[debian-edu-commits] debian-edu/ 03/14: Remove Cfengine2 related configuration files and tools.
Wolfgang Schweer
schweer-guest at moszumanska.debian.org
Sat Jan 6 23:46:41 UTC 2018
This is an automated email from the git hooks/post-receive script.
schweer-guest pushed a commit to branch master
in repository debian-edu-config.
commit 3a2cb02332e0dea3bb1dae1847de1a7fe542b1c6
Author: Wolfgang Schweer <wschweer at arcor.de>
Date: Sat Jan 6 23:30:45 2018 +0100
Remove Cfengine2 related configuration files and tools.
---
cf/cf.adduser | 28 ----------
cf/cf.apache2 | 29 ----------
cf/cf.apt | 21 -------
cf/cf.bind | 26 ---------
cf/cf.cfengine | 24 --------
cf/cf.chromium | 8 ---
cf/cf.cups | 10 ----
cf/cf.dhcpserver | 33 -----------
cf/cf.exim | 25 ---------
cf/cf.firefox-esr | 30 ----------
cf/cf.fstab | 9 ---
cf/cf.grub | 41 --------------
cf/cf.homes | 96 --------------------------------
cf/cf.imap | 17 ------
cf/cf.inetd | 19 -------
cf/cf.krb5client | 20 -------
cf/cf.ldapclient | 89 ------------------------------
cf/cf.ldapserver | 57 -------------------
cf/cf.ltsp | 130 -------------------------------------------
cf/cf.nagios3 | 24 --------
cf/cf.ntp | 37 -------------
cf/cf.pki | 8 ---
cf/cf.pxeinstall | 5 --
cf/cf.samba | 6 --
cf/cf.squid | 54 ------------------
cf/cf.syslog | 42 --------------
cf/cf.sysstat | 17 ------
cf/cf.testsetup | 7 ---
cf/cf.thunderbird | 23 --------
cf/cf.xrdp | 8 ---
cf/cfd | 29 ----------
cf/cfd.conf | 20 -------
cf/cfengine.conf | 140 -----------------------------------------------
cf/cfrunhosts.pl | 43 ---------------
sbin/cfengine-debian-edu | 31 -----------
35 files changed, 1206 deletions(-)
diff --git a/cf/cf.adduser b/cf/cf.adduser
deleted file mode 100644
index 729134b..0000000
--- a/cf/cf.adduser
+++ /dev/null
@@ -1,28 +0,0 @@
-editfiles:
-
- debian::
-
- # The file /etc/adduser.conf control local user creation.
- # For setting up a Debian Edu/Skolelinux server it is recommend
- # to start with a local user on a workstation (that might even be
- # tjener itself with additional workstation role).
- #
- # For local user creation we want to make sure that local users
- # do not have conflicting uidNumbers, gidNumber with those in LDAP.
-
- # Patch /etc/adduser.conf
- { /etc/adduser.conf
-
- # FIRST_UID, LAST_UID for non-LDAP users is 500-999
- ReplaceAll 'FIRST_UID=1000' With 'FIRST_UID=500'
- ReplaceAll 'LAST_UID=29999' With 'LAST_UID=999'
-
- # FIRST_GID, LAST_GID for non-LDAP groups is 500-999
- ReplaceAll 'FIRST_GID=1000' With 'FIRST_GID=500'
- ReplaceAll 'LAST_GID=29999' With 'LAST_GID=999'
-
- # local users' homes have permissions 0700
- ReplaceAll 'DIR_MODE=0755' With 'DIR_MODE=0700'
- }
-
-
diff --git a/cf/cf.apache2 b/cf/cf.apache2
deleted file mode 100644
index 8e83052..0000000
--- a/cf/cf.apache2
+++ /dev/null
@@ -1,29 +0,0 @@
-links:
- debian.server.installation::
- /etc/php/apache2/php.ini ->! /etc/php/apache2/php-debian-edu.ini
- /etc/apache2/mods-available/debian-edu-userdir.load ->! /etc/apache2/mods-available/userdir.load
-
-shellcommands:
- debian.server.installation::
- # Generate certificates and keys (rootCA and multipurpose server) using
- # the create-debian-edu-certs tool.
- "/usr/share/debian-edu-config/tools/create-debian-edu-certs"
- # Disable default userdir.
- "/usr/sbin/a2dismod userdir"
- # Enabling debian-edu-userdir; create a directory ~/public_html
- # to make it available as https://www/~<username>.
- "/usr/sbin/a2enmod debian-edu-userdir"
- # Enabling ssl
- "/usr/sbin/a2enmod ssl"
- # Use our own default site configuration, and ssl site configuration.
- "/usr/sbin/a2enconf debian-edu-config-doc.conf"
- "/usr/sbin/a2ensite debian-edu-default.conf"
- "/usr/sbin/a2ensite debian-edu-ssl-default.conf"
- # Enable sitesummary with cgi, workaround for bug #760084
- "/usr/sbin/a2enmod cgi"
- "/usr/sbin/a2enconf sitesummary.conf"
- # Disable the stock debian sitefile
- "/usr/sbin/a2dissite 000-default.conf"
- # Reload apache2 for changes to take effect
- "/usr/sbin/service apache2 restart"
-
diff --git a/cf/cf.apt b/cf/cf.apt
deleted file mode 100644
index 826e6ec..0000000
--- a/cf/cf.apt
+++ /dev/null
@@ -1,21 +0,0 @@
-editfiles:
-
- debian::
-
- { /etc/apt/sources.list
- HashCommentLinesStarting "deb cdrom:"
- HashCommentLinesStarting "deb http://security.debian.org/ buster/updates main"
- AppendIfNoSuchLine "deb http://security.debian.org/ buster/updates main contrib non-free"
- AppendIfNoSuchLine "deb http://deb.debian.org/debian buster main contrib non-free"
- }
-
- debian.ltspserver::
- # A copy of the above
- { /opt/ltsp/$(ltsp_arch)/etc/apt/sources.list
- HashCommentLinesStarting "deb file:"
- HashCommentLinesStarting "deb http://security.debian.org/ buster/updates main"
- AppendIfNoSuchLine "deb http://security.debian.org/ buster/updates main contrib non-free"
- AppendIfNoSuchLine "deb http://deb.debian.org/debian buster main contrib non-free"
- }
-
-
diff --git a/cf/cf.bind b/cf/cf.bind
deleted file mode 100644
index f38c8c3..0000000
--- a/cf/cf.bind
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Configure DNS setup with bind
-#
-directories:
- debian.server::
- # Make sure the members of group 'bind' can write to /etc/bind/:
- /etc/bind mode=2775 owner=root group=bind
-
-editfiles:
- debian.server.installation::
- # Configure ldap2bind for Debian Edu:
- { /etc/bind/named.conf.local
- AppendIfNoSuchLine 'include "/etc/bind/named.conf.ldap2zone";'
- }
- # Disable IPv6 (to silence IPv6 lookup failure messages):
- { /etc/default/bind9
- BeginGroupIfNoSuchLine 'OPTIONS="-4 -u bind"'
- HashCommentLinesStarting 'OPTIONS='
- LocateLineMatching '#.*OPTIONS=.*'
- InsertLine 'OPTIONS="-4 -u bind"'
- EndGroup
- }
- # Add alias for mails to user bind:
- { /etc/aliases
- AppendIfNoSuchLine 'bind: root'
- }
diff --git a/cf/cf.cfengine b/cf/cf.cfengine
deleted file mode 100644
index 3915078..0000000
--- a/cf/cf.cfengine
+++ /dev/null
@@ -1,24 +0,0 @@
-groups:
- cfclient = ( "/bin/ping -c 1 cfservd" )
-
-editfiles:
- cfclient::
- # Activate cfservd if there is a cfengine server on the net
- { /etc/default/cfengine2
-
- BeginGroupIfNoMatch "RUN_CFSERVD=1"
- LocateLineMatching "RUN_CFSERVD=0"
- ReplaceLineWith "RUN_CFSERVD=1"
- EndGroup
- }
-
- # Run cfengine on reboot
- # (to make sure that clients that are offline a lot, get their "fix", too
- { /etc/cron.d/cfengine
- AutoCreate
- AppendIfNoSuchLine "@reboot root /usr/sbin/cfagent -f update.conf && /usr/sbin/cfagent -f cfagent.conf"
- }
-
-shellcommands:
- cfclient::
- "/etc/init.d/cfengine restart"
diff --git a/cf/cf.chromium b/cf/cf.chromium
deleted file mode 100644
index 1b484df..0000000
--- a/cf/cf.chromium
+++ /dev/null
@@ -1,8 +0,0 @@
-shellcommands:
- # Change default Chromium homepage. Standalone machines get our project page,
- # while school machines get the school start page from LDAP.
