in the last 86400 secs - Thu Jun 8 23:08:45 2023
102.220.23.51 # lfd: (PERMBLOCK) 102.220.23.51 (KE/Kenya/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 03:13:39 2023
8.219.222.42 # lfd: (PERMBLOCK) 8.219.222.42 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 03:56:08 2023
64.227.134.110 # lfd: (PERMBLOCK) 64.227.134.110 (IN/India/Karnataka/Bengaluru/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 03:57:18 2023
164.92.66.116 # lfd: (PERMBLOCK) 164.92.66.116 (US/United States/California/Santa Clara/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 03:57:28 2023
52.224.244.184 # lfd: (PERMBLOCK) 52.224.244.184 (US/United States/Virginia/Tappahannock/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 04:44:13 2023
181.94.230.158 # lfd: (PERMBLOCK) 181.94.230.158 (PY/Paraguay/Asuncion/Asunción/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 07:19:06 2023
31.210.43.17 # lfd: (PERMBLOCK) 31.210.43.17 (TR/Turkey/Istanbul/Istanbul/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 09:23:46 2023
193.8.210.223 # lfd: (PERMBLOCK) 193.8.210.223 (RU/Russia/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 09:34:27 2023
88.135.42.50 # lfd: (PERMBLOCK) 88.135.42.50 (IR/Iran/-/-/80-135-42-50.laser.ir) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 09:49:34 2023
46.101.166.10 # lfd: (PERMBLOCK) 46.101.166.10 (DE/Germany/Hesse/Frankfurt am Main/jairomachucaold.com) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 20:49:21 2023
43.129.92.182 # lfd: (PERMBLOCK) 43.129.92.182 (HK/Hong Kong/Central and Western District/Central/-) has had more than 2 temp blocks in the last 86400 secs - Fri Jun 9 20:55:11 2023
8.213.16.198 # lfd: (PERMBLOCK) 8.213.16.198 (SA/Saudi Arabia/Riyadh Region/Riyadh/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 00:51:38 2023
47.253.45.33 # lfd: (PERMBLOCK) 47.253.45.33 (US/United States/Virginia/-/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 00:57:59 2023
91.107.206.108 # lfd: (PERMBLOCK) 91.107.206.108 (DE/Germany/-/-/static.108.206.107.91.clients.your-server.de) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 08:19:42 2023
46.101.229.124 # lfd: (PERMBLOCK) 46.101.229.124 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 09:09:52 2023
80.253.31.232 # lfd: (PERMBLOCK) 80.253.31.232 (RU/Russia/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 11:49:40 2023
193.36.84.190 # lfd: (PERMBLOCK) 193.36.84.190 (DE/Germany/Hesse/Frankfurt am Main/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 14:20:49 2023
8.219.65.51 # lfd: (PERMBLOCK) 8.219.65.51 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 14:22:39 2023
128.199.142.208 # lfd: (PERMBLOCK) 128.199.142.208 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 14:22:39 2023
79.73.156.5 # lfd: (PERMBLOCK) 79.73.156.5 (GB/United Kingdom/Blackburn with Darwen/Darwen/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 16:40:00 2023
43.154.22.36 # lfd: (PERMBLOCK) 43.154.22.36 (HK/Hong Kong/Central and Western District/Central/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 22:27:00 2023
212.145.210.150 # lfd: (PERMBLOCK) 212.145.210.150 (ES/Spain/Santa Cruz de Tenerife/San Miguel De Abona/vf212145210150.tgm1.com) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 23:15:29 2023
194.135.20.5 # lfd: (PERMBLOCK) 194.135.20.5 (NL/Netherlands/North Holland/Amsterdam/-) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 23:56:18 2023
178.62.187.136 # lfd: (PERMBLOCK) 178.62.187.136 (NL/Netherlands/North Holland/Amsterdam/softteco.com.new) has had more than 2 temp blocks in the last 86400 secs - Sat Jun 10 23:57:28 2023
51.145.172.105 # lfd: (PERMBLOCK) 51.145.172.105 (NL/Netherlands/North Holland/Amsterdam/-) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 11 00:25:11 2023
77.91.84.45 # lfd: (PERMBLOCK) 77.91.84.45 (SE/Sweden/Stockholm County/Stockholm/reveles.aeza.network) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 11 04:13:11 2023
178.62.64.242 # lfd: (PERMBLOCK) 178.62.64.242 (GB/United Kingdom/England/Islington/-) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 11 04:16:11 2023
203.109.66.145 # lfd: (PERMBLOCK) 203.109.66.145 (IN/India/Gujarat/Surat/145-66-109-203.static.youbroadband.in) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 11 13:28:28 2023
54.179.189.58 # lfd: (PERMBLOCK) 54.179.189.58 (SG/Singapore/-/-/ec2-54-179-189-58.ap-southeast-1.compute.amazonaws.com) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 11 15:54:30 2023
77.92.151.231 # lfd: (PERMBLOCK) 77.92.151.231 (TR/Turkey/Batman/Batman/static-77-92-151-231.tres.net.tr) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 11 16:13:52 2023
89.116.230.89 # lfd: (PERMBLOCK) 89.116.230.89 (SG/Singapore/-/-/-) has had more than 2 temp blocks in the last 86400 secs - Sun Jun 11 16:30:28 2023
168.119.255.26 # lfd: (PERMBLOCK) 168.119.255.26 (DE/Germany/-/-/static.26.255.119.168.clients.your-server.de) has had more than 2 temp blocks in the last 86400 secs - Mon Jun 12 00:38:52 2023
94.156.202.0/24 # lfd: (NETBLOCK) 94.156.202.0/24 (CH/Switzerland/-/-/-) has had more than 2 blocks in the last 86400 secs - Mon Jun 12 09:21:52 2023

