diff --git a/base/centos-release-config/centos/build_srpm.data b/base/centos-release-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/base/centos-release-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/base/centos-release-config/centos/centos-release-config.spec b/base/centos-release-config/centos/centos-release-config.spec deleted file mode 100644 index bf390fb52..000000000 --- a/base/centos-release-config/centos/centos-release-config.spec +++ /dev/null @@ -1,48 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: centos-release-config -Name: centos-release-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: centos-release -Summary: package StarlingX configuration files of centos-release to system folder. - -%description -package StarlingX configuration files of centos-release to system folder. - -%prep -%setup - -%build - -%install -# Overwrite default issue files with cgcs related files. -install -d %{buildroot}%{_datadir}/starlingx -install -m 0644 issue %{buildroot}%{_datadir}/starlingx/stx.issue -install -m 0644 issue.net %{buildroot}%{_datadir}/starlingx/stx.issue.net -sed -i -e "s/@PLATFORM_RELEASE@/%{platform_release}/g" \ - %{buildroot}%{_datadir}/starlingx/stx.issue \ - %{buildroot}%{_datadir}/starlingx/stx.issue.net - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.issue %{_sysconfdir}/issue - cp -f %{_datadir}/starlingx/stx.issue.net %{_sysconfdir}/issue.net - chmod 644 %{_sysconfdir}/issue - chmod 644 %{_sysconfdir}/issue.net -fi -%files -%defattr(-,root,root,-) -%{_datadir}/starlingx/stx.issue -%{_datadir}/starlingx/stx.issue.net diff --git a/base/centos-release-config/files/issue b/base/centos-release-config/files/issue deleted file mode 100644 index c40d99762..000000000 --- a/base/centos-release-config/files/issue +++ /dev/null @@ -1,22 +0,0 @@ - -Release @PLATFORM_RELEASE@ \n \l ------------------------------------------------------------------------- -W A R N I N G *** W A R N I N G *** W A R N I N G *** W A R N I N G *** ------------------------------------------------------------------------- -THIS IS A PRIVATE COMPUTER SYSTEM. -This computer system including all related equipment, network devices -(specifically including Internet access), are provided only for authorized use. -All computer systems may be monitored for all lawful purposes, including to -ensure that their use is authorized, for management of the system, to -facilitate protection against unauthorized access, and to verify security -procedures, survivability and operational security. Monitoring includes active -attacks by authorized personnel and their entities to test or verify the -security of the system. During monitoring, information may be examined, -recorded, copied and used for authorized purposes. All information including -personal information, placed on or sent over this system may be monitored. Uses -of this system, authorized or unauthorized, constitutes consent to monitoring -of this system. Unauthorized use may subject you to criminal prosecution. -Evidence of any such unauthorized use collected during monitoring may be used -for administrative, criminal or other adverse action. Use of this system -constitutes consent to monitoring for these purposes. - diff --git a/base/centos-release-config/files/issue.net b/base/centos-release-config/files/issue.net deleted file mode 100644 index 5bff9a4b4..000000000 --- a/base/centos-release-config/files/issue.net +++ /dev/null @@ -1,21 +0,0 @@ -Release @PLATFORM_RELEASE@ ------------------------------------------------------------------------- -W A R N I N G *** W A R N I N G *** W A R N I N G *** W A R N I N G *** ------------------------------------------------------------------------- -THIS IS A PRIVATE COMPUTER SYSTEM. -This computer