bogdan/zira-etc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit.

Browse Source
This commit is contained in:
Bogdan Stoica
2021-05-24 22:18:33 +03:00
commit e2954d55f4
3701 changed files with 330017 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
rc.d/init.d/README Normal file
View File

@@ -0,0 +1,27 @@
You are looking for the traditional init scripts in /etc/rc.d/init.d,
and they are gone?
Here's an explanation on what's going on:
You are running a systemd-based OS where traditional init scripts have
been replaced by native systemd services files. Service files provide
very similar functionality to init scripts. To make use of service
files simply invoke "systemctl", which will output a list of all
currently running services (and other units). Use "systemctl
list-unit-files" to get a listing of all known unit files, including
stopped, disabled and masked ones. Use "systemctl start
foobar.service" and "systemctl stop foobar.service" to start or stop a
service, respectively. For further details, please refer to
systemctl(1).
Note that traditional init scripts continue to function on a systemd
system. An init script /etc/rc.d/init.d/foobar is implicitly mapped
into a service unit foobar.service during system initialization.
Thank you!
Further reading:
man:systemctl(1)
man:systemd(1)
http://0pointer.de/blog/projects/systemd-for-admins-3.html
https://www.freedesktop.org/wiki/Software/systemd/Incompatibilities

93
rc.d/init.d/bestcrypt Executable file
View File

@@ -0,0 +1,93 @@
#!/bin/sh
# Copyright 2010-2016 Jetico Inc. Oy
# All rights reserved.
# chkconfig: 345 99 01
# description: BestCrypt for Linux
#
### BEGIN INIT INFO
# Provides: bestcrypt
# Required-Start: dkms
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: BestCrypt for Linux
# Description: BestCrypt for Linux
### END INIT INFO
KERNEL_VERSION=`uname -r|sed 's/\(.\..\).*/\1/'`
case "$1" in
start)
echo "Starting BestCrypt..."
rm -rf /dev/bcrypt?* 2>/dev/null
depmod -a
modprobe bestcrypt
modprobe bc_blowfish
modprobe bc_des
modprobe bc_gost
modprobe bc_camellia
modprobe bc_twofish
modprobe bc_bf448
modprobe bc_bf128
modprobe bc_3des
modprobe bc_idea
modprobe bc_rijn
modprobe bc_cast
modprobe bc_serpent
modprobe bc_rc6
#modprobe bc_noop
echo "Started."
;;
stop)
echo "Stopping BestCrypt..."
if bctool is_guard_on ; then
echo "on" > "$HOME"/.config/Jetico/guard_status
else
echo "off" > "$HOME"/.config/Jetico/guard_status
fi
bctool umountall
for i in `lsmod | egrep "^\"?bc_.*\"?" | awk '{print $1}' `; do
rmmod $i;
done
rmmod bestcrypt
echo "Stopped."
;;
status)
if [ -f /sys/class/misc/bestcrypt ] ; then
echo "BestCrypt driver is loaded. List of loaded algorithms:\n"
ls /sys/class/misc/bectcrypt/plugins
else
echo "SysFS entry unavailable, possibly driver is not running."
fi
if bctool is_guard_on ; then
echo "BestCrypt container file guard is on"
fi
;;
restart)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0

127
rc.d/init.d/falco Executable file
View File

@@ -0,0 +1,127 @@
#!/bin/sh
#
# Copyright (C) 2019 The Falco Authors.
#
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# falco syscall monitoring agent
#
# chkconfig: 2345 55 45
# description: Falco syscall monitoring agent
#
### BEGIN INIT INFO
# Provides:
# Required-Start:
# Required-Stop:
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop:
# Short-Description:
# Description:
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/bin/falco"
prog="falco"
# config="<path to major config file>"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/$prog
pidfile="/var/run/falco.pid"
start() {
[ -x $exec ] || exit 5
# [ -f $config ] || exit 6
echo -n $"Starting $prog: "
daemon $exec --daemon --pidfile=$pidfile
if [ ! -d /sys/module/falco ]; then
/sbin/modprobe falco || return $?
fi
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $pidfile
retval=$?
echo
/sbin/rmmod falco
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
status -p $pidfile $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?