0
cups/classes.conf Normal file
View File

0
cups/client.conf Normal file
View File

691
cups/cups-browsed.conf Normal file
View File

@@ -0,0 +1,691 @@
# All configuration options described here can also be supplied on the
# command line of cups-browsed via the "-o" option. In case of
# contradicting settings the setting defined in the configuration file
# will get used.
# Unknown directives are ignored, also unknown values.
# Where should cups-browsed save information about the print queues it had
# generated when shutting down, like whether one of these queues was the
# default printer, or default option settings of the queues?
# CacheDir /var/cache/cups
# Where should cups-browsed create its debug log file (if "DebugLogging file"
# is set)?
# LogDir /var/log/cups
# How should debug logging be done? Into the file
# /var/log/cups/cups-browsed_log ('file'), to stderr ('stderr'), or
# not at all ('none')?
# DebugLogging file
# DebugLogging stderr
# DebugLogging file stderr
# DebugLogging none
# Which protocols will we use to discover printers on the network?
# Can use DNSSD and/or CUPS and/or LDAP, or 'none' for neither.
BrowseRemoteProtocols dnssd cups
# Which protocols will we use to broadcast shared local printers to the network?
# Can use DNSSD and/or CUPS, or 'none' for neither.
# Only CUPS is actually supported, as DNSSD is done by CUPS itself (we ignore
# DNSSD in this directive).
# BrowseLocalProtocols none
# Settings of this directive apply to both BrowseRemoteProtocols and
# BrowseLocalProtocols.
# Can use DNSSD and/or CUPS and/or LDAP, or 'none' for neither.
# BrowseProtocols none
# Only browse remote printers (via DNS-SD or CUPS browsing) from
# selected servers using the "BrowseAllow", "BrowseDeny", and
# "BrowseOrder" directives
# This serves for restricting the choice of printers in print dialogs
# to trusted servers or to reduce the number of listed printers in the
# print dialogs to a more user-friendly amount in large networks with
# very many shared printers.
# This only filters the selection of remote printers for which
# cups-browsed creates local queues. If the print dialog uses other
# mechanisms to list remote printers as for example direct DNS-SD
# access, cups-browsed has no influence. cups-browsed also does not
# prevent the user from manually accessing non-listed printers.
# "BrowseAllow": Accept printers from these hosts or networks. If
# there are only "BrowseAllow" lines and no "BrowseOrder" and/or
# "BrowseDeny" lines, only servers matching at last one "BrowseAllow"
# line are accepted.
# "BrowseDeny": Deny printers from these hosts or networks. If there
# are only "BrowseDeny" lines and no "BrowseOrder" and/or
# "BrowseAllow" lines, all servers NOT matching any of the
# "BrowseDeny" lines are accepted.
# "BrowseOrder": Determine the order in which "BrowseAllow" and
# "BrowseDeny" lines are applied. With "BrowseOrder Deny,Allow" in the
# beginning all servers are accepted, then the "BrowseDeny" lines are
# applied to exclude unwished servers or networks and after that the
# "BrowseAllow" lines to re-include servers or networks. With
# "BrowseOrder Allow,Deny" we start with denying all servers, then
# applying the "BrowseAllow" lines and afterwards the "BrowseDeny"
# lines.
# Default for "BrowseOrder" is "Deny.Allow" if there are both
# "BrowseAllow" and "BrowseDeny" lines.
# If there are no "Browse..." lines at all, all servers are accepted.
# BrowseAllow All
# BrowseAllow cups.example.com
# BrowseAllow 192.168.1.12
# BrowseAllow 192.168.1.0/24
# BrowseAllow 192.168.1.0/255.255.255.0
# BrowseDeny All
# BrowseDeny printserver.example.com
# BrowseDeny 192.168.1.13
# BrowseDeny 192.168.3.0/24
# BrowseDeny 192.168.3.0/255.255.255.0
# BrowseOrder Deny,Allow
# BrowseOrder Allow,Deny
# The interval between browsing/broadcasting cycles, local and/or
# remote, can be adjusted with the BrowseInterval directive.
# BrowseInterval 60
# Browsing-related operations such as adding or removing printer queues
# and broadcasting are each allowed to take up to a given amount of time.
# It can be configured, in seconds, with the BrowseTimeout directive.
# Especially queues discovered by CUPS broadcasts will be removed after
# this timeout if no further broadcast from the server happens.
# BrowseTimeout 300
# Filtering of remote printers by other properties than IP addresses
# of their servers
# Often the desired selection of printers cannot be reached by only
# taking into account the IP addresses of the servers. For these cases
# there is the BrowseFilter directive to filter by most of the known
# properties of the printer.
# By default there is no BrowseFilter line meaning that no filtering
# is applied.
# To do filtering one can supply one or more BrowseFilter directives
# like this:
# BrowseFilter [NOT] [EXACT] <FIELD> [<VALUE>]
# The BrowseFilter directive always starts with the word
# "BrowseFilter" and it must at least contain the name of the data
# field (<FIELD>) of the printer's properties to which it should
# apply.
# Available field names are:
# name: Name of the local print queue to be created
# host: Host name of the remote print server
# port: Port through which the printer is accessed on the server
# service: DNS/SD service name of the remote printer
# domain: Domain of the remote print server
# Also all field names in the TXT records of DNS-SD-advertised printers
# are valid, like "color", "duplex", "pdl", ... If the field name of
# the filter rule does not exist for the printer, the rule is skipped.
# The optional <VALUE> field is either the exact value (when the
# option EXACT is supplied) or a regular expression (Run "man 7 regex"
# in a terminal window) to be matched with the data field.
# If no <VALUE> filed is supplied, rules with field names of the TXT
# record are considered for boolean matching (true/false) of boolean
# field (like duplex, which can have the values "T" for true and "F"
# for false).
# If the option NOT is supplied, the filter rule is fulfilled if the
# regular expression or the exact value DOES NOT match the content of
# the data field. In a boolean rule (without <VALUE>) the rule matches
# false.
# Regular expressions are always considered case-insensitive and
# extended POSIX regular expressions. Field names and options (NOT,
# EXACT) are all evaluated case-insensitive. If there is an error in a
# regular expression, the BrowseFilter line gets ignored.
# Especially to note is that supplying any simple string consisting of
# only letters, numbers, spaces, and some basic special characters as
# a regular expression matches if it is contained somewhere in the
# data field.
# If there is more than one BrowseFilter directive, ALL the directives
# need to be fulfilled for the remote printer to be accepted. If one
# is not fulfilled, the printer will get ignored.
# Examples:
# Rules for standard data items which are supplied with any remote
# printer advertised via DNS-SD:
# Print queue name must contain "hum_res_", this matches
# "hum_res_mono" or "hum_res_color" but also "old_hum_res_mono":
# BrowseFilter name hum_res_
# This matches if the remote host name contains "printserver", like
# "printserver.local", "printserver2.example.com", "newprintserver":
# BrowseFilter host printserver
# This matches all ports with 631 int its number, for example 631,
# 8631, 10631,...:
# BrowseFilter port 631
# This rule matches if the DNS-SD service name contains "@ printserver":
# Browsefilter service @ printserver
# Matches all domains with "local" in their names, not only "local" but
# also things like "printlocally.com":
# BrowseFilter domain local
# Examples for rules applying to items of the TXT record:
# This rule selects PostScript printers, as the "PDL" field in the TXT
# record contains "postscript" then. This includes also remote CUPS
# queues which accept PostScript, independent of whether the physical
# printer behind the CUPS queue accepts PostScript or not.