- # The clients using LDAP also update the pages at boot.
- debian.installation.standalone::
- "/usr/share/debian-edu-config/tools/update-chromium-homepage http\://www.skolelinux.org/"
- debian.installation.!standalone::
- "/usr/share/debian-edu-config/tools/update-chromium-homepage ldap\:homepage"
diff --git a/cf/cf.cups b/cf/cf.cups
deleted file mode 100644
index 33a31c2..0000000
--- a/cf/cf.cups
+++ /dev/null
@@ -1,10 +0,0 @@
-links:
-
- debian.installation::
-
- /etc/cups/cupsd.conf ->! /etc/cups/cupsd-debian-edu.conf
- /etc/cups/cups-files.conf ->! /etc/cups/cups-files-debian-edu.conf
- /etc/cups/ssl/tjener.intern.crt ->! /etc/ssl/certs/debian-edu-server.crt
- nofile=force
- /etc/cups/ssl/tjener.intern.key ->! /etc/ssl/private/debian-edu-server.key
- nofile=force
diff --git a/cf/cf.dhcpserver b/cf/cf.dhcpserver
deleted file mode 100644
index 653b3bb..0000000
--- a/cf/cf.dhcpserver
+++ /dev/null
@@ -1,33 +0,0 @@
-links:
-
- debian.server::
-
- /etc/dhcp/dhcpd.conf ->! /etc/dhcp/dhcpd-debian-edu.conf
- nofile=force
-
- debian::
-
- /etc/dhcp/dhclient.conf ->! /etc/dhcp/dhclient-debian-edu.conf
- nofile=force
-
-editfiles:
-
- debian.server::
-
- # The file /etc/default/isc-dhcp-server controls what interface the
- # dhcp server will listen on. We will have one monster dhcpd.conf file
- # that contains definitions for both the eth0 and eth1 interfaces and
- # control which is active by manipulating this
- # /etc/default/isc-dhcp-server
- #
- # Make sure this is synced with cf.ltsp (LTSP server)
-
-
- # Enable DHCP server on eth0
- { /etc/default/isc-dhcp-server
- BeginGroupIfNoMatch 'INTERFACESv4="eth0"'
- LocateLineMatching 'INTERFACESv4=""'
- ReplaceLineWith 'INTERFACESv4="eth0"'
- EndGroup
- }
-
diff --git a/cf/cf.exim b/cf/cf.exim
deleted file mode 100644
index 7ac5a7b..0000000
--- a/cf/cf.exim
+++ /dev/null
@@ -1,25 +0,0 @@
-links:
-
-
- # Serverinstallation
- debian.server.installation::
-
- /etc/exim4/exim4.conf ->! /etc/exim4/exim-ldap-server-v4.conf
- nofile=force
-
-editfiles:
- debian.server.installation::
- { /etc/default/exim4
- AppendIfNoSuchLine 'KRB5_KTNAME=/etc/krb5.keytab.smtp; export KRB5_KTNAME'
- }
-
-shellcommands:
-
-
- debian.server.installation.fifthpass::
-
- "/usr/share/debian-edu-config/tools/exim4-create-environment"
-
- debian.installation::
-
- "/usr/sbin/exim4 -qff"
diff --git a/cf/cf.firefox-esr b/cf/cf.firefox-esr
deleted file mode 100644
index dff63ea..0000000
--- a/cf/cf.firefox-esr
+++ /dev/null
@@ -1,30 +0,0 @@
-#
-# Set up firefox to accept the default ssl certificate created through cf.apache2.
-#
-# On main server use /etc/skel/ to create a default profile for new
-# users in case they start firefox the first time.
-directories:
- # Check file system is prepared for inclusion in new users home directories.
- debian.installation.server::
- /etc/skel/.mozilla/firefox/debian-edu.default mode=755 owner=root group=root
-
-shellcommands:
- # Enable the default profile.
- debian.installation.server::
- "/usr/bin/update-ini-file /etc/skel/.mozilla/firefox/profiles.ini General StartWithLastProfile 1"
- "/usr/bin/update-ini-file /etc/skel/.mozilla/firefox/profiles.ini Profile0 Name default"
- "/usr/bin/update-ini-file /etc/skel/.mozilla/firefox/profiles.ini Profile0 IsRelative 1"
- "/usr/bin/update-ini-file /etc/skel/.mozilla/firefox/profiles.ini Profile0 Path debian-edu.default"
-
- # Change default start page. Standalone machines get our project page,
- # while school machines get the school start page from LDAP.
- # The clients using LDAP also update the pages at boot.