system including all related equipment, network devices -(specifically including Internet access), are provided only for authorized use. -All computer systems may be monitored for all lawful purposes, including to -ensure that their use is authorized, for management of the system, to -facilitate protection against unauthorized access, and to verify security -procedures, survivability and operational security. Monitoring includes active -attacks by authorized personnel and their entities to test or verify the -security of the system. During monitoring, information may be examined, -recorded, copied and used for authorized purposes. All information including -personal information, placed on or sent over this system may be monitored. Uses -of this system, authorized or unauthorized, constitutes consent to monitoring -of this system. Unauthorized use may subject you to criminal prosecution. -Evidence of any such unauthorized use collected during monitoring may be used -for administrative, criminal or other adverse action. Use of this system -constitutes consent to monitoring for these purposes. - diff --git a/base/dhcp-config/centos/build_srpm.data b/base/dhcp-config/centos/build_srpm.data deleted file mode 100644 index 75f295c2e..000000000 --- a/base/dhcp-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=2 diff --git a/base/dhcp-config/centos/dhcp-config.spec b/base/dhcp-config/centos/dhcp-config.spec deleted file mode 100644 index 4f4843881..000000000 --- a/base/dhcp-config/centos/dhcp-config.spec +++ /dev/null @@ -1,42 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -# Where dhcp configuration files are stored -%global dhcpconfdir %{_sysconfdir}/dhcp - -Summary: dhcp-config -Name: dhcp-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: dhclient -Summary: package StarlingX configuration files of dhcp to system folder. - -%description -package StarlingX configuration files of dhcp to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{dhcpconfdir} -%{__install} -p -m 0755 dhclient-enter-hooks %{buildroot}%{dhcpconfdir}/dhclient-enter-hooks -%{__install} -p -m 0644 dhclient.conf %{buildroot}%{dhcpconfdir}/dhclient.conf -ln -s %{dhcpconfdir}/dhclient-enter-hooks %{buildroot}%{_sysconfdir}/dhclient-enter-hooks - -%post - -%files -%config(noreplace) %{dhcpconfdir}/dhclient.conf -%{dhcpconfdir}/dhclient-enter-hooks -%{_sysconfdir}/dhclient-enter-hooks diff --git a/base/dhcp-config/files/dhclient-enter-hooks b/base/dhcp-config/files/dhclient-enter-hooks deleted file mode 100644 index 27388e9e6..000000000 --- a/base/dhcp-config/files/dhclient-enter-hooks +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# -# /etc/dhclient-enter-hooks -# -# This file is sourced by /sbin/dhclient-script. -# - -# Select wrs-install-uuid from ipv4 or ipv6 -if [ -n "$new_dhcp6_wrs_install_uuid" ]; then - wrs_install_uuid=$new_dhcp6_wrs_install_uuid -else - wrs_install_uuid=$new_wrs_install_uuid -fi - -# Enforce wrs-install-uuid on management and infrastrucure interfaces -source /etc/platform/platform.conf -if [ -n "$wrs_install_uuid" ]; then - if [ "$nodetype" == "controller" ]; then - source /etc/build.info - file="/www/pages/feed/rel-$SW_VERSION/install_uuid" - INSTALL_UUID=$(cat "$file") - fi - if [ "$INSTALL_UUID" != "$wrs_install_uuid" ]; then - exit_status=1 - fi -elif [ "$interface" == "$management_interface" -o \ - "$interface" == "$infrastructure_interface" ]; then - if [ "$nodetype" != "controller" -o \ - -e "/etc/platform/.initial_config_complete" ]; then - exit_status=1 - fi -fi diff --git a/base/dhcp-config/files/dhclient.conf b/base/dhcp-config/files/dhclient.conf deleted file mode 100644 index 6957e6abd..000000000 --- a/base/dhcp-config/files/dhclient.conf +++ /dev/null @@ -1,21 +0,0 @@ -# Default dhclient.conf file -# -option wrs-install-uuid code 224 = string; -option dhcp6.wrs-install-uuid code 224 = string; -request subnet-mask, broadcast-address, time-offset, routers, - domain-name, domain-name-servers, host-name, - interface-mtu, fqdn, dhcp6.fqdn, wrs-install-uuid, - dhcp6.wrs-install-uuid, netbios-name-servers, netbios-scope, - dhcp6.domain-name-servers; - -timeout 30; - -#Changed for CGCS to improve Dead office recovery (DOR behavior) -# retry: every 30 seconds -retry 5; - -# By default, use a hardware address based client-id for both IPv4 and IPv6. -# We change this via puppet to ensure that interfaces that share the same MAC -# are not using the same client-id value. -send dhcp6.client-id = concat(00:03:00, hardware); -send dhcp-client-identifier = concat(00:03:00, hardware); diff --git a/base/dnsmasq-config/centos/build_srpm.data b/base/dnsmasq-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/base/dnsmasq-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/base/dnsmasq-config/centos/dnsmasq-config.spec b/base/dnsmasq-config/centos/dnsmasq-config.spec deleted file mode 100644 index 4b5704a6d..000000000 --- a/base/dnsmasq-config/centos/dnsmasq-config.spec +++ /dev/null @@ -1,35 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: dnsmasq-config -Name: dnsmasq-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: dnsmasq -Summary: package StarlingX configuration files of dnsmasq to system folder. - -%description -package StarlingX configuration files of dnsmasq to system folder. - -%prep -%setup - -%build - -%install -mkdir -p %{buildroot}%{_sysconfdir}/init.d -install -m 755 init %{buildroot}%{_sysconfdir}/init.d/dnsmasq - -%post - -%files -%{_sysconfdir}/init.d/dnsmasq diff --git a/base/dnsmasq-config/files/init b/base/dnsmasq-config/files/init deleted file mode 100644 index 1517197fb..000000000 --- a/base/dnsmasq-config/files/init +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/sh -if [ -f /etc/centos-release ]; then - DAEMON=/usr/sbin/dnsmasq -else - DAEMON=/usr/bin/dnsmasq -fi -NAME=dnsmasq -DESC="DNS forwarder and DHCP server" -PIDFILE="/var/run/dnsmasq.pid" - -test -f $DAEMON || exit 0 - -case "$1" in - start) - echo -n "starting $DESC: $NAME... " - test -d /var/lib/misc/ || mkdir /var/lib/misc/ - start-stop-daemon -S -x $DAEMON --pidfile $PIDFILE -- $ARGS - echo "done." - echo -n "Refresh hosts cache" - nscd -i hosts - echo "done." - ;; - stop) - echo -n "stopping $DESC: $NAME... " - start-stop-daemon -K -x $DAEMON --pidfile $PIDFILE - rm -f $PIDFILE - echo "done." - ;; - status) - echo -n "dnsmasq " - start-stop-daemon -q -K -t -x $DAEMON --pidfile $PIDFILE - RET=$? - if [ "$RET" = "0" ]; then - PID=`cat $PIDFILE` - echo "($PID) is running" - else - echo "is not running" - # For lsb compliance return 3 if process not running - exit 3 - fi - ;; - restart) - echo "restarting $DESC: $NAME... " - $0 stop - $0 start - echo "done." - ;; - reload) - echo -n "reloading $DESC: $NAME... " - killall -HUP $(basename ${DAEMON}) - echo "done." - ;; - *) - echo "Usage: $0 {start|stop|status|restart|reload}" - exit 1 - ;; -esac - -exit 0 diff --git a/base/haproxy-config/centos/build_srpm.data b/base/haproxy-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/base/haproxy-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/base/haproxy-config/centos/haproxy-config.spec b/base/haproxy-config/centos/haproxy-config.spec deleted file mode 100644 index a4dec7f4f..000000000 --- a/base/haproxy-config/centos/haproxy-config.spec +++ /dev/null @@ -1,49 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: haproxy-config -Name: haproxy-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: haproxy -Summary: package StarlingX configuration files of haproxy to system