709
rc.d/init.d/functions Normal file
View File

@@ -0,0 +1,709 @@
# -*-Shell-script-*-
#
# functions This file contains functions to be used by most or all
# shell scripts in the /etc/init.d directory.
#
TEXTDOMAIN=initscripts
# Make sure umask is sane
umask 027
# Set up a default search path.
PATH="/sbin:/usr/sbin:/bin:/usr/bin"
export PATH
if [ $PPID -ne 1 -a -z "$SYSTEMCTL_SKIP_REDIRECT" ] && \
[ -d /run/systemd/system ] ; then
case "$0" in
/etc/init.d/*|/etc/rc.d/init.d/*)
_use_systemctl=1
;;
esac
fi
systemctl_redirect () {
local s
local prog=${1##*/}
local command=$2
local options=""
case "$command" in
start)
s=$"Starting $prog (via systemctl): "
;;
stop)
s=$"Stopping $prog (via systemctl): "
;;
reload|try-reload)
s=$"Reloading $prog configuration (via systemctl): "
;;
restart|try-restart|condrestart)
s=$"Restarting $prog (via systemctl): "
;;
esac
if [ -n "$SYSTEMCTL_IGNORE_DEPENDENCIES" ] ; then
options="--ignore-dependencies"
fi
if ! systemctl show "$prog.service" > /dev/null 2>&1 || \
systemctl show -p LoadState "$prog.service" | grep -q 'not-found' ; then
action $"Reloading systemd: " /bin/systemctl daemon-reload
fi
action "$s" /bin/systemctl $options $command "$prog.service"
}
# Get a sane screen width
[ -z "${COLUMNS:-}" ] && COLUMNS=80
# Read in our configuration
if [ -z "${BOOTUP:-}" ]; then
if [ -f /etc/sysconfig/init ]; then
. /etc/sysconfig/init
else
# verbose ->> very (very!) old bootup look (prior to RHL-6.0?)
# color ->> default bootup look
# other ->> default bootup look without ANSI colors or positioning
BOOTUP=color
# Column to start "[ OK ]" label in:
RES_COL=60
# terminal sequence to move to that column:
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
# Terminal sequence to set color to a 'success' (bright green):
SETCOLOR_SUCCESS="echo -en \\033[1;32m"
# Terminal sequence to set color to a 'failure' (bright red):
SETCOLOR_FAILURE="echo -en \\033[1;31m"
# Terminal sequence to set color to a 'warning' (bright yellow):
SETCOLOR_WARNING="echo -en \\033[1;33m"
# Terminal sequence to reset to the default color:
SETCOLOR_NORMAL="echo -en \\033[0;39m"
# Verbosity of logging:
LOGLEVEL=1
fi
# NOTE: /dev/ttyS* is serial console. "not a tty" is such as
# /dev/null associated when executed under systemd service units.
if LANG=C tty | grep --quiet -e '\(/dev/ttyS\|not a tty\)'; then
BOOTUP=serial
MOVE_TO_COL=
SETCOLOR_SUCCESS=
SETCOLOR_FAILURE=
SETCOLOR_WARNING=
SETCOLOR_NORMAL=
fi
fi
# Check if any of $pid (could be plural) are running
checkpid() {
local i
for i in $* ; do
[ -d "/proc/$i" ] && return 0
done
return 1
}
__kill_pids_term_kill_checkpids() {
local base_stime=$1
shift 1
local pid=
local pids=$*
local remaining=
local stat=
local stime=
for pid in $pids ; do
[ ! -e "/proc/$pid" ] && continue
read -r line < "/proc/$pid/stat" 2> /dev/null
stat=($line)
stime=${stat[21]}
[ -n "$stime" ] && [ "$base_stime" -lt "$stime" ] && continue
remaining+="$pid "
done
echo "$remaining"
[ -n "$remaining" ] && return 1
return 0
}
__kill_pids_term_kill() {
local try=0
local delay=3;
local pid=
local stat=
local base_stime=
# We can't initialize stat & base_stime on the same line where 'local'
# keyword is, otherwise the sourcing of this file will fail for ksh...
stat=($(< /proc/self/stat))
base_stime=${stat[21]}
if [ "$1" = "-d" ]; then
delay=$2
shift 2
fi
local kill_list=$*
kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list)
[ -z "$kill_list" ] && return 0
kill -TERM $kill_list >/dev/null 2>&1
sleep 0.1
kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list)
if [ -n "$kill_list" ] ; then
while [ $try -lt $delay ] ; do
sleep 1
kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list)
[ -z "$kill_list" ] && break
let try+=1
done
if [ -n "$kill_list" ] ; then
kill -KILL $kill_list >/dev/null 2>&1
sleep 0.1
kill_list=$(__kill_pids_term_kill_checkpids $base_stime $kill_list)
fi
fi
[ -n "$kill_list" ] && return 1
return 0
}
# __proc_pids {program} [pidfile]
# Set $pid to pids from /run* for {program}. $pid should be declared
# local in the caller.
# Returns LSB exit code for the 'status' action.
__pids_var_run() {
local base=${1##*/}
local pid_file=${2:-/run/$base.pid}
local pid_dir=$(/usr/bin/dirname $pid_file > /dev/null)
local binary=$3
[ -d "$pid_dir" ] && [ ! -r "$pid_dir" ] && return 4
pid=
if [ -f "$pid_file" ] ; then
local line p
[ ! -r "$pid_file" ] && return 4 # "user had insufficient privilege"
while : ; do
read line
[ -z "$line" ] && break
for p in $line ; do
if [ -z "${p//[0-9]/}" ] && [ -d "/proc/$p" ] ; then
if [ -n "$binary" ] ; then
local b=$(readlink /proc/$p/exe | sed -e 's/\s*(deleted)$//')
[ "$b" != "$binary" ] && continue
fi
pid="$pid $p"
fi
done
done < "$pid_file"
if [ -n "$pid" ]; then
return 0
fi
return 1 # "Program is dead and /run pid file exists"
fi
return 3 # "Program is not running"
}
# Output PIDs of matching processes, found using pidof
__pids_pidof() {
pidof -c -o $$ -o $PPID -o %PPID -x "$1" || \
pidof -c -o $$ -o $PPID -o %PPID -x "${1##*/}"
}
# A function to start a program.
daemon() {
# Test syntax.
local gotbase= force= nicelevel corelimit
local pid base= user= nice= bg= pid_file=
local cgroup=
nicelevel=0
while [ "$1" != "${1##[-+]}" ]; do
case $1 in
'')
echo $"$0: Usage: daemon [+/-nicelevel] {program}" "[arg1]..."
return 1
;;
--check)
base=$2
gotbase="yes"
shift 2
;;
--check=?*)
base=${1#--check=}
gotbase="yes"
shift
;;
--user)
user=$2
shift 2
;;
--user=?*)
user=${1#--user=}
shift
;;
--pidfile)
pid_file=$2
shift 2
;;
--pidfile=?*)
pid_file=${1#--pidfile=}
shift
;;
--force)
force="force"
shift
;;
[-+][0-9]*)
nice="nice -n $1"
shift
;;
*)
echo $"$0: Usage: daemon [+/-nicelevel] {program}" "[arg1]..."
return 1
;;
esac
done
# Save basename.
[ -z "$gotbase" ] && base=${1##*/}
# See if it's already running. Look *only* at the pid file.
__pids_var_run "$base" "$pid_file"
[ -n "$pid" -a -z "$force" ] && return
# make sure it doesn't core dump anywhere unless requested
corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}"
# if they set NICELEVEL in /etc/sysconfig/foo, honor it
[ -n "${NICELEVEL:-}" ] && nice="nice -n $NICELEVEL"
# if they set CGROUP_DAEMON in /etc/sysconfig/foo, honor it
if [ -n "${CGROUP_DAEMON}" ]; then
if [ ! -x /bin/cgexec ]; then
echo -n "Cgroups not installed"; warning
echo
else
cgroup="/bin/cgexec";
for i in $CGROUP_DAEMON; do
cgroup="$cgroup -g $i";
done
fi
fi
# Echo daemon
[ "${BOOTUP:-}" = "verbose" -a -z "${LSB:-}" ] && echo -n " $base"
# And start it up.
if [ -z "$user" ]; then
$cgroup $nice /bin/bash -c "$corelimit >/dev/null 2>&1 ; $*"
else
$cgroup $nice runuser -s /bin/bash $user -c "$corelimit >/dev/null 2>&1 ; $*"
fi
[ "$?" -eq 0 ] && success $"$base startup" || failure $"$base startup"
}
# A function to stop a program.
killproc() {
local RC killlevel= base pid pid_file= delay try binary=
RC=0; delay=3; try=0
# Test syntax.
if [ "$#" -eq 0 ]; then
echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]"
return 1
fi
if [ "$1" = "-p" ]; then
pid_file=$2
shift 2
fi
if [ "$1" = "-b" ]; then
if [ -z $pid_file ]; then
echo $"-b option can be used only with -p"
echo $"Usage: killproc -p pidfile -b binary program"
return 1
fi
binary=$2
shift 2
fi
if [ "$1" = "-d" ]; then