- debian.installation.standalone::
- "/usr/share/debian-edu-config/tools/update-firefox-homepage http\://www.skolelinux.org/"
- debian.installation.!standalone::
- "/usr/share/debian-edu-config/tools/update-firefox-homepage ldap\:homepage"
-
-files:
- # Ensure file file is readable by everyone
- debian.installation.server.secondpass::
- /etc/skel/.mozilla/firefox/profiles.ini mode=a+r act=fixall
diff --git a/cf/cf.fstab b/cf/cf.fstab
deleted file mode 100644
index 79622ec..0000000
--- a/cf/cf.fstab
+++ /dev/null
@@ -1,9 +0,0 @@
-editfiles:
-
- debian::
-
- { /etc/fstab
- BeginGroupIfNoLineMatching ".* /tmp .*"
- InsertLine "none /tmp tmpfs defaults,nosuid 0 0"
- EndGroup
- }
diff --git a/cf/cf.grub b/cf/cf.grub
deleted file mode 100644
index 58f6b18..0000000
--- a/cf/cf.grub
+++ /dev/null
@@ -1,41 +0,0 @@
-#
-# Configure GRUB:
-# - for plymouth (everywhere except on servers and ltsp-clients)
-# - handle the network interface setup (keep old device names) for networked
-# systems (everywhere except on roaming machines and standalone)
-
-editfiles:
- debian.installation.(standalone|roaming)::
- { /etc/default/grub
- BeginGroupIfNoSuchLine 'GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"'
- HashCommentLinesStarting 'GRUB_CMDLINE_LINUX_DEFAULT'
- LocateLineMatching '#.*GRUB_CMDLINE_LINUX_DEFAULT.*'
- InsertLine 'GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"'
- EndGroup
- }
-
-editfiles:
- debian.installation.!roaming.!standalone::
- { /etc/default/grub
- BeginGroupIfNoSuchLine 'GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 quiet"'
- HashCommentLinesStarting 'GRUB_CMDLINE_LINUX_DEFAULT'
- LocateLineMatching '#.*GRUB_CMDLINE_LINUX_DEFAULT.*'
- InsertLine 'GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 quiet"'
- EndGroup
- }
-
-editfiles:
- debian.installation.!server.!ltspclient.!roaming.!standalone::
- { /etc/default/grub
- BeginGroupIfNoSuchLine 'GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 quiet splash"'
- HashCommentLinesStarting 'GRUB_CMDLINE_LINUX_DEFAULT'
- LocateLineMatching '#.*GRUB_CMDLINE_LINUX_DEFAULT.*'
- InsertLine 'GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 quiet splash"'
- EndGroup
- }
-
-shellcommands:
- debian.installation::
- "/usr/sbin/update-grub"
- debian.installation.!server.!ltspclient::
- "/usr/sbin/plymouth-set-default-theme lines"
diff --git a/cf/cf.homes b/cf/cf.homes
deleted file mode 100644
index 2b2008d..0000000
--- a/cf/cf.homes
+++ /dev/null
@@ -1,96 +0,0 @@
-#
-# Handle the user home directory on the server
-#
-directories:
- debian.server::
- # Make sure /skole/tjener/home0/ exists even if using manual partitioning:
- /skole/tjener/home0 mode=755 owner=root group=root
- # Make sure /skole has right permissions if 'atomic' partitioning is used.
- /skole mode=755 owner=root group=root
- # Make sure /srv/nfs4/home0 exists:
- /srv/nfs4/home0 mode=755 owner=root group=root
-
-editfiles:
- debian.installation.!standalone::
- { /etc/krb5.conf
- ## FIXME: needed because of #521878:
- BeginGroupIfNoSuchLine ' allow_weak_crypto = true'
- LocateLineMatching '.*\[libdefaults\].*'
- InsertLine ' allow_weak_crypto = true'
- InsertLine ' permitted_enctypes = des-cbc-crc rc4-hmac des3-cbc-sha1-kd aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96'
- EndGroup
- }
- { /etc/default/nfs-common
- ## start the idmapd daemon:
- BeginGroupIfNoSuchLine 'NEED_IDMAPD=yes'
- HashCommentLinesStarting 'NEED_IDMAPD='
- LocateLineMatching '#.*NEED_IDMAPD=.*'
- InsertLine 'NEED_IDMAPD=yes'
- EndGroup
- ## start the gssd daemon:
- BeginGroupIfNoSuchLine 'NEED_GSSD=yes'
- HashCommentLinesStarting 'NEED_GSSD='
- LocateLineMatching '#.*NEED_GSSD=.*'
- InsertLine 'NEED_GSSD=yes'
- EndGroup
- }
- { /etc/idmapd.conf
- ## needed for correct ID mapping:
- BeginGroupIfNoSuchLine 'Domain = intern'
- HashCommentLinesStarting 'Domain ='
- LocateLineMatching '#.*Domain =.*'
- InsertLine 'Domain = intern'
- EndGroup
- }
-
-
- debian.server::
- { /etc/exports
- ## NFS4 without the need to use kerberos for now:
- AppendIfNoSuchLine "/srv/nfs4 @ltsp-server-hosts(sec=krb5p:krb5i:krb5:sys,rw,sync,fsid=0,crossmnt,no_subtree_check) @workstation-hosts(sec=krb5p:krb5i:krb5:sys,rw,sync,fsid=0,crossmnt,no_subtree_check) @server-hosts(sec=krb5p:krb5i:krb5:sys,rw,sync,fsid=0,crossmnt,no_subtree_check)"
- AppendIfNoSuchLine "/srv/nfs4/home0 @ltsp-server-hosts(sec=krb5p:krb5i:krb5:sys,rw,sync,no_subtree_check) @workstation-hosts(sec=krb5p:krb5i:krb5:sys,rw,sync,no_subtree_check) @server-hosts(sec=krb5p:krb5i:krb5:sys,rw,sync,no_subtree_check)"
- }
- { /etc/fstab
- ## bind the shared directory to the exported tree:
- AppendIfNoSuchLine "/skole/tjener/home0 /srv/nfs4/home0 none bind 0 0"
- }
- { /etc/default/nfs-kernel-server
- ## start the svcgssd daemon:
- BeginGroupIfNoSuchLine 'NEED_SVCGSSD=yes'
- HashCommentLinesStarting 'NEED_SVCGSSD='
- LocateLineMatching '#.*NEED_SVCGSSD=.*'
- InsertLine 'NEED_SVCGSSD=yes'
- EndGroup
- }
-
- # Enable autofs using LDAP unless running the server.
- # This is done by enabling autofs. Use SRV RRs to find ldap.
- debian.!server.!standalone.!roaming::
- { /etc/default/autofs
- AppendIfNoSuchLine "LDAPURI=ldap://$(ldapserver)"
- }
-
- # Just by logging in, each user by default fill up 144 MiB of disk
- # space. Most of it is spend by akonadi. Following instructions
- # in
- # <URL: http://techbase.kde.org/Projects/PIM/Akonadi#Akonadi_needs_too_much_space_in_my_home_directory.21 >,
- # we reduce this to 24 MiB by reducing the mysql innodb log file
- # size. Enabling for GUI profiles, but not for Standalone where
- # most likely only one user will be created.