# BrowseFilter pdl postscript
# Color printers usually contain a "Color" entry set to "T" (for true)
# in the TXT record. This rule selects them:
# BrowseFilter color
# This is a similar rule to select only duplex (automatic double-sided
# printing) printers:
# BrowseFilter duplex
# Rules with the NOT option:
# This rule EXCLUDES printers from all hosts containing "financial" in
# their names, nice to get rid of the 100s of printers of the
# financial department:
# BrowseFilter NOT host financial
# Get only monochrome printers ("Color" set to "F", meaning false, in
# the TXT record):
# BrowseFilter NOT color
# Rules with more advanced use of regular expressions:
# Only queue names which BEGIN WITH "hum_res_" are accepted now, so we
# still get "hum_res_mono" or "hum_res_color" but not
# "old_hum_res_mono" any more:
# BrowseFilter name ^hum_res_
# Server names is accepted if it contains "print_server" OR
# "graphics_dep_server":
# BrowseFilter host print_server|graphics_dep_server
# "printserver1", "printserver2", and "printserver3", nothing else:
# BrowseFilter host ^printserver[1-3]$
# Printers understanding at least one of PostScript, PCL, or PDF:
# BrowseFilter pdl postscript|pcl|pdf
# Examples for the EXACT option:
# Only printers from "printserver.local" are accepted:
# BrowseFilter EXACT host printserver.local
# Printers from all servers except "prinserver2.local" are accepted:
# BrowseFilter NOT EXACT host prinserver2.local
# Use BrowsePoll to poll a particular CUPS server
# BrowsePoll cups.example.com
# BrowsePoll cups.example.com:631
# BrowsePoll cups.example.com:631/version=1.1
# LDAP browsing configuration
# The default value for all options is an empty string. Example configuration:
# BrowseLDAPBindDN cn=cups-browsed,dc=domain,dc=tld
# BrowseLDAPCACertFile /path/to/server/certificate.pem
# BrowseLDAPDN ou=printers,dc=domain,dc=tld
# BrowseLDAPFilter (printerLocation=/Office 1/*)
# BrowseLDAPPassword s3cret
# BrowseLDAPServer ldaps://ldap.domain.tld
# Use DomainSocket to access the local CUPS daemon via another than the
# default domain socket. "None" or "Off" lets cups-browsed not use CUPS'
# domain socket.
# DomainSocket /var/run/cups/cups.sock
# DomainSocket None
# DomainSocket Off
# Set HTTP timeout (in seconds) for requests sent to local/remote
# resources Note that too short timeouts can make services getting
# missed when they are present and operations be unneccesarily
# repeated and too long timeouts can make operations take too long
# when the server does not respond.
# HttpLocalTimeout 5
# HttpRemoteTimeout 10
# Set OnlyUnsupportedByCUPS to "Yes" will make cups-browsed not create
# local queues for remote printers for which CUPS creates queues by
# itself. These printers are printers advertised via DNS-SD and doing
# CUPS-supported (currently PWG Raster and Apple Raster) driverless
# printing, including remote CUPS queues. Queues for other printers
# (like for legacy PostScript/PCL printers) are always created
# (depending on the other configuration settings of cups-browsed).
# With OnlyUnsupportedByCUPS set to "No", cups-browsed creates queues
# for all printers which it supports, including printers for which
# CUPS would create queues by itself. Temporary queues created by CUPS
# will get overwritten. This way it is assured that any extra
# functionality of cups-browsed will apply to these queues. As queues
# created by cups-browsed are permanent CUPS queues this setting is
# also recommended if applications/print dialogs which do not support
# temporary CUPS queues are installed. This setting is the default.
# OnlyUnsupportedByCUPS Yes
# With UseCUPSGeneratedPPDs set to "Yes" cups-browsed creates queues
# for IPP printers with PPDs generated by the PPD generator of CUPS
# and not with the one of cups-browsed. So any new development in
# CUPS' PPD generator gets available. As CUPS' PPD generator is not
# directly accessible, we need to make CUPS generate a temporary print
# queue with the desired PPD. Therefore we can only use these PPDs
# when our queue replaces a temporary CUPS queue, meaning that the
# queue is for a printer on which CUPS supports driverless printing
# (IPP 2.x, PDLs: PDF, PWG Raster, and/or Apple Raster) and that its
# name is the same as CUPS uses for the temporary queue
# ("LocalQueueNamingIPPPrinter DNS-SD" must be set). The directive
# applies only to IPP printers, not to remote CUPS queues, to not
# break clustering. Setting this directive to "No" lets cups-browsed
# generate the PPD file. Default setting is "Yes".
# UseCUPSGeneratedPPDs No
# With the directives LocalQueueNamingRemoteCUPS and
# LocalQueueNamingIPPPrinter you can determine how the names for local
# queues generated by cups-browsed are generated, separately for
# remote CUPS printers and IPP printers.
# DNS-SD (the default in both cases) bases the naming on the service
# name of the printer's advertised DNS-SD record. This is exactly the
# same naming scheme as CUPS uses for its temporary queues, so the
# local queue from cups-browsed prevents CUPS from listing and
# creating an additional queue. As DNS-SD service names have to be
# unique, queue names of printers from different servers will also be
# unique and so there is no automatic clustering for load-balanced
# printing.
# MakeModel bases the queue name on the printer's manufacturer and
# model names. This scheme cups-browsed used formerly for IPP
# printers.
# RemoteName is only available for remote CUPS queues and uses the
# name of the queue on the remote CUPS server as the local queue's
# name. This makes printers on different CUPS servers with equal queue
# names automatically forming a load-balancing cluster as CUPS did
# formerly (CUPS 1.5.x and older) with CUPS-broadcasted remote
# printers. This scheme cups-browsed used formerly for remote CUPS
# printers.
# LocalQueueNamingRemoteCUPS DNS-SD
# LocalQueueNamingRemoteCUPS MakeModel
LocalQueueNamingRemoteCUPS RemoteName
# LocalQueueNamingIPPPrinter DNS-SD
# LocalQueueNamingIPPPrinter MakeModel
# Set IPBasedDeviceURIs to "Yes" if cups-browsed should create its
# local queues with device URIs with the IP addresses instead of the
# host names of the remote servers. This mode is there for any
# problems with host name resolution in the network, especially also
# if avahi-daemon is only run for printer discovery and already
# stopped while still printing. By default this mode is turned off,
# meaning that we use URIs with host names.
# If you prefer IPv4 or IPv6 IP addresses in the URIs, you can set
# IPBasedDeviceURIs to "IPv4" to only get IPv4 IP addresses or
# IPBasedDeviceURIs to "IPv6" to only get IPv6 IP addresses.
# IPBasedDeviceURIs No
# IPBasedDeviceURIs Yes
# IPBasedDeviceURIs IPv4
# IPBasedDeviceURIs IPv6
# Set CreateRemoteRawPrinterQueues to "Yes" to let cups-browsed also
# create local queues pointing to remote raw CUPS queues. Normally,
# only queues pointing to remote queues with PPD/driver are created
# as we do not use drivers on the client side, but in some cases
# accessing a remote raw queue can make sense, for example if the
# queue forwards the jobs by a special backend like Tea4CUPS.
# CreateRemoteRawPrinterQueues Yes
# cups-browsed by default creates local print queues for each shared
# CUPS print queue which it discovers on remote machines in the local
# network(s). Set CreateRemoteCUPSPrinterQueues to "No" if you do not
# want cups-browsed to do this. For example you can set cups-browsed
# to only create queues for IPP network printers setting
# CreateIPPPrinterQueues not to "No" and CreateRemoteCUPSPrinterQueues
# to "No".
# CreateRemoteCUPSPrinterQueues No
# Set CreateIPPPrinterQueues to "All" to let cups-browsed discover IPP
# network printers (native printers, not CUPS queues) with known page
# description languages (PWG Raster, PDF, PostScript, PCL XL, PCL
# 5c/e) in the local network and auto-create print queues for them.
# Set CreateIPPPrinterQueues to "Everywhere" to let cups-browsed
# discover IPP Everywhere printers in the local network (native
# printers, not CUPS queues) and auto-create print queues for them.
# Set CreateIPPPrinterQueues to "AppleRaster" to let cups-browsed
# discover Apple Raster printers in the local network (native
# printers, not CUPS queues) and auto-create print queues for them.
# Set CreateIPPPrinterQueues to "Driverless" to let cups-browsed
# discover printers designed for driverless use (currently IPP
# Everywhere and Apple Raster) in the local network (native printers,
# not CUPS queues) and auto-create print queues for them.
# Set CreateIPPPrinterQueues to "LocalOnly" to auto-create print
# queues only for local printers made available as IPP printers. These
# are for example IPP-over-USB printers, made available via
# ippusbxd. This is the default.
# Set CreateIPPPrinterQueues to "No" to not auto-create print queues
# for IPP network printers.
# If queues with PPD file are created (see IPPPrinterQueueType
# directive below) the PPDs are auto-generated by cups-browsed based
# on properties of the printer polled via IPP. In case of missing
# information, info from the Bonjour record is used asd as last mean
# default values.
# If queues without PPD (see IPPPrinterQueueType directive below) are
# created clients have to IPP-poll the capabilities of the printer and
# send option settings as standard IPP attributes. Then we do not poll
# the capabilities by ourselves to not wake up the printer from
# power-saving mode when creating the queues. Jobs have to be sent in
# one of PDF, PWG Raster, or JPEG format. Other formats are not
# accepted.
# This functionality is primarily for mobile devices running
# CUPS to not need a printer setup tool nor a collection of printer
# drivers and PPDs.
# CreateIPPPrinterQueues No
# CreateIPPPrinterQueues LocalOnly
# CreateIPPPrinterQueues Everywhere
# CreateIPPPrinterQueues AppleRaster
# CreateIPPPrinterQueues Everywhere AppleRaster
# CreateIPPPrinterQueues Driverless
CreateIPPPrinterQueues All