delay=$(echo $2 | awk -v RS=' ' -v IGNORECASE=1 '{if($1!~/^[0-9.]+[smhd]?$/) exit 1;d=$1~/s$|^[0-9.]*$/?1:$1~/m$/?60:$1~/h$/?60*60:$1~/d$/?24*60*60:-1;if(d==-1) exit 1;delay+=d*$1} END {printf("%d",delay+0.5)}')
if [ "$?" -eq 1 ]; then
echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]"
return 1
fi
shift 2
fi
# check for second arg to be kill level
[ -n "${2:-}" ] && killlevel=$2
# Save basename.
base=${1##*/}
# Find pid.
__pids_var_run "$1" "$pid_file" "$binary"
RC=$?
if [ -z "$pid" ]; then
if [ -z "$pid_file" ]; then
pid="$(__pids_pidof "$1")"
else
[ "$RC" = "4" ] && { failure $"$base shutdown" ; return $RC ;}
fi
fi
# Kill it.
if [ -n "$pid" ] ; then
[ "$BOOTUP" = "verbose" -a -z "${LSB:-}" ] && echo -n "$base "
if [ -z "$killlevel" ] ; then
__kill_pids_term_kill -d $delay $pid
RC=$?
[ "$RC" -eq 0 ] && success $"$base shutdown" || failure $"$base shutdown"
# use specified level only
else
if checkpid $pid; then
kill $killlevel $pid >/dev/null 2>&1
RC=$?
[ "$RC" -eq 0 ] && success $"$base $killlevel" || failure $"$base $killlevel"
elif [ -n "${LSB:-}" ]; then
RC=7 # Program is not running
fi
fi
else
if [ -n "${LSB:-}" -a -n "$killlevel" ]; then
RC=7 # Program is not running
else
failure $"$base shutdown"
RC=0
fi
fi
# Remove pid file if any.
if [ -z "$killlevel" ]; then
rm -f "${pid_file:-/run/$base.pid}"
fi
return $RC
}
# A function to find the pid of a program. Looks *only* at the pidfile
pidfileofproc() {
local pid
# Test syntax.
if [ "$#" = 0 ] ; then
echo $"Usage: pidfileofproc {program}"
return 1
fi
__pids_var_run "$1"
[ -n "$pid" ] && echo $pid
return 0
}
# A function to find the pid of a program.
pidofproc() {
local RC pid pid_file=
# Test syntax.
if [ "$#" = 0 ]; then
echo $"Usage: pidofproc [-p pidfile] {program}"
return 1
fi
if [ "$1" = "-p" ]; then
pid_file=$2
shift 2
fi
fail_code=3 # "Program is not running"
# First try "/run/*.pid" files
__pids_var_run "$1" "$pid_file"
RC=$?
if [ -n "$pid" ]; then
echo $pid
return 0
fi
[ -n "$pid_file" ] && return $RC
__pids_pidof "$1" || return $RC
}
status() {
local base pid lock_file= pid_file= binary=
# Test syntax.
if [ "$#" = 0 ] ; then
echo $"Usage: status [-p pidfile] {program}"
return 1
fi
if [ "$1" = "-p" ]; then
pid_file=$2
shift 2
fi
if [ "$1" = "-l" ]; then
lock_file=$2
shift 2
fi
if [ "$1" = "-b" ]; then
if [ -z $pid_file ]; then
echo $"-b option can be used only with -p"
echo $"Usage: status -p pidfile -b binary program"
return 1
fi
binary=$2
shift 2
fi
base=${1##*/}
if [ "$_use_systemctl" = "1" ]; then
systemctl status ${0##*/}.service
ret=$?
# LSB daemons that dies abnormally in systemd looks alive in systemd's eyes due to RemainAfterExit=yes
# lets adjust the reality a little bit
if systemctl show -p ActiveState ${0##*/}.service | grep -q '=active$' && \
systemctl show -p SubState ${0##*/}.service | grep -q '=exited$' ; then
ret=3
fi
return $ret
fi
# First try "pidof"
__pids_var_run "$1" "$pid_file" "$binary"
RC=$?
if [ -z "$pid_file" -a -z "$pid" ]; then
pid="$(__pids_pidof "$1")"
fi
if [ -n "$pid" ]; then
echo $"${base} (pid $pid) is running..."
return 0
fi
case "$RC" in
0)
echo $"${base} (pid $pid) is running..."
return 0
;;
1)
echo $"${base} dead but pid file exists"
return 1
;;
4)
echo $"${base} status unknown due to insufficient privileges."
return 4
;;
esac
if [ -z "${lock_file}" ]; then
lock_file=${base}
fi
# See if /var/lock/subsys/${lock_file} exists
if [ -f /var/lock/subsys/${lock_file} ]; then
echo $"${base} dead but subsys locked"
return 2
fi
echo $"${base} is stopped"
return 3
}
echo_success() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_SUCCESS
echo -n $" OK "
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 0
}
echo_failure() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_FAILURE