- debian.installation.workstation::
- { /etc/xdg/akonadi/mysql-global.conf
- ReplaceAll 'innodb_log_file_size=64M' With 'innodb_log_file_size=4M'
- }
-
- # Enable our menu overrides on standalone installations
- debian.standalone::
-
- { /etc/debian-edu/config
- AppendIfNoSuchLine "MENUREORDER=true"
- }
-
-shellcommands:
- # Make sure to disable autofs on the main-server, to avoid hiding
- # local file systems.
- debian.server::
- "/bin/systemctl disable autofs"
diff --git a/cf/cf.imap b/cf/cf.imap
deleted file mode 100644
index f7dd92e..0000000
--- a/cf/cf.imap
+++ /dev/null
@@ -1,17 +0,0 @@
-shellcommands:
-
- debian.server.installation::
-
- # pretend an IMAP authentication success in order to suppress dovecot's initial
- # warning message: ,,This message goes away after the first successful login.''
- "/usr/bin/touch /var/lib/dovecot/auth-success"
-
-links:
-
- debian.installation::
-
- /etc/dovecot/private/dovecot.pem ->! /etc/ssl/certs/debian-edu-server.crt
- nofile=force
- /etc/dovecot/private/dovecot.key ->! /etc/ssl/private/debian-edu-server.key
- nofile=force
-
diff --git a/cf/cf.inetd b/cf/cf.inetd
deleted file mode 100644
index 8cbabfe..0000000
--- a/cf/cf.inetd
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# Remove the services we don't need from /etc/inetd.conf
-#
-editfiles:
-
- debian::
-
- { /etc/inetd.conf
- HashCommentLinesStarting "discard"
- HashCommentLinesStarting "daytime"
- HashCommentLinesStarting "time"
- }
-
- # Standalone hosts should not listen to incoming SMTP connections.
- debian.standalone::
- { /etc/inetd.conf
- HashCommentLinesStarting "smtp"
- }
-
diff --git a/cf/cf.krb5client b/cf/cf.krb5client
deleted file mode 100644
index 2e886c8..0000000
--- a/cf/cf.krb5client
+++ /dev/null
@@ -1,20 +0,0 @@
-#
-# Configure KRB5 client
-#
-
-links:
- debian.installation.!standalone::
- /usr/share/pam-configs/edu-nopwdchange ->! /usr/share/debian-edu-config/pam-config-nopwdchange
-
-shellcommands:
- # setup-roaming generate its own krb5.conf, no need to do it here.
- debian.installation.!standalone.!roaming.!server::
- "/usr/share/debian-edu-config/tools/sssd-generate-config -k > /etc/krb5.conf"
-
- debian.installation.!standalone.secondpass::
- # Activate changes to pam-configs in /etc/pam.d/
- "/usr/sbin/pam-auth-update --package"
-
-files:
- debian.secondpass.!standalone::
- /etc/krb5.conf mode=644 act=fixall
diff --git a/cf/cf.ldapclient b/cf/cf.ldapclient
deleted file mode 100644
index 31d9505..0000000
--- a/cf/cf.ldapclient
+++ /dev/null
@@ -1,89 +0,0 @@
-#
-# Configure NSS and PAM to use LDAP directory
-#
-editfiles:
-
- debian.installation.!standalone.!roaming::
-
- { /etc/nsswitch.conf
-
- LocateLineMatching "# Example configuration of GNU Name Service Switch functionality."
- IncrementPointer "3"
-
- BeginGroupIfNoSuchLine "passwd: files ldap"
- HashCommentLinesStarting "passwd:"
- InsertLine "passwd: files ldap"
- EndGroup
-
- BeginGroupIfNoSuchLine "group: files ldap"
- HashCommentLinesStarting "group:"
- InsertLine "group: files ldap"
- EndGroup
-
- # Fetching shadow from LDAP is useful for expiring accounts.
- BeginGroupIfNoSuchLine "shadow: files ldap"
- HashCommentLinesStarting "shadow:"
- InsertLine "shadow: files ldap"
- EndGroup
-
- BeginGroupIfNoSuchLine "netgroup: files ldap"
- HashCommentLinesStarting "netgroup:"
- InsertLine "netgroup: files ldap"
- EndGroup
-
- BeginGroupIfNoSuchLine "automount: files ldap"
- HashCommentLinesStarting "automount:"
- InsertLine "automount: files ldap"
- EndGroup
-
- BeginGroupIfNoSuchLine "sudoers: files ldap"
- HashCommentLinesStarting "sudoers:"
- InsertLine "sudoers: files ldap"
- EndGroup
- }
-
- debian.installation.!standalone::
-
- { /etc/ldap/ldap.conf
- BeginGroupIfNoLineMatching "^HOST .*"
- AppendIfNoSuchLine "HOST $(ldapserver)"
- EndGroup
-
- # needed for sudo-ldap:
- BeginGroupIfNoLineMatching "^sudoers_base .*"
- AppendIfNoSuchLine "sudoers_base ou=sudoers,$(ldapbase)"
- EndGroup
-
- # Insert the base-dn, to simplify searching the LDAP and reduce
- # typing :-) [barbarossa 2004-07-01]
- BeginGroupIfNoLineMatching "^BASE .*"
- AppendIfNoSuchLine "BASE $(ldapbase)"
- EndGroup
-
- # We want to use the downloaded LDAP SSL certificate to verify the
- # connection to the server, and disable the code to not check
- # certificates, see bug #1211.
- BeginGroupIfNoLineMatching "^TLS_REQCERT .*"
- AppendIfNoSuchLine "TLS_REQCERT demand"
- EndGroup
- AppendIfNoSuchLine "TLS_CACERT /etc/ldap/ssl/ldap-server-pubkey.pem"
- }
-
- { /etc/nslcd.conf
- AppendIfNoSuchLine "tls_cacertfile /etc/ldap/ssl/ldap-server-pubkey.pem"
- }
-
-shellcommands:
- debian.installation.roaming::
- "/usr/share/debian-edu-config/tools/setup-roaming"
-
- # Workaround for bug #591773 in nslcd
- # FIXME Check if nslcd still pull in libpam-ldapd (bug #591773)
- debian.installation.!standalone::
- "/usr/bin/apt-get --auto-remove purge -y libpam-ldapd"
-
- # Avoid Network Manager GUI client stationary machines. The users
- # can not change the config anyway.