# If cups-browsed is automatically creating print queues for native
# IPP network printers ("CreateIPPPrinterQueues Yes"), the type of
# queue to be created can be selected by the "IPPPrinterQueueType"
# directive. The "PPD" (default) setting makes queues with PPD file
# being created. With "Interface" or "NoPPD" the queue is created with
# a System V interface script (Not supported with CUPS 2.2.x or
# later). "Auto" is for backward compatibility and also lets queues
# with PPD get created.
# IPPPrinterQueueType PPD
# IPPPrinterQueueType NoPPD
# IPPPrinterQueueType Interface
# IPPPrinterQueueType Auto
# The NewIPPPrinterQueuesShared directive determines whether a print
# queue for a newly discovered IPP network printer (not remote CUPS
# queue) will be shared to the local network or not. This is only
# valid for newly discovered printers. For printers discovered in an
# earlier cups-browsed session, cups-browsed will remember whether the
# printer was shared, so changes by the user get conserved. Default is
# not to share newly discovered IPP printers.
# NewIPPPrinterQueuesShared Yes
# If there is more than one remote CUPS printer whose local queue
# would get the same name and AutoClustering is set to "Yes" (the
# default) only one local queue is created which makes up a
# load-balancing cluster of the remote printers which would get this
# queue name (implicit class). This means that when several jobs are
# sent to this queue they get distributed between the printers, using
# the method chosen by the LoadBalancing directive.
# Note that the forming of clusters depends on the naming scheme for
# local queues created by cups-browsed. If you have set
# LocalQueueNamingRemoteCUPS to "DNSSD" you will not get automatic
# clustering as the DNS-SD service names are always unique. With
# LocalQueueNamingRemoteCUPS set to "RemoteName" local queues are
# named as the CUPS queues on the remote servers are named and so
# equally named queues on different servers get clustered (this is how
# CUPS did it in version 1.5.x or older). LocalQueueNamingRemoteCUPS
# set to "MakeModel" makes remote printers of the same model get
# clustered. Note that then a cluster can contain more than one queue
# of the same server.
# With AutoClustering set to "No", for each remote CUPS printer an
# individual local queue is created, and to avoid name clashes when
# using the LocalQueueNamingRemoteCUPS settings "RemoteName" or
# "MakeModel" "@<server name>" is added to the local queue name.
# Only remote CUPS printers get clustered, not IPP network printers or
# IPP-over-USB printers.
# AutoClustering Yes
# AutoClustering No
# Load-balancing printer cluster formation can also be manually
# controlled by defining explicitly which remote CUPS printers should
# get clustered together.
# This is done by the "Cluster" directive:
# Cluster <QUEUENAME>: <EXPRESSION1> <EXPRESSION2> ...
# Cluster <QUEUENAME>
# If no expressions are given, <QUEUENAME> is used as the first and
# only expression for this cluster.
# Discovered printers are matched against all the expressions of all
# defined clusters. The first expression which matches the discovered
# printer determines to which cluster it belongs. Note that this way a
# printer can only belong to one cluster. Once matched, further
# cluster definitions will not checked any more.
# With the first printer matching a cluster's expression a local queue
# with the name <QUEUENAME> is created. If more printers are
# discovered and match this cluster, they join the cluster. Printing
# to this queue prints to all these printers in a load-balancing
# manner, according to to the setting of the LoadBalancing directive.
# Each expression must be a string of characters without spaces. If
# spaces are needed, replace them by underscores ('_').
# An expression can be matched in three ways:
# 1. By the name of the CUPS queue on the remote server
# 2. By make and model name of the remote printer
# 3. By the DNS-SD service name of the remote printer
# Note that the matching is done case-insensitively and any group of
# non-alphanumerical characters is replaced by a single underscore.
# So if an expression is "HP_DeskJet_2540" and the remote server
# reports "hp Deskjet-2540" the printer gets matched to this cluster.
# If "AutoClustering" is not set to "No" both your manual cluster
# definitions will be followed and automatic clustering of
# equally-named remote queues will be performed. If a printer matches
# in both categories the match to the manually defined cluster has
# priority. Automatic clustering of equally-named remote printers is
# not performed if there is a manually defined cluster with this name
# (at least as the printers do not match this cluster).
# Examples:
# To cluster all remote CUPS queues named "laserprinter" in your local
# network but not cluster any other equally-named remote CUPS printers
# use (Local queue will get named "laserprinter"):
# AutoClustering No
# Cluster laserprinter
# To cluster all remote CUPS queues of HP LaserJet 4050 printers in a
# local queue named "LJ4050":
# Cluster LJ4050: HP_LaserJet_4050
# As DNS-SD service names are unique in a network you can create a
# cluster from exactly specified printers (spaces replaced by
# underscors):
# Cluster hrdep: oldlaser_@_hr-server1 newlaser_@_hr-server2
# The LoadBalancing directive switches between two methods of handling
# load balancing between equally-named remote queues which are
# represented by one local print queue making up a cluster of them
# (implicit class).
# The two methods are:
# Queuing of jobs on the client (LoadBalancing QueueOnClient):
# Here we queue up the jobs on the client and regularly check the
# clustered remote print queues. If we find an idle queue, we pass
# on a job to it.
# This is also the method which CUPS uses for classes. Advantage is a
# more even distribution of the job workload on the servers
# (especially if the printing speed of the servers is very different),
# and if a server fails, there are not several jobs stuck or
# lost. Disadvantage is that if one takes the client (laptop, mobile
# phone, ...) out of the local network, printing stops with the jobs
# waiting in the local queue.
# Queuing of jobs on the servers (LoadBalancing QueueOnServers):
# Here we check the number of jobs on each of the clustered remote
# printers and send an incoming job immediately to the remote printer
# with the lowest amount of jobs in its queue. This way no jobs queue
# up locally, all jobs which are waiting are waiting on one of the
# remote servers.
# Not having jobs waiting locally has the advantage that we can take
# the local machine from the network and all jobs get printed.
# Disadvantage is that if a server with a full queue of jobs goes
# away, the jobs go away, too.
# Default is queuing the jobs on the client as this is what CUPS does
# with classes.
# LoadBalancing QueueOnClient
# LoadBalancing QueueOnServers
# With the DefaultOptions directive one or more option settings can be
# defined to be applied to every print queue newly created by
# cups-browsed. Each option is supplied as one supplies options with
# the "-o" command line argument to the "lpadmin" command (Run "man
# lpadmin" for more details). More than one option can be supplied
# separating the options by spaces. By default no option settings are
# pre-defined.
# Note that print queues which cups-browsed already created before
# remember their previous settings and so these settings do not get
# applied.
# DefaultOptions Option1=Value1 Option2=Value2 Option3 noOption4
# The AutoShutdown directive specifies whether cups-browsed should
# automatically terminate when it has no local raw queues set up
# pointing to any discovered remote printers or no jobs on such queues
# depending on AutoShutdownOn setting (auto shutdown mode). Setting it
# to "On" activates the auto-shutdown mode, setting it to "Off"
# deactiivates it (the default). The special mode "avahi" turns auto
# shutdown off while avahi-daemon is running and on when avahi-daemon
# stops. This allows running cups-browsed on-demand when avahi-daemon
# is run on-demand.
# AutoShutdown Off
# AutoShutdown On
# AutoShutdown avahi
# The AutoShutdownOn directive determines what event cups-browsed
# considers as inactivity in auto shutdown mode. "NoQueues" (the
# default) means that auto shutdown is initiated when there are no
# queues for discovered remote printers generated by cups-browsed any
# more. "NoJobs" means that all queues generated by cups-browsed are
# without jobs.
# AutoShutdownOn NoQueues
# AutoShutdownOn NoJobs
# The AutoShutdownTimeout directive specifies after how many seconds
# without local raw queues set up pointing to any discovered remote
# printers or jobs on these queues cups-browsed should actually shut
# down in auto shutdown mode. Default is 30 seconds, 0 means immediate
# shutdown.
# AutoShutdownTimeout 30