echo -n $"FAILED"
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 1
}
echo_passed() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
echo -n $"PASSED"
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 1
}
echo_warning() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
echo -n $"WARNING"
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 1
}
# Inform the graphical boot of our current state
update_boot_stage() {
if [ -x /bin/plymouth ]; then
/bin/plymouth --update="$1"
fi
return 0
}
# Log that something succeeded
success() {
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_success
return 0
}
# Log that something failed
failure() {
local rc=$?
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_failure
[ -x /bin/plymouth ] && /bin/plymouth --details
return $rc
}
# Log that something passed, but may have had errors. Useful for fsck
passed() {
local rc=$?
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_passed
return $rc
}
# Log a warning
warning() {
local rc=$?
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_warning
return $rc
}
# Run some action. Log its output.
action() {
local STRING rc
STRING=$1
echo -n "$STRING "
shift
"$@" && success $"$STRING" || failure $"$STRING"
rc=$?
echo
return $rc
}
# returns OK if $1 contains $2
strstr() {
[ "${1#*$2*}" = "$1" ] && return 1
return 0
}
# Check whether file $1 is a backup or rpm-generated file and should be ignored
is_ignored_file() {
case "$1" in
*~ | *.bak | *.old | *.orig | *.rpmnew | *.rpmorig | *.rpmsave)
return 0
;;
esac
return 1
}
# Convert the value ${1} of time unit ${2}-seconds into seconds:
convert2sec() {
local retval=""
case "${2}" in
deci) retval=$(awk "BEGIN {printf \"%.1f\", ${1} / 10}") ;;
centi) retval=$(awk "BEGIN {printf \"%.2f\", ${1} / 100}") ;;
mili) retval=$(awk "BEGIN {printf \"%.3f\", ${1} / 1000}") ;;
micro) retval=$(awk "BEGIN {printf \"%.6f\", ${1} / 1000000}") ;;
nano) retval=$(awk "BEGIN {printf \"%.9f\", ${1} / 1000000000}") ;;
piko) retval=$(awk "BEGIN {printf \"%.12f\", ${1} / 1000000000000}") ;;
esac
echo "${retval}"
}
# Evaluate shvar-style booleans
is_true() {
case "$1" in
[tT] | [yY] | [yY][eE][sS] | [oO][nN] | [tT][rR][uU][eE] | 1)
return 0
;;
esac
return 1
}
# Evaluate shvar-style booleans
is_false() {
case "$1" in
[fF] | [nN] | [nN][oO] | [oO][fF][fF] | [fF][aA][lL][sS][eE] | 0)
return 0
;;
esac
return 1
}
# Apply sysctl settings, including files in /etc/sysctl.d
apply_sysctl() {
if [ -x /lib/systemd/systemd-sysctl ]; then
/lib/systemd/systemd-sysctl
else
for file in /usr/lib/sysctl.d/*.conf ; do
is_ignored_file "$file" && continue
[ -f /run/sysctl.d/${file##*/} ] && continue
[ -f /etc/sysctl.d/${file##*/} ] && continue
test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
done
for file in /run/sysctl.d/*.conf ; do
is_ignored_file "$file" && continue
[ -f /etc/sysctl.d/${file##*/} ] && continue
test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
done
for file in /etc/sysctl.d/*.conf ; do
is_ignored_file "$file" && continue
test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
done
sysctl -e -p /etc/sysctl.conf >/dev/null 2>&1
fi
}
# A sed expression to filter out the files that is_ignored_file recognizes
__sed_discard_ignored_files='/\(~\|\.bak\|\.old\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
if [ "$_use_systemctl" = "1" ]; then
if [ "x$1" = xstart -o \
"x$1" = xstop -o \
"x$1" = xrestart -o \
"x$1" = xreload -o \
"x$1" = xtry-restart -o \
"x$1" = xforce-reload -o \
"x$1" = xcondrestart ] ; then
systemctl_redirect $0 $1
exit $?
fi
fi
strstr "$(cat /proc/cmdline)" "rc.debug" && set -x
return 0