- debian.installation.!standalone.!roaming::
- "/usr/bin/apt-get --auto-remove purge -y plasma-widget-networkmanagement"
-
diff --git a/cf/cf.ldapserver b/cf/cf.ldapserver
deleted file mode 100644
index 3fe1775..0000000
--- a/cf/cf.ldapserver
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# Configure LDAP server and communication with the LDAP server
-#
-links:
-
- debian.server.installation::
- /etc/ldap/slapd.conf ->! /etc/ldap/slapd-squeeze_debian-edu.conf
-
-editfiles:
- debian.server.installation::
- { /etc/default/slapd
- BeginGroupIfNoSuchLine 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
- HashCommentLinesStarting "SLAPD_SERVICES"
- LocateLineMatching '# SLAPD_SERVICES=.*'
- InsertLine 'SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"'
- EndGroup
-
- BeginGroupIfNoSuchLine 'KRB5_KTNAME=/etc/krb5.keytab.ldap; export KRB5_KTNAME'
- HashCommentLinesStarting "KRB5_KTNAME="
- HashCommentLinesStarting "export KRB5_KTNAME"
- LocateLineMatching '#.*export KRB5_KTNAME=.*'
- InsertLine 'KRB5_KTNAME=/etc/krb5.keytab.ldap; export KRB5_KTNAME'
- EndGroup
-
- BeginGroupIfNoSuchLine 'SLAPD_OPTIONS="-4"'
- HashCommentLinesStarting "SLAPD_OPTIONS"
- LocateLineMatching '# SLAPD_OPTIONS=.*'
- InsertLine 'SLAPD_OPTIONS="-4"'
- EndGroup
-
- # Multiply LDAP server limit by 8 from 1024 to 32768 to handle
- # more clients. With a limit on 1024, less then 150 clients can
- # can connect.
- AppendIfNoSuchLine 'ulimit -n 32768'
- }
-
-directories:
- debian.server::
- /var/run/slapd mode=755 owner=openldap group=openldap
-
-files:
- debian.server::
- /var/lib/ldap r=2 owner=openldap group=openldap act=fixall
- /etc/ldap/ssl r=2 owner=openldap group=openldap act=fixall
-
-shellcommands:
- debian.server.installation.thirdpass::
- # Generating TLS certificates
- "/usr/bin/mkslapdcert"
- # Setting correct permisions to run ldap as the user openldap
- # need to run them here, since shellscripts is after files
- "/bin/chown openldap\:openldap /etc/ldap/ssl"
- "/bin/chown openldap\:openldap /etc/ldap/ssl/slapd-cert.cnf"
- # Need load the initial LDAP database, using the new slapd.conf.
- # The Kerberos KDC is set up within this script too. Need to
- # run after the ssl certs are made available (cf.apache2).
- "/usr/bin/ldap-debian-edu-install"
diff --git a/cf/cf.ltsp b/cf/cf.ltsp
deleted file mode 100644
index e9cf0fe..0000000
--- a/cf/cf.ltsp
+++ /dev/null
@@ -1,130 +0,0 @@
-links:
-
- debian::
-
- # The dhcpd.conf will be be installed in by the server profile scripts
- # But what the heck, just to be sure we do it again
-
- /etc/dhcp/dhcpd.conf ->! /etc/dhcp/dhcpd-debian-edu.conf
- nofile=force
-
- # the cleanup script for network swap
- /etc/cron.daily/nbdswap-cleanup ->! /usr/share/debian-edu-config/tools/nbdswap-cleanup
-
-directories:
- debian.ltspserver::
- #correct ownership for nbd-server.
- /var/opt/ltsp/swapfiles mode=700 owner=nbd group=nbd
-
-files:
- debian.ltspserver|debian.workstation|debian.standalone::
- # ldm fail if Xsession is not executable
- /etc/X11/Xsession mode=a+x act=fixall
-
- debian.ltspserver::
- #needed for nbd-server to startup
- /opt/ltsp/$(ltsp_arch)/etc/nbd-server mode=a+r act=fixall
- #Needed for nbdswapd config file
- /etc/ltsp/nbdswapd.conf owner=root group=root mode=644 act=touch
-
-
-editfiles:
-
-
- debian.ltspserver::
- #Set the correct swapfile area
- { /etc/ltsp/nbdswapd.conf
- AppendIfNoSuchLine 'SWAPDIR=/var/opt/ltsp/swapfiles'
-# timeout disabled as it does not work properly
-# AppendIfNoSuchLine 'NBD_SERVER_OPTS="-a 3600"'
- }
-
- debian.server|ltspserver::
- # Reduce NFS traffic by allowing NFS clients to talk to the FAM server instead
- { /etc/fam.conf
- ReplaceAll "local_only = false" With "local_only = true"
- }
-
- # Make the tftp-daemon run change-rooted (-s switch) using the standard
- # ltsp directory as root. Very messy otherwise.
-
- { /etc/inetd.conf
- BeginGroupIfNoMatch "tftp dgram udp wait root /usr/sbin/in.tftpd -s /tftpboot"
- ReplaceAll "\/var\/ftpd" With "-s /tftpboot"
- EndGroup
- }
-
- # Make tftpd-hpa work with multiple subdirs in tftp root dir
- { /etc/default/tftpd-hpa
- HashCommentLinesContaining '--secure'
- }
-
- debian.ltspserver::
-
- # The file /etc/default/isc-dhcp-server controls what interface the dhcp
- # server will listen on. We will have one monster dhcpd.conf file
- # that contains definitions for both the eth0 and eth1 interfaces
- # and control which is active by manipulating this
- # /etc/default/isc-dhcp-server
-
- # If this host is the primary server, then cf.dhcpserver will
- # Replace 'INTERFACES=""' with 'INTERFACES="eth0". This rule will
- # then append 'INTERFACES="$INTERFACE eth1"' to the shell script
- # fragment to make sure both interfaces are used.
- #
- # Make sure this is synced with cf.dhcpserver
-
-
- { /etc/default/isc-dhcp-server
- AppendIfNoSuchLine 'INTERFACESv4="$INTERFACESv4 eth1"'
- }
-
- # Set up NFS config file to allow thin clients to mount their
- # root file system and the swap files.
- # FIXME: Modify network definition to revert to 255.255.254.0 netmask:
-
- { /etc/exports
- AppendIfNoSuchLine "/opt/ltsp/$(ltsp_arch) 10.0.0.0/255.0.0.0(ro,async,no_root_squash,subtree_check) 192.168.0.0/255.255.0.0(ro,async,no_root_squash,subtree_check) 127.0.0.1(ro,async,no_root_squash,subtree_check,insecure)"
- }
-
- # Allow authentication by host to various services
- # Don't forget NFS uses portmap and needs this
- # FIXME: Is all this still needed for NFSv4?
-
- { /etc/hosts.allow
- AppendIfNoSuchLine "bootpd: 0.0.0.0"
- AppendIfNoSuchLine "in.tftpd: 192.168.0."
- AppendIfNoSuchLine "in.tftpd: 10."
- AppendIfNoSuchLine "in.tftpd: 127.0.0.1"
- AppendIfNoSuchLine "portmap: 192.168.0."
- AppendIfNoSuchLine "portmap: 10."
- AppendIfNoSuchLine "portmap: 127.0.0.1"
- }
-
- { /etc/X11/fs/config
- CommentLinesMatching "no-listen = tcp"
- }
-
- # Make sure LTSP servers by default allow access local devices on
- # thin clients. Require pam_group in common-auth.
- # http://www.die.net/doc/linux/man/man5/group.conf.5.html
- # document # the format.