93
cups/cups-files.conf Normal file
View File

@@ -0,0 +1,93 @@
#
# File/directory/user/group configuration file for the CUPS scheduler.
# See "man cups-files.conf" for a complete description of this file.
#
# List of events that are considered fatal errors for the scheduler...
#FatalErrors config
# Do we call fsync() after writing configuration or status files?
#SyncOnClose Yes
# Default user and group for filters/backends/helper programs; this cannot be
# any user or group that resolves to ID 0 for security reasons...
#User lp
#Group lp
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
# This cannot contain the Group value for security reasons...
SystemGroup sys root wheel
# User that is substituted for unauthenticated (remote) root accesses...
#RemoteRoot remroot
# Do we allow file: device URIs other than to /dev/null?
#FileDevice No
# Permissions for configuration and log files...
#ConfigFilePerm 0640
#LogFilePerm 00600
# Location of the file logging all access to the scheduler; may be the name
# "syslog" (syslog means systemd journal by default). If not an absolute path, the value of ServerRoot is used as the
# root directory. Also see the "AccessLogLevel" directive in cupsd.conf.
AccessLog syslog
# Location of cache files used by the scheduler...
#CacheDir /var/cache/cups
# Location of data files used by the scheduler...
#DataDir /usr/share/cups
# Location of the static web content served by the scheduler...
#DocumentRoot /usr/share/cups/www
# Location of the file logging all messages produced by the scheduler and any
# helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
# of ServerRoot is used as the root directory. Also see the "LogLevel"
# directive in cupsd.conf.
ErrorLog syslog
# Location of fonts used by older print filters...
#FontPath /usr/share/cups/fonts
# Location of LPD configuration
#LPDConfigFile
# Location of the file logging all pages printed by the scheduler and any
# helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
# of ServerRoot is used as the root directory. Also see the "PageLogFormat"
# directive in cupsd.conf.
PageLog syslog
# Location of the file listing all of the local printers...
#Printcap /etc/printcap
# Format of the Printcap file...
#PrintcapFormat bsd
#PrintcapFormat plist
#PrintcapFormat solaris
# Location of all spool files...
#RequestRoot /var/spool/cups
# Location of helper programs...
#ServerBin /usr/lib/cups
# SSL/TLS keychain for the scheduler...
#ServerKeychain ssl
# Location of other configuration files...
#ServerRoot /etc/cups
# Location of Samba configuration file...
#SMBConfigFile
# Location of scheduler state files...
#StateDir /var/run/cups
# Location of scheduler/helper temporary files. This directory is emptied on
# scheduler startup and cannot be one of the standard (public) temporary
# directory locations for security reasons...
#TempDir /var/spool/cups/tmp

93
cups/cups-files.conf.default Normal file
View File

@@ -0,0 +1,93 @@
#
# File/directory/user/group configuration file for the CUPS scheduler.
# See "man cups-files.conf" for a complete description of this file.
#
# List of events that are considered fatal errors for the scheduler...
#FatalErrors config
# Do we call fsync() after writing configuration or status files?
#SyncOnClose Yes
# Default user and group for filters/backends/helper programs; this cannot be
# any user or group that resolves to ID 0 for security reasons...
#User lp
#Group lp
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
# This cannot contain the Group value for security reasons...
SystemGroup sys root wheel
# User that is substituted for unauthenticated (remote) root accesses...
#RemoteRoot remroot
# Do we allow file: device URIs other than to /dev/null?
#FileDevice No
# Permissions for configuration and log files...
#ConfigFilePerm 0640
#LogFilePerm 00600
# Location of the file logging all access to the scheduler; may be the name
# "syslog" (syslog means systemd journal by default). If not an absolute path, the value of ServerRoot is used as the
# root directory. Also see the "AccessLogLevel" directive in cupsd.conf.
AccessLog syslog
# Location of cache files used by the scheduler...
#CacheDir /var/cache/cups
# Location of data files used by the scheduler...
#DataDir /usr/share/cups
# Location of the static web content served by the scheduler...
#DocumentRoot /usr/share/cups/www
# Location of the file logging all messages produced by the scheduler and any
# helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
# of ServerRoot is used as the root directory. Also see the "LogLevel"
# directive in cupsd.conf.
ErrorLog syslog
# Location of fonts used by older print filters...
#FontPath /usr/share/cups/fonts
# Location of LPD configuration
#LPDConfigFile
# Location of the file logging all pages printed by the scheduler and any
# helper programs; may be the name "syslog" (syslog means systemd journal by default). If not an absolute path, the value
# of ServerRoot is used as the root directory. Also see the "PageLogFormat"
# directive in cupsd.conf.
PageLog syslog
# Location of the file listing all of the local printers...
#Printcap /etc/printcap
# Format of the Printcap file...
#PrintcapFormat bsd
#PrintcapFormat plist
#PrintcapFormat solaris
# Location of all spool files...
#RequestRoot /var/spool/cups
# Location of helper programs...
#ServerBin /usr/lib/cups
# SSL/TLS keychain for the scheduler...
#ServerKeychain ssl
# Location of other configuration files...
#ServerRoot /etc/cups
# Location of Samba configuration file...
#SMBConfigFile
# Location of scheduler state files...
#StateDir /var/run/cups
# Location of scheduler/helper temporary files. This directory is emptied on
# scheduler startup and cannot be one of the standard (public) temporary
# directory locations for security reasons...
#TempDir /var/spool/cups/tmp

186
cups/cupsd.conf Normal file
View File

@@ -0,0 +1,186 @@
MaxLogSize 0
#
# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#
# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
# Only listen for connections from the local machine.
Listen localhost:631
Listen /var/run/cups/cups.sock
# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols dnssd
# Default authentication type, when authentication is required...
DefaultAuthType Basic
# Web interface setting...
WebInterface Yes
# Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)
IdleExitTimeout 0
# Restrict access to the server...
<Location />
Order allow,deny
</Location>
# Restrict access to the admin pages...
<Location /admin>
Order allow,deny
</Location>
# Restrict access to configuration files...
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>
# Restrict access to log files...
<Location /admin/log>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>
# Set the default printer/job policies...
<Policy default>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# Set the authenticated printer/job policies...
<Policy authenticated>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# Set the kerberized printer/job policies...
<Policy kerberos>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Negotiate
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>

186
cups/cupsd.conf.default Normal file
View File

@@ -0,0 +1,186 @@
MaxLogSize 0
#
# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#
# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
# Only listen for connections from the local machine.
Listen localhost:631
Listen /var/run/cups/cups.sock
# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols dnssd
# Default authentication type, when authentication is required...
DefaultAuthType Basic
# Web interface setting...
WebInterface Yes
# Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)
IdleExitTimeout 0
# Restrict access to the server...
<Location />
Order allow,deny
</Location>
# Restrict access to the admin pages...
<Location /admin>
Order allow,deny
</Location>
# Restrict access to configuration files...
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>
# Restrict access to log files...
<Location /admin/log>
AuthType Default
Require user @SYSTEM
Order allow,deny
</Location>
# Set the default printer/job policies...
<Policy default>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# Set the authenticated printer/job policies...
<Policy authenticated>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
# Set the kerberized printer/job policies...
<Policy kerberos>
# Job/subscription privacy...
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
# Job-related operations must be done by the owner or an administrator...
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Negotiate
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
# All administration operations require an administrator to authenticate...
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# All printer operations require a printer operator to authenticate...
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
# Only the owner or an administrator can cancel or authenticate a job...
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Negotiate
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>

0
cups/lpoptions Normal file
View File

0
cups/printers.conf Normal file
View File

7
cups/snmp.conf Normal file
View File

@@ -0,0 +1,7 @@
#
# SNMP configuration file for CUPS. See "man cups-snmp.conf" for a complete
# description of this file.
#
Address @LOCAL
Community public

7
cups/snmp.conf.default Normal file
View File

@@ -0,0 +1,7 @@
#
# SNMP configuration file for CUPS. See "man cups-snmp.conf" for a complete
# description of this file.
#
Address @LOCAL
Community public

32
dbus-1/system.d/avahi-dbus.conf Normal file
View File

@@ -0,0 +1,32 @@
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- Only root or user avahi can own the Avahi service -->
<policy user="avahi">
<allow own="org.freedesktop.Avahi"/>
</policy>
<policy user="root">
<allow own="org.freedesktop.Avahi"/>
</policy>
<!-- Allow anyone to invoke methods on Avahi server, except SetHostName -->
<policy context="default">
<allow send_destination="org.freedesktop.Avahi"/>
<allow receive_sender="org.freedesktop.Avahi"/>
<deny send_destination="org.freedesktop.Avahi"
send_interface="org.freedesktop.Avahi.Server" send_member="SetHostName"/>
</policy>
<!-- Allow everything, including access to SetHostName to users of the group "avahi" -->
<policy group="avahi">
<allow send_destination="org.freedesktop.Avahi"/>
<allow receive_sender="org.freedesktop.Avahi"/>
</policy>
<policy user="root">
<allow send_destination="org.freedesktop.Avahi"/>
<allow receive_sender="org.freedesktop.Avahi"/>
</policy>
</busconfig>