268
rc.d/init.d/network Executable file
View File

@@ -0,0 +1,268 @@
#! /bin/bash
#
# network Bring up/down networking
#
# chkconfig: - 10 90
# description: Activates/Deactivates all network interfaces configured to \
# start at boot time.
#
### BEGIN INIT INFO
# Provides: $network
# Should-Start: iptables ip6tables NetworkManager-wait-online NetworkManager $network-pre
# Short-Description: Bring up/down networking
# Description: Bring up/down networking
### END INIT INFO
# Source function library.
. /etc/init.d/functions
if [ ! -f /etc/sysconfig/network ]; then
exit 6
fi
. /etc/sysconfig/network
if [ -f /etc/sysconfig/pcmcia ]; then
. /etc/sysconfig/pcmcia
fi
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 6
# if the ip configuration utility isn't around we can't function.
[ -x /sbin/ip ] || exit 1
CWD=$(pwd)
cd /etc/sysconfig/network-scripts
. ./network-functions
# find all the interfaces besides loopback.
# ignore aliases, alternative configurations, and editor backup files
interfaces=$(ls ifcfg-* | \
LC_ALL=C sed -e "$__sed_discard_ignored_files" \
-e '/\(ifcfg-lo$\|:\|ifcfg-.*-range\)/d' \
-e '{ s/^ifcfg-//g;s/[0-9]/ &/}' | \
LC_ALL=C sort -k 1,1 -k 2n | \
LC_ALL=C sed 's/ //')
rc=0
if ! [ -f /etc/sysconfig/disable-deprecation-warnings ]; then
net_log $"You are using 'network' service provided by 'network-scripts', which are now deprecated." warning network >&2
net_log $"'network-scripts' will be removed in one of the next major releases of RHEL." warning network >&2
net_log $"It is advised to switch to 'NetworkManager' instead for network management." warning network >&2
# This disables additional warnings during the boot process:
export DEPRECATION_WARNING_ISSUED='true'
fi
# See how we were called.
case "$1" in
start)
[ "$EUID" != "0" ] && exit 4
rc=0
# IPv6 hook (pre IPv4 start)
if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then
/etc/sysconfig/network-scripts/init.ipv6-global start pre
fi
apply_sysctl
#tell NM to reload its configuration
if [ "$(LANG=C nmcli -t --fields running general status 2>/dev/null)" = "running" ]; then
nmcli connection reload
fi
# bring up loopback interface
action $"Bringing up loopback interface: " ./ifup ifcfg-lo
case "$VLAN" in
yes)
if [ ! -d /proc/net/vlan ] && ! modprobe 8021q >/dev/null 2>&1 ; then
net_log $"No 802.1Q VLAN support available in kernel."
fi
;;
esac
vlaninterfaces=""
vpninterfaces=""
xdslinterfaces=""
bridgeinterfaces=""
# bring up all other interfaces configured to come up at boot time
for i in $interfaces; do
unset DEVICE TYPE SLAVE NM_CONTROLLED
eval $(LANG=C grep -F "DEVICE=" ifcfg-$i)
eval $(LANG=C grep -F "TYPE=" ifcfg-$i)
eval $(LANG=C grep -F "SLAVE=" ifcfg-$i)
eval $(LANG=C grep -F "NM_CONTROLLED=" ifcfg-$i)
if [ -z "$DEVICE" ] ; then DEVICE="$i"; fi
if [ "$SLAVE" = "yes" ] && ( ! is_nm_running || is_false $NM_CONTROLLED ) ; then
continue
fi
if [ "${DEVICE##cipcb}" != "$DEVICE" ] ; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "$TYPE" = "xDSL" -o "$TYPE" = "Modem" ]; then
xdslinterfaces="$xdslinterfaces $i"
continue
fi
if [ "$TYPE" = "Bridge" ]; then
bridgeinterfaces="$bridgeinterfaces $i"
continue
fi
if [ "$TYPE" = "IPSEC" ] || [ "$TYPE" = "IPIP" ] || [ "$TYPE" = "GRE" ]; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "${DEVICE%%.*}" != "$DEVICE" -o "${DEVICE##vlan}" != "$DEVICE" ] ; then
vlaninterfaces="$vlaninterfaces $i"
continue