- { /etc/security/group.conf
- AppendIfNoSuchLine "*; *; *; Al0000-2400; fuse"
- }
-
- # Make sure local device work out of the box (Bug #1184). In Ubuntu,
- # this kernel loading is done by the fuse-utils package. It is not
- # don in the 2.5.3-4.4 debian package.
- { /etc/modules
- AppendIfNoSuchLine "fuse"
- }
-
- debian.ltspclient::
- # FIXME: Could not find this in the chroot.
- # However, if added, NFSv4 with sec=krb5X does still not work.
- { /etc/defaults/nfs-common
- AppendIfNoSuchLine "RPCGSSDOPTS=-n"
- }
-
-
diff --git a/cf/cf.nagios3 b/cf/cf.nagios3
deleted file mode 100644
index b64a3a5..0000000
--- a/cf/cf.nagios3
+++ /dev/null
@@ -1,24 +0,0 @@
-#links:
-#
-# /etc/nagios3/cgi.cfg ->! /etc/nagios3/debian-edu/cgi.cfg
-# /etc/nagios3/nagios.cfg ->! /etc/nagios3/debian-edu/nagios.cfg
-# /etc/nagios3/htpasswd.users ->! /etc/nagios3/debian-edu/htpasswd.users
-# /etc/nagios3/conf.d ->! /etc/nagios3/debian-edu
-#
-files:
-
- debian.server.installation::
- # create an empty web site password file to allow htpasswd to add
- # users to it.
- # TODO: This file should have mode 0640 and be owned by the same group
- # the web server runs as, but I will not change this close to release.
- # 20100121, werner
- /etc/nagios3/htpasswd.users owner=root group=root mode=644 act=touch
-
-# Workaround for a variant of bug #760084 triggered by #483997,
-# apt/dpkg do not order recommends and suggests, causing sitesummary
-# to be installed before nagios3, and thus failing to configure
-# nagios3 properly.
-shellcommands:
- debian.fifthpass::
- "/usr/sbin/dpkg-reconfigure sitesummary"
diff --git a/cf/cf.ntp b/cf/cf.ntp
deleted file mode 100644
index b70a2c8..0000000
--- a/cf/cf.ntp
+++ /dev/null
@@ -1,37 +0,0 @@
-files:
- debian.installation.!standalone::
- /etc/ntp.conf owner=root group=root mode=644 act=touch
-
-editfiles:
- debian.!standalone.installation::
- { /etc/ntp.conf
- AppendIfNoSuchLine "# /etc/ntp.conf, configuration for xntpd"
- AppendIfNoSuchLine "# ntpd will use syslog() if logfile is not defined"
- AppendIfNoSuchLine "#logfile /var/log/ntpd"
- AppendIfNoSuchLine "driftfile /var/lib/ntp/ntp.drift"
- AppendIfNoSuchLine "statsdir /var/log/ntpstats/"
- AppendIfNoSuchLine "statistics loopstats peerstats clockstats"
- AppendIfNoSuchLine "filegen loopstats file loopstats type day enable"
- AppendIfNoSuchLine "filegen peerstats file peerstats type day enable"
- AppendIfNoSuchLine "filegen clockstats file clockstats type day enable"
- }
-
- # Add local clock on the main-server to ensure clients can sync with
- # the main-server even when all the machines are disconnected from
- # the Internet. When they are on the Internet, all will sync with
- # pool.ntp.org machines.
- debian.server.installation::
- { /etc/ntp.conf
- AppendIfNoSuchLine "server 127.127.1.0"
- }
-
- debian.!server.!standalone.installation::
- { /etc/ntp.conf
- AppendIfNoSuchLine "server ntp iburst"
- }
-
- # Remove all ntp servers except 'ntp' (aka tjener) from ntp.conf.
- debian.ltspclient.installation::
- { /etc/ntp.conf
- CommentLinesMatching ".*debian.pool.ntp.*"
- }
diff --git a/cf/cf.pki b/cf/cf.pki
deleted file mode 100644
index 0ea3a7f..0000000
--- a/cf/cf.pki
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# Make sure the pki store directory has proper rights.
-#
-directories:
- # Check file system is prepared for inclusion in new users home directories.
- debian.installation.server::
- /etc/skel/.pki/nssdb mode=700 owner=root group=root
-
diff --git a/cf/cf.pxeinstall b/cf/cf.pxeinstall
deleted file mode 100644
index 4e1e273..0000000
--- a/cf/cf.pxeinstall
+++ /dev/null
@@ -1,5 +0,0 @@
-shellcommands:
-
- debian.forthpass.server|debian.forthpass.ltspserver::
- # Enable PXE installation framework.
- "/usr/sbin/debian-edu-pxeinstall"
diff --git a/cf/cf.samba b/cf/cf.samba
deleted file mode 100644
index 298152e..0000000
--- a/cf/cf.samba
+++ /dev/null
@@ -1,6 +0,0 @@
-links:
-
- debian.server.installation::
-
- /etc/samba/smb.conf ->! /etc/samba/smb-debian-edu.conf
-
diff --git a/cf/cf.squid b/cf/cf.squid
deleted file mode 100644
index f29ebda..0000000
--- a/cf/cf.squid
+++ /dev/null
@@ -1,54 +0,0 @@
-links:
- # Enforce proxy on networked installs
- debian.!standalone::
- /etc/firefox-esr/debian-edu-networked.js ->
- /usr/share/debian-edu-config/firefox-networked-prefs.js nofile=force
-
-# Configure squid, copy our setup to /etc/squid/ (instead of
-# including it in the package as a conffile), to ensure package
-# upgrades do not trigger a conffile question from dpkg.
-directories:
- debian.server::
- /etc/squid mode=755 owner=root group=root
-copy:
- debian.server::
- /usr/share/debian-edu-config/squid.conf dest=/etc/squid/squid-debian-edu.conf mode=0644
-editfiles:
- debian.server::
- { /etc/default/squid
- AutoCreate
- AppendIfNoSuchLine "CONFIG=/etc/squid/squid-debian-edu.conf"
- AppendIfNoSuchLine "SQUID_ARGS=\"-YC -f /etc/squid/squid-debian-edu.conf\""
- }
-
-
- # Disable the automatic proxy configuration on LTSP boot, as the
- # default setup is already correct and not calling
- # wpad-proxy-update shave 3 seconds from the boot.
- debian.ltspclient::
- { /etc/debian-edu/config
- AppendIfNoSuchLine "DHCP_WPAD_PROXY_UPDATE=false"
- }
-
-shellcommands:
-
- debian.server::
-
- # Reconfigure squid. This is needed if squid has already been started
- # using the default configuration; a cache dir isn't used in this case,
- # storage uses memory. The reconfiguration initializes the cache_dir.