13
dbus-1/system.d/cups.conf Normal file
View File

@@ -0,0 +1,13 @@
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- Only root can send this message -->
<policy user="root">
<allow send_interface="com.redhat.PrinterSpooler"/>
</policy>
<!-- Allow any connection to receive the message -->
<policy context="default">
<allow receive_interface="com.redhat.PrinterSpooler"/>
</policy>
</busconfig>

1
fonts/conf.d/59-liberation-mono.conf Symbolic link
View File

@@ -0,0 +1 @@
/usr/share/fontconfig/conf.avail/59-liberation-mono.conf

603
freeipmi/freeipmi.conf Normal file
View File

@@ -0,0 +1,603 @@
#####################################################################################################
#
# FreeIPMI configuration
#
# The FreeIPMI configuration file can be used to set alternate default
# values to many FreeIPMI tools so values don't have to be configured on
# the command line. This allows users to avoid typing in a long list of
# command line options every time a command is executed. It can also be
# used to hide usernames, passwords, and other sensitive information
# from the ps(1) command.
#
# For more information on the fields below, please see the manpage
# freeipmi.conf(5).
#
# Albert Chu
# <chu11 at llnl dot gov>.
#
# P.S. If you configure different values, remember to uncomment the line :-)
#
#####################################################################################################
#
# General Options
#
# The following options are options generally available to all tools,
# although specific options may be ignored by some.
#
# driver-type KCS
#
# disable-auto-probe DISABLE
#
# driver-address 0xCA2
#
# driver-device /my/device/path
#
# register-spacing 1
#
# target-channel-number 0
#
# target-slave-address 0x20
#
# username myusername
#
# password mypassword
#
# k_g mykey
#
## session-timeout specified in milliseconds
# session-timeout 20000
#
## retransmission-timeout specified in milliseconds
# retransmission-timeout 1000
#
# authentication-type MD5
#
# cipher-suite-id 3
#
# privilege-level ADMIN
#
# workaround-flags workaround1 workaround2 workaround3
#
#####################################################################################################
#
# SDR OPTIONS
#
# The following options are specific to tools that use the sensor data
# repository (SDR). They will be ignored by all other tools.
#
# quiet-cache DISABLE
#
# sdr-cache-directory /my/sdr/path
#
#####################################################################################################
#
# TIME OPTIONS
#
# The following options are specific to tools that may output time
# values. They will be ignored by all other tools.
#
# utc-to-localtime DISABLE
#
# localtime-to-utc DISABLE
#
# utc-offset 0
#
#####################################################################################################
#
# HOSTRANGED OPTIONS
#
# The following options are specific to tools that support hostranged
# output. They will be ignored by all other tools.
#
# buffer-output DISABLE
#
# consolidate-output DISABLE
#
# fanout 64
#
# eliminate DISABLE
#
# always-prefix DISABLE
#
#####################################################################################################
#
# BMC-CONFIG OPTIONS
#
# The following options are specific to bmc-config(8). They will be
# ignored by other tools.
#
# bmc-config-username myusername
#
# bmc-config-password mypassword
#
# bmc-config-k_g mykey
#
# bmc-config-authentication-type MD5
#
# bmc-config-cipher-suite-id 3
#
# bmc-config-privilege-level ADMIN
#
# bmc-config-workaround-flags workaround1 workaround2 workaround3
#
# bmc-config-verbose-count 0
#
#####################################################################################################
#
# BMC-DEVICE OPTIONS
#
# The following options are specific to bmc-device(8). They will be
# ignored by other tools.
#
# bmc-device-username myusername
#
# bmc-device-password mypassword
#
# bmc-device-k_g mykey
#
# bmc-device-authentication-type MD5
#
# bmc-device-cipher-suite-id 3
#
# bmc-device-privilege-level ADMIN
#
# bmc-device-workaround-flags workaround1 workaround2 workaround3
#
#####################################################################################################
#
# BMC-INFO OPTIONS
#
# The following options are specific to bmc-info(8). They will be
# ignored by other tools.
#
# bmc-info-username myusername
#
# bmc-info-password mypassword
#
# bmc-info-k_g mykey
#
# bmc-info-authentication-type MD5
#
# bmc-info-cipher-suite-id 3
#
# bmc-info-privilege-level USER
#
# bmc-info-workaround-flags workaround1 workaround2 workaround3
#
# bmc-info-interpret-oem-data DISABLE
#
#####################################################################################################
#
# BMC-WATCHDOG OPTIONS
#
# The following options are specific to bmc-watchdog(8). They will be
# ignored by other tools.
#
# bmc-watchdog-workaround-flags workaround1 workaround2 workaround3
#
# bmc-watchdog-verbose-logging DISABLE
#
# bmc-watchdog-no-logging DISABLE
#
#####################################################################################################
#
# IPMI-CHASSIS OPTIONS
#
# The following options are specific to ipmi-chassis(8). They will be
# ignored by other tools.
#
# ipmi-chassis-username myusername
#
# ipmi-chassis-password mypassword
#
# ipmi-chassis-k_g mykey
#
# ipmi-chassis-authentication-type MD5
#
# ipmi-chassis-cipher-suite-id 3
#
# ipmi-chassis-privilege-level ADMIN
#
# ipmi-chassis-workaround-flags workaround1 workaround2 workaround3
#
#####################################################################################################
#
# IPMI-CHASSIS-CONFIG OPTIONS
#
# The following options are specific to ipmi-chassis-config(8). They will be
# ignored by other tools.
#
# ipmi-chassis-config-username myusername
#
# ipmi-chassis-config-password mypassword
#
# ipmi-chassis-config-k_g mykey
#
# ipmi-chassis-config-authentication-type MD5
#
# ipmi-chassis-config-cipher-suite-id 3
#
# ipmi-chassis-config-privilege-level ADMIN
#
# ipmi-chassis-config-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-chassis-config-verbose-count 0
#
#####################################################################################################
#
# IPMI-DCMI OPTIONS
#
# The following options are specific to ipmi-dcmi(8). They will be
# ignored by other tools.
#
# ipmi-dcmi-username myusername
#
# ipmi-dcmi-password mypassword
#
# ipmi-dcmi-k_g mykey
#
# ipmi-dcmi-authentication-type MD5
#
# ipmi-dcmi-cipher-suite-id 3
#
# ipmi-dcmi-privilege-level ADMIN
#
# ipmi-dcmi-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-dcmi-interpret-oem-data DISABLE
#
#####################################################################################################
#
# IPMI-FRU OPTIONS
#
# The following options are specific to ipmi-fru(8). They will be
# ignored by other tools.
#
# ipmi-fru-username myusername
#
# ipmi-fru-password mypassword
#
# ipmi-fru-k_g mykey
#
# ipmi-fru-authentication-type MD5
#
# ipmi-fru-cipher-suite-id 3
#
# ipmi-fru-privilege-level USER
#
# ipmi-fru-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-fru-verbose-count 0
#
# ipmi-fru-bridge-fru DISABLE
#
# ipmi-fru-interpret-oem-data DISABLE
#
#####################################################################################################