fi
if ( . ./ifcfg-"$i" ; is_false "$ONBOOT" ) ; then
# this loads the module, to preserve ordering
is_available $i
continue
fi
action $"Bringing up interface $i: " ./ifup $i boot
[ $? -ne 0 ] && rc=1
done
# Bring up xDSL and VPN interfaces
for i in $vlaninterfaces $bridgeinterfaces $xdslinterfaces $vpninterfaces ; do
if ( . ./ifcfg-"$i" ; ! is_false "$ONBOOT" ) ; then
action $"Bringing up interface $i: " ./ifup $i boot
[ $? -ne 0 ] && rc=1
fi
done
# Add non interface-specific static-routes.
if [ -f /etc/sysconfig/static-routes ]; then
if [ -x /sbin/route ]; then
grep "^any" /etc/sysconfig/static-routes | while read ignore args ; do
/sbin/route add -$args
done
else
net_log $"Legacy static-route support not available: /sbin/route not found"
fi
fi
# IPv6 hook (post IPv4 start)
if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then
/etc/sysconfig/network-scripts/init.ipv6-global start post
fi
# Run this again to catch any interface-specific actions
apply_sysctl
touch /var/lock/subsys/network
[ -n "${NETWORKDELAY}" ] && /bin/sleep ${NETWORKDELAY}
;;
stop)
[ "$EUID" != "0" ] && exit 4
# Don't shut the network down if root or /usr is on NFS or a network
# block device.
if systemctl show --property=RequiredBy -- -.mount usr.mount | grep -q 'remote-fs.target' ; then
net_log $"rootfs or /usr is on network filesystem, leaving network up"
exit 1
fi
# Don't shut the network down when shutting down the system if configured
# as such in sysconfig
if is_false "$IFDOWN_ON_SHUTDOWN"; then
if systemctl is-system-running | grep -q 'stopping'; then
net_log $"system is shutting down, leaving interfaces up as requested" info
exit 0
fi
fi
vlaninterfaces=""
vpninterfaces=""
xdslinterfaces=""
bridgeinterfaces=""
remaining=""
rc=0
# get list of bonding, vpn, and xdsl interfaces
for i in $interfaces; do
unset DEVICE TYPE
eval $(LANG=C grep -F "DEVICE=" ifcfg-$i)
eval $(LANG=C grep -F "TYPE=" ifcfg-$i)
if [ -z "$DEVICE" ] ; then DEVICE="$i"; fi
if [ "${DEVICE##cipcb}" != "$DEVICE" ] ; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "$TYPE" = "IPSEC" ] || [ "$TYPE" = "IPIP" ] || [ "$TYPE" = "GRE" ]; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "$TYPE" = "Bridge" ]; then
bridgeinterfaces="$bridgeinterfaces $i"
continue
fi
if [ "$TYPE" = "xDSL" -o "$TYPE" = "Modem" ]; then
xdslinterfaces="$xdslinterfaces $i"
continue
fi
if [ "${DEVICE%%.*}" != "$DEVICE" -o "${DEVICE##vlan}" != "$DEVICE" ] ; then
vlaninterfaces="$vlaninterfaces $i"
continue
fi
remaining="$remaining $i"
done
for i in $vpninterfaces $xdslinterfaces $bridgeinterfaces $vlaninterfaces $remaining; do
unset DEVICE TYPE
(. ./ifcfg-$i
if [ -z "$DEVICE" ] ; then DEVICE="$i"; fi
if ! check_device_down $DEVICE; then
action $"Shutting down interface $i: " ./ifdown $i boot
[ $? -ne 0 ] && rc=1
fi
)
done
action $"Shutting down loopback interface: " ./ifdown ifcfg-lo
sysctl -w net.ipv4.ip_forward=0 > /dev/null 2>&1
# IPv6 hook (post IPv4 stop)
if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then
/etc/sysconfig/network-scripts/init.ipv6-global stop post
fi
rm -f /var/lock/subsys/network
;;
status)
echo $"Configured devices:"
echo lo $interfaces
echo $"Currently active devices:"
echo $(/sbin/ip -o link show up | awk -F ": " '{ print $2 }')
;;
restart|force-reload)
cd "$CWD"
$0 stop
$0 start
rc=$?
;;
*)
echo $"Usage: $0 {start|stop|status|restart|force-reload}"
exit 2
esac
exit $rc