- "/usr/sbin/dpkg-reconfigure squid"
- # Update Squid to use all the available space (aka 80% of the partition)
- "/usr/share/debian-edu-config/tools/squid-update-cachedir /etc/squid/squid-debian-edu.conf"
-
- debian.!server.!standalone.fifthpass::
-
- # Update /etc/environment and APT configurat using wpad.dat file
- # Do this on fifth pass, to make sure scripts like
- # debian-edu-pxeinstall (forthpass) do not get the wrong proxy
- # setting when installing a main-server and the webcache proxy
- # isn't up yet.
- "/usr/share/debian-edu-config/tools/update-proxy-from-wpad"
-
- debian.server.fifthpass::
- "/usr/share/debian-edu-config/tools/update-proxy-from-wpad file\:///etc/debian-edu/www/wpad.dat"
diff --git a/cf/cf.syslog b/cf/cf.syslog
deleted file mode 100644
index 821ba52..0000000
--- a/cf/cf.syslog
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# Configure sysklogd and tcp-wrapper for it. Most of this
-# can be removed when Debian bug #205239 is fixed.
-#
-links:
-
- # On server and ltsp-server
- debian.server|debian.ltspserver::
-
- # Enable UDP to make sure to syslog messages are accepted via UDP
- /etc/rsyslog.d/debian-edu-collector.conf ->! /usr/share/debian-edu-config/rsyslog-collector
- nofile=force
-
-editfiles:
-
- # On server. FIXME tcp-wrapper do not seem to be used by rsyslogd
- debian.server::
-
- # edit /etc/hosts.{allow,deny} to allow syslog packages from 10.0.0.0/8
- { /etc/hosts.allow
- AppendIfNoSuchLine "syslog: 10."
- }
-
- # On ltsp-server
- debian.ltspserver::
-
- # edit /etc/hosts.{allow,deny} to allow syslog packages from 192.168.0.0/24
- { /etc/hosts.allow
- AppendIfNoSuchLine "syslog: 192.168.0."
- }
-
- # On every host except the server and a standalone machine, send
- # syslog messages to the central collector.
- debian.!server.!standalone::
- { /etc/rsyslog.d/debian-edu-client.conf
- AutoCreate
- AppendIfNoSuchLine "*.* @${syslogserver}"
- }
-
-files:
- debian.secondpass.!server.!standalone::
- /etc/rsyslog.d/debian-edu-client.conf mode=644 act=fixall
diff --git a/cf/cf.sysstat b/cf/cf.sysstat
deleted file mode 100644
index 6c3a0c8..0000000
--- a/cf/cf.sysstat
+++ /dev/null
@@ -1,17 +0,0 @@
-editfiles:
-
- debian.server::
-
- # The contents of the file /etc/default/sysstat controls whether
- # sar runs or not.
- # Need to make sure that the line saying
- # ENABLED="false" (the default on install)
- # is changed to
- # ENABLED="true"
- # Probably only worthwhile to do this on servers:q
-
-
- { /etc/default/sysstat
- LocateLineMatching 'ENABLED="false"'
- ReplaceLineWith 'ENABLED="true"'
- }
diff --git a/cf/cf.testsetup b/cf/cf.testsetup
deleted file mode 100644
index 25aa130..0000000
--- a/cf/cf.testsetup
+++ /dev/null
@@ -1,7 +0,0 @@
-editfiles:
-
-# Enable bootlogd on test installations, to allow us to see all boot messages
- debian.installation.testinstall::
- { /etc/default/bootlogd
- ReplaceAll "BOOTLOGD_ENABLE=No" With "BOOTLOGD_ENABLE=Yes"
- }
diff --git a/cf/cf.thunderbird b/cf/cf.thunderbird
deleted file mode 100644
index a5c0ef5..0000000
--- a/cf/cf.thunderbird
+++ /dev/null
@@ -1,23 +0,0 @@
-#
-# Allow create/update certificate and key dbs for Thunderbird.
-#
-# On main server use /etc/skel/ to create a default profile for new
-# users in case they start Thunderbird the first time.
-directories:
- # Check file system is prepared for inclusion in new users home directories.
- debian.installation.server::
- /etc/skel/.thunderbird/debian-edu.default mode=755 owner=root group=root
-
-shellcommands:
- # Enable the default profile.
- debian.installation.server::
- "/usr/bin/update-ini-file /etc/skel/.thunderbird/profiles.ini General StartWithLastProfile 1"
- "/usr/bin/update-ini-file /etc/skel/.thunderbird/profiles.ini Profile0 Name default"
- "/usr/bin/update-ini-file /etc/skel/.thunderbird/profiles.ini Profile0 IsRelative 1"
- "/usr/bin/update-ini-file /etc/skel/.thunderbird/profiles.ini Profile0 Path debian-edu.default"
-
-files:
- # Ensure the profiles file is readable.
- debian.installation.server.secondpass::
- /etc/skel/.thunderbird/profiles.ini mode=a+r act=fixall
-
diff --git a/cf/cf.xrdp b/cf/cf.xrdp
deleted file mode 100644
index 7d71c9f..0000000
--- a/cf/cf.xrdp
+++ /dev/null
@@ -1,8 +0,0 @@
-links:
-
- debian.installation::
-
- /etc/xrdp/cert.pem ->! /etc/ssl/certs/debian-edu-server.crt
- nofile=force
- /etc/xrdp/key.pem ->! /etc/ssl/private/debian-edu-server.key
- nofile=force
diff --git a/cf/cfd b/cf/cfd
deleted file mode 100755
index f3faba9..0000000
--- a/cf/cfd
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-#Cfengine daemon startup script
-test -x /usr/sbin/cfd || exit 0
-NAME=cfd
-PATH=/usr/bin:/bin:/usr/sbin:/sbin
-CFINPUTS=/etc/cfengine/debian-edu
-export CFINPUTS
-
-
-case $1 in
-
- start) echo "Starting Cfengine daemon: cfd"
- /usr/sbin/cfd
- exit 0
- ;;
-
- stop) echo "Trying to kill Cfengine daemon"
- kill -9 `/bin/ps aux | /usr/bin/awk '/cfd/ {print $2}'`
- exit 0
- ;;
- *) N=/etc/init.d/$NAME
- echo "Usage: $N {start|stop}" >&2
- exit 1
- ;;
-
-
-esac
-
-
diff --git a/cf/cfd.conf b/cf/cfd.conf
deleted file mode 100644
index 254934d..0000000
--- a/cf/cfd.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-#########################################################
-#
-# This is the configure file for the Cfengine daemon cfd.
-#
-
-control:
- hosts = ( @all-hosts )
- cfengine = ( /etc/cfengine/debian-edu )
- MaxConnections = ( 10 )
-
-#########################################################
-
-admit: # or grant:
-
- any::
- $(cfengine) $(hosts)
-
-
-#########################################################
-
diff --git a/cf/cfengine.conf b/cf/cfengine.conf
deleted file mode 100644
index 6b2e6c5..0000000
--- a/cf/cfengine.conf
+++ /dev/null
@@ -1,140 +0,0 @@
-#
-# This is the main cfengine config file for the Debian Edu project. All
-# other cfengine config files are included from this file.