#
# IPMI-OEM OPTIONS
#
# The following options are specific to ipmi-oem(8). They will be
# ignored by other tools.
#
# ipmi-oem-username myusername
#
# ipmi-oem-password mypassword
#
# ipmi-oem-k_g mykey
#
# ipmi-oem-authentication-type MD5
#
# ipmi-oem-cipher-suite-id 3
#
# ipmi-oem-privilege-level ADMIN
#
# ipmi-oem-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-oem-verbose-count 0
#
#####################################################################################################
#
# IPMI-PEF-CONFIG OPTIONS
#
# The following options are specific to ipmi-pef-config(8). They will be
# ignored by other tools.
#
# ipmi-pef-config-username myusername
#
# ipmi-pef-config-password mypassword
#
# ipmi-pef-config-k_g mykey
#
# ipmi-pef-config-authentication-type MD5
#
# ipmi-pef-config-cipher-suite-id 3
#
# ipmi-pef-config-privilege-level ADMIN
#
# ipmi-pef-config-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-pef-config-verbose-count 0
#
#####################################################################################################
#
# IPMI-PET OPTIONS
#
# The following options are specific to ipmi-pet(8). They will be
# ignored by other tools.
#
# ipmi-pet-username myusername
#
# ipmi-pet-password mypassword
#
# ipmi-pet-k_g mykey
#
# ipmi-pet-authentication-type MD5
#
# ipmi-pet-cipher-suite-id 3
#
# ipmi-pet-privilege-level OPERATOR
#
# ipmi-pet-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-pet-verbose-count 0
#
# ipmi-pet-output-event-severity DISABLE
#
# ipmi-pet-output-event-state DISABLE
#
# ipmi-pet-event-state-config-file /my/event.conf
#
# ipmi-pet-interpret-oem-data DISABLE
#
# ipmi-pet-entity-sensor-names DISABLE
#
# ipmi-pet-no-sensor-type-output DISABLE
#
# ipmi-pet-comma-separated-output DISABLE
#
# ipmi-pet-no-header-output DISABLE
#
# ipmi-pet-non-abbreviated-units DISABLE
#
#####################################################################################################
#
# IPMI-RAW OPTIONS
#
# The following options are specific to ipmi-raw(8). They will be
# ignored by other tools.
#
# ipmi-raw-username myusername
#
# ipmi-raw-password mypassword
#
# ipmi-raw-k_g mykey
#
# ipmi-raw-authentication-type MD5
#
# ipmi-raw-cipher-suite-id 3
#
# ipmi-raw-privilege-level ADMIN
#
# ipmi-raw-workaround-flags workaround1 workaround2 workaround3
#
#####################################################################################################
#
# IPMI-SEL OPTIONS
#
# The following options are specific to ipmi-sel(8). They will be
# ignored by other tools.
#
# ipmi-sel-username myusername
#
# ipmi-sel-password mypassword
#
# ipmi-sel-k_g mykey
#
# ipmi-sel-authentication-type MD5
#
# ipmi-sel-cipher-suite-id 3
#
# ipmi-sel-privilege-level OPERATOR
#
# ipmi-sel-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-sel-verbose-count 0
#
# ipmi-sel-sensor-types temperature fan
#
# ipmi-sel-exclude-sensor-types temperature fan
#
# ipmi-sel-system-event-only DISABLE
#
# ipmi-sel-oem-event-only DISABLE
#
# ipmi-sel-output-manufacturer-id DISABLE
#
# ipmi-sel-output-event-state DISABLE
#
# ipmi-sel-event-state-config-file /my/event.conf
#
# ipmi-sel-interpret-oem-data DISABLE
#
# ipmi-sel-output-oem-event-strings DISABLE
#
# ipmi-sel-entity-sensor-names DISABLE
#
# ipmi-sel-no-sensor-type-output DISABLE
#
# ipmi-sel-comma-separated-output DISABLE
#
# ipmi-sel-no-header-output DISABLE
#
# ipmi-sel-non-abbreviated-units DISABLE
#
# ipmi-sel-legacy-output DISABLE
#
#####################################################################################################
#
# IPMI-SENSORS OPTIONS
#
# The following options are specific to ipmi-sensors(8). They will be
# ignored by other tools.
#
# ipmi-sensors-username myusername
#
# ipmi-sensors-password mypassword
#
# ipmi-sensors-k_g mykey
#
# ipmi-sensors-authentication-type MD5
#
# ipmi-sensors-cipher-suite-id 3
#
# ipmi-sensors-privilege-level OPERATOR
#
# ipmi-sensors-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-sensors-verbose-count 0
#
# ipmi-sensors-quiet-readings DISABLE
#
# ipmi-sensors-record-ids 1 2 3 4
#
# ipmi-sensors-exclude-record-ids 1 2 3 4
#
# ipmi-sensors-sensor-types temperature fan
#
# ipmi-sensors-exclude-sensor-types temperature fan
#
# ipmi-sensors-bridge-sensors DISABLE
#
# ipmi-sensors-shared-sensors DISABLE
#
# ipmi-sensors-interpret-oem-data DISABLE
#
# ipmi-sensors-ignore-not-available-sensors DISABLE
#
# ipmi-sensors-ignore-unrecognized-events DISABLE
#
# ipmi-sensors-output-event-bitmask DISABLE
#
# ipmi-sensors-output-sensor-state DISABLE
#
# ipmi-sensors-sensor-state-config-file /my/sensor.conf
#
# ipmi-sensors-entity-sensor-names DISABLE
#
# ipmi-sensors-output-sensor-thresholds DISABLE
#
# ipmi-sensors-no-sensor-type-output DISABLE
#
# ipmi-sensors-comma-separated-output DISABLE
#
# ipmi-sensors-no-header-output DISABLE
#
# ipmi-sensors-non-abbreviated-units DISABLE
#
# ipmi-sensors-legacy-output DISABLE
#
# ipmi-sensors-ipmimonitoring-legacy-output DISABLE
#
#####################################################################################################
#
# IPMI-SENSORS-CONFIG OPTIONS
#
# The following options are specific to ipmi-sensors-config(8). They will be
# ignored by other tools.
#
# ipmi-sensors-config-username myusername
#
# ipmi-sensors-config-password mypassword
#
# ipmi-sensors-config-k_g mykey
#
# ipmi-sensors-config-authentication-type MD5
#
# ipmi-sensors-config-cipher-suite-id 3
#
# ipmi-sensors-config-privilege-level OPERATOR
#
# ipmi-sensors-config-workaround-flags workaround1 workaround2 workaround3
#
# ipmi-sensors-config-verbose-count 0
#
#####################################################################################################
#
# IPMICONSOLE OPTIONS
#
# The following options are specific to ipmiconsole(8). They will be
# ignored by other tools.
#
# ipmiconsole-username myusername
#
# ipmiconsole-password mypassword
#
# ipmiconsole-k_g mykey
#
# ipmiconsole-authentication-type MD5
#
# ipmiconsole-cipher-suite-id 3
#
# ipmiconsole-privilege-level ADMIN
#
# ipmiconsole-workaround-flags workaround1 workaround2 workaround3
#
# ipmiconsole-escape-char &
#
# ipmiconsole-dont-steal DISABLE
#
# ipmiconsole-serial-keepalive DISABLE
#
# ipmiconsole-serial-keepalive-empty DISABLE
#
# ipmiconsole-lock-memory DISABLE
#
#####################################################################################################
#
# IPMIPOWER OPTIONS
#
# The following options are specific to ipmipower(8). They will be
# ignored by other tools.
#
# ipmipower-username myusername
#
# ipmipower-password mypassword
#
# ipmipower-k_g mykey
#
# ipmipower-authentication-type MD5
#
# ipmipower-cipher-suite-id 3
#
# ipmipower-privilege-level OPERATOR
#
# ipmipower-workaround-flags workaround1 workaround2 workaround3
#
# ipmipower-on-if-off DISABLE
#
# ipmipower-wait-until-on DISABLE
#
# ipmipower-wait-until-off DISABLE
#
# ipmipower-oem-power-type oem-power-type
#
## ipmipower-retransmission-wait-timeout specified in milliseconds
# ipmipower-retransmission-wait-timeout 500
#
# ipmipower-retransmission-backoff-count 8
#
## ipmipower-ping-interval specified in milliseconds
# ipmipower-ping-interval 5000
#
## ipmipower-ping-timeout specified in milliseconds
# ipmipower-ping-timeout 30000
#
# ipmipower-ping-packet-count 10
#
## ipmipower-ping-percent specified in integer percentage
# ipmipower-ping-percent 50
#
# ipmipower-ping-consec-count 5
#
#####################################################################################################