51
rc.d/init.d/vpn-gazduire Executable file
View File

@@ -0,0 +1,51 @@
#!/bin/sh
#
# Startup script for vpn-gazduire
#
# chkconfig: - 85 15
# description: VPN gazduire.ro
# processname: vpn-gazduire
# config: /etc/ppp/peers/vpn-gazduire
# Source function library.
. /etc/rc.d/init.d/functions
# See how we were called.
case "$1" in
start)
echo -n "Enabling VPN (gazduire.ro): "
#if [ -f /var/lock/subsys/pppd ] ; then
# echo
# exit 1
#fi
daemon /usr/sbin/pppd call vpn_gazduire.ro
sleep 5
/etc/ppp/ip-up.d/route-traffic
echo
touch /var/lock/subsys/pppd
;;
stop)
echo -n "Disabling VPN (gazduire.ro): "
killproc pppd
echo
rm -f /var/lock/subsys/pppd
;;
status)
status pppd
;;
condrestart)
if [ -f /var/lock/subsys/pppd ]; then
$0 stop
$0 start
fi
;;
reload|restart)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0

68
rc.d/rc.local Executable file
View File

@@ -0,0 +1,68 @@
#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
#add another local ip
#/sbin/ifconfig eth0:0 192.168.1.3 netmask 255.255.255.0
# Added by hwdsl2 VPN script
#iptables-restore < /etc/sysconfig/iptables
#service fail2ban restart
#service ipsec start
#service xl2tpd start
echo 1 > /proc/sys/net/ipv4/ip_forward
# clamav
mkdir -p /var/run/clamav
chown amavis:amavis /var/run/clamav
systemctl restart clamd
# ip gre tunnel to edgemax
#ip tunnel add tun0 mode gre remote 86.104.210.218 local 192.168.1.2 ttl 255
#ip link set tun0 up
sleep 1
#ip addr add 10.209.0.2/30 dev tun0
#ip r a 10.208.1.0/24 dev tun0
#ip r a 10.108.254.0/24 dev tun0
#ip r a 10.208.99.0/24 dev tun0
#ip r a 172.16.100.0/24 dev tun0
#ip r a 10.208.0.0/30 dev tun0
# ip gre tunnel to er4
#ip tunnel add tun1 mode gre remote 5.2.152.69 local 192.168.1.2 ttl 255
#ip link set tun1 up
#sleep 1
#ip addr add 10.109.0.2/30 dev tun1
#ip r a 10.108.1.0/24 dev tun1
#ip r a 10.108.254.0/24 dev tun1
#ip r a 10.108.99.0/24 dev tun1
#ip r a 10.108.0.0/30 dev tun1
# enable darkstat
#sleep 90
/usr/local/sbin/darkstat -i eth0 -p 9999 --no-dns
# named.stats
#sleep 150
chown named:named /var/named/named.stats
#
#echo none > /sys/block/vda/queue/scheduler

1
rc.d/rc0.d/K01bestcrypt Symbolic link
View File

@@ -0,0 +1 @@
../init.d/bestcrypt

1
rc.d/rc0.d/K45falco Symbolic link
View File

@@ -0,0 +1 @@
../init.d/falco

1
rc.d/rc0.d/K90network Symbolic link
View File

@@ -0,0 +1 @@
../init.d/network

1
rc.d/rc1.d/K01bestcrypt Symbolic link
View File

@@ -0,0 +1 @@
../init.d/bestcrypt

1
rc.d/rc1.d/K45falco Symbolic link
View File

@@ -0,0 +1 @@
../init.d/falco

1
rc.d/rc1.d/K90network Symbolic link
View File

@@ -0,0 +1 @@
../init.d/network

1
rc.d/rc2.d/K45falco Symbolic link
View File

@@ -0,0 +1 @@
../init.d/falco

1
rc.d/rc2.d/S10network Symbolic link
View File

@@ -0,0 +1 @@
../init.d/network

1
rc.d/rc2.d/S99bestcrypt Symbolic link
View File

@@ -0,0 +1 @@
../init.d/bestcrypt

1
rc.d/rc3.d/K45falco Symbolic link
View File

@@ -0,0 +1 @@
../init.d/falco

1
rc.d/rc3.d/S10network Symbolic link
View File

@@ -0,0 +1 @@
../init.d/network

1
rc.d/rc3.d/S99bestcrypt Symbolic link
View File

@@ -0,0 +1 @@
../init.d/bestcrypt

1
rc.d/rc4.d/K45falco Symbolic link
View File

@@ -0,0 +1 @@
../init.d/falco

1
rc.d/rc4.d/S10network Symbolic link
View File

@@ -0,0 +1 @@
../init.d/network

1
rc.d/rc4.d/S99bestcrypt Symbolic link
View File

@@ -0,0 +1 @@
../init.d/bestcrypt

1
rc.d/rc5.d/K45falco Symbolic link
View File

@@ -0,0 +1 @@
../init.d/falco

1
rc.d/rc5.d/S10network Symbolic link
View File

@@ -0,0 +1 @@
../init.d/network

1
rc.d/rc5.d/S99bestcrypt Symbolic link
View File

@@ -0,0 +1 @@
../init.d/bestcrypt

1
rc.d/rc6.d/K01bestcrypt Symbolic link
View File

@@ -0,0 +1 @@
../init.d/bestcrypt

1
rc.d/rc6.d/K45falco Symbolic link
View File

@@ -0,0 +1 @@
../init.d/falco

1
rc.d/rc6.d/K90network Symbolic link
View File

@@ -0,0 +1 @@
../init.d/network