-###############################################################################
-
-control:
-
- cfinputs_version = ( 2 )
-
- #
- # Decides what to be done and in which sequence
- #
- # "copy" should come before "shellcommands" so that it is possible
- # to drop in a script and then run it from a cfengine
- # config file.
- #
-
- actionsequence = (
- mountall
- mountinfo
- unmount
- addmounts
- directories
- links
- mountall
- tidy
- files
- editfiles
- copy
- shellcommands
- files.secondpass
- shellcommands.secondpass
- shellcommands.thirdpass
- shellcommands.forthpass
- shellcommands.fifthpass
- )
-
-
- #
- # Adds a class where the tasks that should be executes only after the
- # installation is done, should be contained.
- # We can then run
- # "cfengine -N installation"
- # and then these taske wount be executed.
- #
-
- #addclasses = ( installation )
-
- #
- # Setting some variables
- #
-
- site = ( skole ) # Name on installation
- mountpattern = ( /$(site)/$(host) )
- homepattern = ( home? )
-
- access = ( root ) # Who is allowed to run cfengine
- sysadm = ( root ) # Name or mail alias to sysadm
- editfilesize = ( 200000 ) # Max size on textfiles that can be edited
-
- ltsp_arch = ( ExecResult(/usr/bin/ltsp-arch-debian-edu) )
-
- ldapserver = ( ExecResult(/usr/bin/debian-edu-ldapserver -f) )
- ldapbase = ( ExecResult(/usr/bin/debian-edu-ldapserver -b -f) )
- syslogserver = ( ExecResult(/usr/share/debian-edu-config/tools/locate-syslog-collector) )
-
- #
- # Variables that defines some important cataloges
- #
-
- adminfiles = ( /etc/cfengine/debian-edu )
- repository = ( /var/backups/cfengine )
- masterfiles = ( /etc/cfengine/debian-edu/masterfiles )
-
- cfserver = ( cfengine )
-
-###############################################################################
-
-groups:
-
- server = ( "/bin/grep -q 'Main-Server' /etc/debian-edu/config" )
- installation = ( "/usr/bin/test -e /sbin/start-stop-daemon.REAL" )
- testinstall = ( "/bin/grep -q 'TESTINSTALL=\"true\"' /etc/debian-edu/config" )
- ltspserver = ( "/usr/bin/test -x /usr/sbin/ltsp-build-client" )
- workstation = ( "/usr/bin/test -e /etc/desktop-profiles/debian-edu-menus.listing -a -e /usr/bin/ntpq" )
- roaming = ( "/bin/grep -q 'Roaming-Workstation' /etc/debian-edu/config" )
- standalone = ( "/usr/bin/test ! -e /usr/bin/ntpq" )
- ltspclient = ( "/usr/bin/test -e /usr/bin/getltscfg" )
-
- # Set if the internet is reachable for downloading files
- internet = ( "/usr/bin/wget -qO /dev/null http://ftp.debian.org/debian/README " )
-
-###############################################################################
-
-import:
-
- debian.installation::
-
- cf.apt
- cf.chromium
- cf.cups
- cf.dhcpserver
- cf.exim
- cf.fstab
- cf.firefox-esr
- cf.grub
- cf.imap
- cf.inetd
- cf.krb5client
- cf.ldapclient
- cf.ldapserver
- cf.ntp
- cf.squid
- cf.pxeinstall
- cf.syslog
- cf.testsetup
-
- debian.server.installation::
- cf.apache2
- cf.nagios3
- cf.bind
- cf.pki
- cf.samba
- cf.squid
- cf.sysstat
- cf.thunderbird
- cf.xrdp
-
- debian.ltspserver.installation::
- cf.ltsp
- cf.sysstat
-
- debian.workstation.installation::
- cf.cfengine
-
- debian.installation.!standalone::
- cf.adduser
- cf.homes
-
-###############################################################################
diff --git a/cf/cfrunhosts.pl b/cf/cfrunhosts.pl
deleted file mode 100755
index d6f32d3..0000000
--- a/cf/cfrunhosts.pl
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/usr/bin/perl -w
-#
-# Generates cfrun.hosts from dhcpd.conf
-
-$CFRUN = "/etc/cfengine/cfrun.hosts";
-$DHCPD = "/etc/dhcp/dhcpd.conf";
-$range = "";
-
-# Test if cfrun.hosts already exists
-if(-e $CFRUN || !(-e $DHCPD) )
-{
- exit(0);
-}
-else
-{
- # Get the range from dhcpd.conf
- open (FIL,$DHCPD) or die "Can't open $DHCPD !\n";
- $line = <FIL>; # <FIL> return a line from the file
- while ($line = <FIL>) # <FIL> returning an empty string at file-end
- {
- if($line =~ /range (\d*\.\d*\.\d*\.\d*) (\d*\.\d*\.\d*\.\d*)/i)
- {
- $range .= "$1 $2\n";
- }
- }
- close(FIL);
-
-
- # Creating the file and writing domain and access variables ++
- `touch $CFRUN`;
- chomp($domainname=`/bin/dnsdomainname`); # ex: iu.hio.no
-
- open (OUT, ">$CFRUN") || die ("couldn't open $CFRUN");
-
- print OUT "# This file is generated by the script /etc/cfengine/cfrunhosts.pl\n";
- print OUT "# cfrun.hosts states which hosts will run when the command ::cfrun:: is given\n";
- print OUT "# This file makes it easy for systems using dhcp to utilize cfrun\n";
- print OUT "domain=$domainname\n";
- print OUT "access=root\n";
- print OUT "$range\n";
-
- close (OUT);
-}
diff --git a/sbin/cfengine-debian-edu b/sbin/cfengine-debian-edu
deleted file mode 100755
index 86efb7c..0000000
--- a/sbin/cfengine-debian-edu
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/sh
-#
-# Author: Petter Reinholdtsen <pere at hungry.com>
-# Date: 2001-11-25
-#
-# Run cfengine on config files in /etc/cfengine/debian-edu/. Used by the
-# Debian Edu project.
-
-basedir=/etc/cfengine/debian-edu
-masterhost=cfengine
-if [ -x /usr/sbin/cfagent ] ; then
- binary=/usr/sbin/cfagent
-else
- binary=/usr/bin/cfengine
-fi
-
-cd $basedir || exit 1
-
-test -x $binary || exit 2
-
-CFINPUTS="$basedir"
-export CFINPUTS
-
-# make sure all installation logs are kept in /var/log/installer/
-if [ -d /var/log/installer ] && [ ! -f /var/log/cfengine-debian-edu-1.log ] ; then
- logdir=/var/log/installer
-else
- logdir=/var/log
-fi
-
-$binary -v -f cfengine.conf $@ 2>&1 | tee $logdir/cfengine-debian-edu-1.log
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/debian-edu-config.git
More information about the debian-edu-commits
mailing list