1079
freeipmi/freeipmi_interpret_sel.conf Normal file
View File

File diff suppressed because it is too large Load Diff

1086
freeipmi/freeipmi_interpret_sensor.conf Normal file
View File

File diff suppressed because it is too large Load Diff

16
freeipmi/ipmidetect.conf Normal file
View File

@@ -0,0 +1,16 @@
##########################################################################################################
#
# IPMIdetect configuration file.
#
# For more information on the fields below, please see the manpage
# ipmidetect.conf(5).
#
# P.S. If you configure different values, remember to uncomment the line :-)
#
##########################################################################################################
#
# hostnames <host1> <host2> <host3> ...
#
# port <num>
#
# timeout_len <seconds>

73
freeipmi/libipmiconsole.conf Normal file
View File

@@ -0,0 +1,73 @@
##########################################################################################################
#
# Libipmiconsole defaults
#
# This configuration file defines a number of defaults for the
# libipmiconsole library. The configuration of these defaults may be
# useful for environments in which programs link to libipmiconsole but
# do not support configuration of libipmiconsole parameters. For more
# detailed descriptions and configuration information see
# libipmiconsole.conf(5) or ipmiconsole.h.
#
# If you configure different values, remember to uncomment the line :-)
#
##########################################################################################################
#
## Context IPMI Config
##
## Every SOL session is housed within an libipmiconsole context. The
## following defines IPMI config default values for each context
## created.
#
# libipmiconsole-context-username myusername
#
# libipmiconsole-context-password mypassword
#
# libipmiconsole-context-k_g mykey
#
# libipmiconsole-context-privilege-level ADMIN
#
# libipmiconsole-context-cipher-suite-id 3
#
# libipmiconsole-context-workaround-flags workaround1 workaround2
#
##########################################################################################################
#
## Context Protocol Config
##
## Every SOL session is housed within an libipmiconsole context. The
## following defines protocol config default values for each context
## created.
#
# libipmiconsole-context-session-timeout-len 60000
#
# libipmiconsole-context-retransmission-timeout-len 500
#
# libipmiconsole-context-retransmission-backoff-count 2
#
# libipmiconsole-context-keepalive-timeout-len 20000
#
# libipmiconsole-context-retransmission-keepalive-timeout-len 5000
#
# libipmiconsole-context-acceptable-packet-errors-count 16
#
# libipmiconsole-context-maximum-retransmission-count 16
#
##########################################################################################################
#
## Context Engine Config
##
## Every SOL session is housed within an libipmiconsole context. The
## following defines engine config default values for each context
## created. Knowledge of the libipmiconsole library may be necessary
## to understand the meaning of these settings. Please see the
## ipmiconsole.h header file for additional information on the
## library.
#
# libipmiconsole-context-engine-flags flag1 flag2
#
# libipmiconsole-context-behavior-flags flag1 flag2
#
# libipmiconsole-context-debug-flags flag1 flag2
#
##########################################################################################################

1
group
View File

@@ -112,3 +112,4 @@ _imunify:x:953:
linksafe:x:952:
imunify360-webshield:x:951:
rnd:x:1024:
avahi:x:70:

1
group-
View File

@@ -111,3 +111,4 @@ netdata:x:954:
_imunify:x:953:
linksafe:x:952:
imunify360-webshield:x:951:
rnd:x:1024:

1
gshadow
View File

@@ -112,3 +112,4 @@ _imunify:!::
linksafe:!::
imunify360-webshield:!::
rnd:!::
avahi:!::

1
gshadow-
View File

@@ -111,3 +111,4 @@ netdata:!::
_imunify:!::
linksafe:!::
imunify360-webshield:!::
rnd:!::

5
logrotate.d/cups Normal file
View File

@@ -0,0 +1,5 @@
/var/log/cups/*_log {
missingok
notifempty
sharedscripts
}

4
pam.d/cups Normal file
View File

@@ -0,0 +1,4 @@
#%PAM-1.0
# Use password-auth common PAM configuration for the daemon
auth include password-auth
account include password-auth

1
passwd
View File

@@ -83,3 +83,4 @@ _imunify:x:957:953::/home/_imunify:/bin/false
imunify360-webshield:x:956:951:imunify360-webshield user:/var/cache/imunify360-webshield:/sbin/nologin
ossec:x:955:957::/var/ossec:/sbin/nologin
rnd:x:1024:1024::/home/rnd:/bin/bash
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin

1
passwd-
View File

@@ -82,3 +82,4 @@ netdata:x:958:954:Netdata pseudo user:/usr/share/netdata:/sbin/nologin
_imunify:x:957:953::/home/_imunify:/bin/false
imunify360-webshield:x:956:951:imunify360-webshield user:/var/cache/imunify360-webshield:/sbin/nologin
ossec:x:955:957::/var/ossec:/sbin/nologin
rnd:x:1024:1024::/home/rnd:/bin/bash

1
shadow
View File

@@ -83,3 +83,4 @@ _imunify:!!:19397::::::
imunify360-webshield:!!:19397::::::
ossec:!!:19397::::::
rnd:!!:19502:0:99999:7:30::
avahi:!!:19516::::::

1
shadow-
View File

@@ -82,3 +82,4 @@ netdata:!!:19381::::::
_imunify:!!:19397::::::
imunify360-webshield:!!:19397::::::
ossec:!!:19397::::::
rnd:!!:19502:0:99999:7:30::

2
ssh/sshrc
View File

@@ -21,7 +21,7 @@ pagerduty() {
if [[ "$USER" == "laser" || "$USER" == "madalin" || "$USER" == "smiti" ]]
then
pagerduty
#pagerduty
log_ssh_login
else
log_ssh_login

1
systemd/system/dbus-org.freedesktop.Avahi.service Symbolic link
View File

@@ -0,0 +1 @@
/usr/lib/systemd/system/avahi-daemon.service

1
systemd/system/multi-user.target.wants/avahi-daemon.service Symbolic link
View File

@@ -0,0 +1 @@
/usr/lib/systemd/system/avahi-daemon.service

1
systemd/system/multi-user.target.wants/cups.path Symbolic link
View File

@@ -0,0 +1 @@
/usr/lib/systemd/system/cups.path

1
systemd/system/multi-user.target.wants/cups.service Symbolic link
View File

@@ -0,0 +1 @@
/usr/lib/systemd/system/cups.service

1
systemd/system/printer.target.wants/cups.service Symbolic link
View File

@@ -0,0 +1 @@
/usr/lib/systemd/system/cups.service

1
systemd/system/sockets.target.wants/avahi-daemon.socket Symbolic link
View File

@@ -0,0 +1 @@
/usr/lib/systemd/system/avahi-daemon.socket

1
systemd/system/sockets.target.wants/cups.socket Symbolic link
View File

@@ -0,0 +1 @@
/usr/lib/systemd/system/cups.socket

29
yum.repos.d/crowdsec_crowdsec.repo Normal file
View File

@@ -0,0 +1,29 @@
[crowdsec_crowdsec]
name=crowdsec_crowdsec
baseurl=https://packagecloud.io/crowdsec/crowdsec/el/8/$basearch
repo_gpgcheck=0
gpgcheck=1
enabled=1
gpgkey=https://packagecloud.io/crowdsec/crowdsec/gpgkey
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-B78D1222C9AD2D5D.pub.gpg
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-EDE2C695EC9A5A5C.pub.gpg
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-C822EDD6B39954A1.pub.gpg
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-FED78314A2468CCF.pub.gpg
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[crowdsec_crowdsec-source]
name=crowdsec_crowdsec-source
baseurl=https://packagecloud.io/crowdsec/crowdsec/el/8/SRPMS
repo_gpgcheck=0
gpgcheck=1
enabled=1
gpgkey=https://packagecloud.io/crowdsec/crowdsec/gpgkey
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-B78D1222C9AD2D5D.pub.gpg
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-EDE2C695EC9A5A5C.pub.gpg
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-C822EDD6B39954A1.pub.gpg
https://packagecloud.io/crowdsec/crowdsec/gpgkey/crowdsec-crowdsec-FED78314A2468CCF.pub.gpg
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300