folder. - -%description -package StarlingX configuration files of haproxy to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d 755 %{buildroot}%{_sysconfdir}/haproxy/errors/ -%{__install} -m 755 503.http %{buildroot}%{_sysconfdir}/haproxy/errors/503.http - -%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system -%{__install} -m 644 haproxy.service %{buildroot}%{_sysconfdir}/systemd/system - -mkdir -p %{_sysconfdir}/init.d -%{__install} -p -D -m 0755 haproxy.sh %{buildroot}%{_sysconfdir}/init.d/haproxy - -%post -/bin/systemctl disable haproxy.service -if test -s %{_sysconfdir}/logrotate.d/haproxy ; then - echo '#See /etc/logrotate.d/syslog for haproxy rules' > %{_sysconfdir}/logrotate.d/haproxy -fi - -%files -%defattr(-,root,root,-) -%dir %{_sysconfdir}/haproxy/errors/ -%{_sysconfdir}/haproxy/errors/* -%{_sysconfdir}/init.d/haproxy -%{_sysconfdir}/systemd/system/haproxy.service diff --git a/base/haproxy-config/files/503.http b/base/haproxy-config/files/503.http deleted file mode 100644 index 367d4254f..000000000 --- a/base/haproxy-config/files/503.http +++ /dev/null @@ -1,9 +0,0 @@ -HTTP/1.0 503 Service Unavailable -Cache-Control: no-cache -Connection: close -Content-Type: text/html - -

503 Service Unavailable

-No server is available to handle this request. - - diff --git a/base/haproxy-config/files/haproxy.service b/base/haproxy-config/files/haproxy.service deleted file mode 100644 index c2f10863c..000000000 --- a/base/haproxy-config/files/haproxy.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=HAProxy Load Balancer -After=syslog.target network.target - -[Service] -EnvironmentFile=/etc/sysconfig/haproxy -ExecStart=/etc/init.d/haproxy start -ExecStop=/etc/init.d/haproxy stop -ExecReload=/bin/kill -USR2 $MAINPID -KillMode=mixed - -[Install] -WantedBy=multi-user.target diff --git a/base/haproxy-config/files/haproxy.sh b/base/haproxy-config/files/haproxy.sh deleted file mode 100644 index 8791f9a1a..000000000 --- a/base/haproxy-config/files/haproxy.sh +++ /dev/null @@ -1,121 +0,0 @@ -#!/bin/sh - -### BEGIN INIT INFO -# Provides: HA-Proxy -# Required-Start: networking -# Required-Stop: networking -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: HA-Proxy TCP/HTTP reverse proxy -# Description: HA-Proxy is a TCP/HTTP reverse proxy -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/haproxy -NAME=haproxy -DESC="HA-Proxy TCP/HTTP reverse proxy" -PIDFILE="/var/run/$NAME.pid" -TPM_DATA_DIR="/var/run/TPM_haproxy/" -OPTS="-D -f /etc/haproxy/haproxy.cfg -p $PIDFILE" -RETVAL=0 - -# This is only needed till TPM In-Kernel -# ResourceMgr comes in -remove_TPM_transients () { - _HANDLES=`find $TPM_DATA_DIR -type f -name "hp*.bin" -printf "%f "` - for handle in $_HANDLES; do - handle_addr=`echo $handle | sed 's/hp\([0-9]*\)\.bin/\1/g'` - tss2_flushcontext -ha $handle_addr &> /dev/null - done - rm -f $TPM_DATA_DIR/* -} - -start() { - if [ -e $PIDFILE ]; then - PIDDIR=/proc/$(cat $PIDFILE) - if [ -d $PIDDIR ]; then - echo "$DESC already running." - return - else - echo "Removing stale PID file $PIDFILE" - rm -f $PIDFILE - fi - fi - - # TODO: This is a temporary workaround till - # we eventually add a resource manager for TPM - mkdir -p $TPM_DATA_DIR - - echo -n "Starting $NAME: " - - TPM_DATA_DIR=$TPM_DATA_DIR start-stop-daemon --start --pidfile $PIDFILE -x "$DAEMON" -- $OPTS - RETVAL=$? - if [ $RETVAL -eq 0 ]; then - echo "done." - else - remove_TPM_transients - echo "failed." - fi -} - -stop() { - if [ ! -e $PIDFILE ]; then - return - fi - - echo -n "Stopping $DESC..." - - start-stop-daemon --stop --quiet --retry 3 --oknodo --pidfile $PIDFILE -x "$DAEMON" - if [ -n "`pidof $DAEMON`" ] ; then - pkill -KILL -f $DAEMON - fi - echo "done." - rm -f $PIDFILE - rm -f /var/lock/subsys/$NAME - remove_TPM_transients -} - -status() { - pid=`cat $PIDFILE 2>/dev/null` - if [ -n "$pid" ]; then - if ps -p $pid &>/dev/null ; then - echo "$DESC is running" - RETVAL=0 - return - else - RETVAL=1 - fi - fi - echo "$DESC is not running" - RETVAL=1 -} - -check() { - /usr/sbin/$NAME -c -q -V -f /etc/$NAME/$NAME.cfg -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart|force-reload|reload) - stop - start - ;; - status) - status - ;; - check) - check - ;; - *) - echo "Usage: $0 {start|stop|force-reload|restart|reload|status|check}" - RETVAL=1 - ;; -esac - -exit $RETVAL diff --git a/base/initscripts-config/centos/build_srpm.data b/base/initscripts-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/base/initscripts-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/base/initscripts-config/centos/initscripts-config.spec b/base/initscripts-config/centos/initscripts-config.spec deleted file mode 100644 index a333e7f4b..000000000 --- a/base/initscripts-config/centos/initscripts-config.spec +++ /dev/null @@ -1,52 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: initscripts-config -Name: initscripts-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: %{_bindir}/systemctl -Requires: initscripts -Summary: package StarlingX configuration files of initscripts to system folder. - -%description -package StarlingX configuration files of initscripts to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d 644 %{buildroot}%{_datadir}/starlingx/ -%{__install} -d 644 %{buildroot}%{_sysconfdir}/sysconfig -%{__install} -d 755 %{buildroot}%{_initddir} -%{__install} -d 644 %{buildroot}%{_unitdir} - -%{__install} -m 644 sysctl.conf %{buildroot}%{_datadir}/starlingx/stx.sysctl.conf -%{__install} -m 644 sysconfig-network.conf %{buildroot}%{_sysconfdir}/sysconfig/network -%{__install} -m 755 mountnfs.sh %{buildroot}%{_initddir}/mountnfs -%{__install} -m 644 mountnfs.service %{buildroot}%{_unitdir}/mountnfs.service - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.sysctl.conf %{_sysconfdir}/sysctl.conf - chmod 644 %{_sysconfdir}/sysctl.conf -fi -%{_bindir}/systemctl enable mountnfs.service > /dev/null 2>&1 || : - -%files -%{_datadir}/starlingx/stx.sysctl.conf -%{_sysconfdir}/sysconfig/network -%{_initddir}/mountnfs -%{_unitdir}/mountnfs.service diff --git a/base/initscripts-config/files/mountnfs.service b/base/initscripts-config/files/mountnfs.service deleted file mode 100644 index 840fd84dc..000000000 --- a/base/initscripts-config/files/mountnfs.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=StarlingX Cloud Filesystem Auto-mounter -After=network.target nfscommon.service -Before=uexportfs.service - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/etc/init.d/mountnfs start -ExecStop=/etc/init.d/mountnfs stop - -[Install] -WantedBy=multi-user.target diff --git a/base/initscripts-config/files/mountnfs.sh b/base/initscripts-config/files/mountnfs.sh deleted file mode 100755 index adeea3d00..000000000 --- a/base/initscripts-config/files/mountnfs.sh +++ /dev/null @@ -1,100 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: mountnfs -# Required-Start: $local_fs $network $rpcbind -# Required-Stop: -# Default-Start: S -# Default-Stop: -### END INIT INFO - -# . /etc/default/rcS - -if [ "$1" = "stop" ]; then - # Avoid mounting if we're shutting down - exit 0 -fi - -# -# Run in a subshell because of I/O redirection. -# -test -f /etc/fstab && ( - -# -# Read through fstab line by line. If it is NFS, set the flag -# for mounting NFS filesystems. If any NFS partition is found and it -# not mounted with the nolock option, we start the rpcbind. -# -rpcbind=no -mount_nfs=no -mount_smb=no -mount_ncp=no -mount_cifs=no -while read device mountpt fstype options; do - case "$device" in - ""|\#*) - continue - ;; - esac - - case "$options" in - *noauto*) - continue - ;; - esac - - if test "$fstype" = nfs - then - mount_nfs=yes - case "$options" in - *nolock*) - ;; - *) - rpcbind=yes - ;; - esac - fi - if test "$fstype" = smbfs - then - mount_smb=yes - fi - if test "$fstype" = ncpfs - then - mount_ncp=yes - fi - if test "$fstype" = cifs - then - mount_cifs=yes - fi -done - -exec 0>&1 - -if test "$rpcbind" = yes; then - # WRL: Centos precheck: Dont start rpcbind in this init script. - # It is started by a systemd service file. - if test "/etc/centos-release" = no - then - if test -x /usr/sbin/rpcbind - then - service rpcbind status > /dev/null - if [ $? != 0 ]; then - echo -n "Starting rpcbind..." - start-stop-daemon --start --quiet --exec /usr/sbin/rpcbind - sleep 2 - fi - fi - fi -fi - -if test "$mount_nfs" = yes || test "$mount_smb" = yes || test "$mount_ncp" = yes || test "$mount_cifs" = yes; then - echo "Mounting remote filesystems..." - test "$mount_nfs" = yes && mount -a -t nfs - test "$mount_smb" = yes && mount -a -t smbfs - test "$mount_ncp" = yes && mount -a -t ncpfs - test "$mount_cifs" = yes && mount -a -t cifs -fi - -) < /etc/fstab - -: exit 0 - diff --git a/base/initscripts-config/files/sysconfig-network.conf b/base/initscripts-config/files/sysconfig-network.conf deleted file mode 100644 index 739791251..000000000 --- a/base/initscripts-config/files/sysconfig-network.conf +++ /dev/null @@ -1 +0,0 @@ -ZEROCONF=yes diff --git a/base/initscripts-config/files/sysctl.conf b/base/initscripts-config/files/sysctl.conf deleted file mode 100644 index db939ccb3..000000000 --- a/base/initscripts-config/files/sysctl.conf +++ /dev/null @@ -1,87 +0,0 @@ -# This configuration file is taken from Debian. -# -# /etc/sysctl.conf - Configuration file for setting system variables -# See sysctl.conf (5) for information. -# - -#kernel.domainname = example.com - -# Uncomment the following to stop low-level messages on console -kernel.printk = 4 4 1 7 - -# Reboot X seconds after a kernel panic -kernel.panic = 5 - -##############################################################3 -# Functions previously found in netbase -# - -# Uncomment the next two lines to enable Spoof protection (reverse-path filter) -# Turn on Source Address Verification in all interfaces to -# prevent some spoofing attacks -net.ipv4.conf.default.rp_filter=1 -net.ipv4.conf.all.rp_filter=1 - -# Uncomment the next line to enable TCP/IP SYN cookies -#net.ipv4.tcp_syncookies=1 - -# Uncomment the next line to enable packet forwarding for IPv4 -#net.ipv4.ip_forward=1 - -# Uncomment the next line to enable packet forwarding for IPv6 -#net.ipv6.conf.all.forwarding=1 - - -################################################################### -# Additional settings - these settings can improve the network -# security of the host and prevent against some network attacks -# including spoofing attacks and man in the middle attacks through -# redirection. Some network environments, however, require that these -# settings are disabled so review and enable them as needed. -# -# Ignore ICMP broadcasts -#net.ipv4.icmp_echo_ignore_broadcasts = 1 -# -# Ignore bogus ICMP errors -#net.ipv4.icmp_ignore_bogus_error_responses = 1 -# -# Do not accept ICMP redirects (prevent MITM attacks) -#net.ipv4.conf.all.accept_redirects = 0 -#net.ipv6.conf.all.accept_redirects = 0 -# _or_ -# Accept ICMP redirects only for gateways listed in our default -# gateway list (enabled by default) -# net.ipv4.conf.all.secure_redirects = 1 -# -# Do not send ICMP redirects (we are not a router) -#net.ipv4.conf.all.send_redirects = 0 -# -# Do not accept IP source route packets (we are not a router) -#net.ipv4.conf.all.accept_source_route = 0 -#net.ipv6.conf.all.accept_source_route = 0 -# -# Log Martian Packets -#net.ipv4.conf.all.log_martians = 1 -# - -#kernel.shmmax = 141762560 - -# Limit local port range -net.ipv4.ip_local_port_range = 49216 61000 -net.ipv4.tcp_tw_reuse = 1 -# Fix https://bugs.launchpad.net/starlingx/+bug/1817936 -net.ipv4.tcp_tw_recycle = 1 -# WRL -# set max socket memory ; default was 212992 -net.core.rmem_max=425984 - -# WRS -# The following kernel parameters help alleviate some RabbitMQ -# connection issues. These values need to be set here to ensure sysinv-agent -# remains connected to rabbitmq. Sysinv-agent starts before packstack and the -# long default values allowed the connection to be lost for 2 hours. -# Note the ipv4 vlaues are also applied to ipv6 connections. -net.ipv4.tcp_keepalive_intvl = 1 -net.ipv4.tcp_keepalive_probes = 5 -net.ipv4.tcp_keepalive_time = 5 - diff --git a/base/lighttpd-config/centos/build_srpm.data b/base/lighttpd-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/base/lighttpd-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/base/lighttpd-config/centos/lighttpd-config.spec b/base/lighttpd-config/centos/lighttpd-config.spec deleted file mode 100644 index f361ef422..000000000 --- a/base/lighttpd-config/centos/lighttpd-config.spec +++ /dev/null @@ -1,69 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX lighttpd Configuration File -Name: lighttpd-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -Requires: lighttpd - -%define debug_package %{nil} - -%description -StarlingX lighttpd configuration file - -%prep - -%setup - -%build - -%install - -CONFDIR=%{buildroot}%{_sysconfdir}/lighttpd -ROOTDIR=%{buildroot}/www - -install -d -m 1777 ${ROOTDIR}/tmp -install -d ${CONFDIR}/ssl -install -d ${ROOTDIR}/pages/dav -install -d %{buildroot}%{_datadir}/starlingx -install -m640 lighttpd.conf %{buildroot}%{_datadir}/starlingx/lighttpd.conf -install -m755 lighttpd.init %{buildroot}%{_datadir}/starlingx/lighttpd.init -install -m644 lighttpd-inc.conf ${CONFDIR}/lighttpd-inc.conf -install -m644 index.html.lighttpd ${ROOTDIR}/pages/index.html - -install -d %{buildroot}%{_sysconfdir}/logrotate.d -install -m644 lighttpd.logrotate %{buildroot}%{_datadir}/starlingx/lighttpd.logrotate - -chmod 02770 %{buildroot}%{_sysconfdir}/lighttpd - -%post -if [ $1 -eq 1 ] ; then - cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.conf %{_sysconfdir}/lighttpd/lighttpd.conf - chmod 640 %{_sysconfdir}/lighttpd/lighttpd.conf - cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.init %{_sysconfdir}/rc.d/init.d/lighttpd - chmod 755 %{_sysconfdir}/rc.d/init.d/lighttpd - cp --preserve=xattr -f %{_datadir}/starlingx/lighttpd.logrotate %{_sysconfdir}/logrotate.d/lighttpd - chmod 644 %{_sysconfdir}/logrotate.d/lighttpd -fi - - -%files -%defattr(-,root,root) -%license LICENSE -%{_datadir}/starlingx/lighttpd.conf -%{_datadir}/starlingx/lighttpd.logrotate -%{_datadir}/starlingx/lighttpd.init -%dir /www/pages/ -/www/pages/* -%config(noreplace) %{_sysconfdir}/lighttpd/lighttpd-inc.conf -/www/pages/index.html diff --git a/base/lighttpd-config/files/LICENSE b/base/lighttpd-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/base/lighttpd-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/base/lighttpd-config/files/index.html.lighttpd b/base/lighttpd-config/files/index.html.lighttpd deleted file mode 100644 index 378f0982c..000000000 --- a/base/lighttpd-config/files/index.html.lighttpd +++ /dev/null @@ -1 +0,0 @@ -

Welcome to StarlingX

diff --git a/base/lighttpd-config/files/lighttpd-inc.conf b/base/lighttpd-config/files/lighttpd-inc.conf deleted file mode 100644 index 8fa0e3b24..000000000 --- a/base/lighttpd-config/files/lighttpd-inc.conf +++ /dev/null @@ -1,3 +0,0 @@ -# default management network access -var.management_ip_network = "127.0.0.1" -var.pxeboot_ip_network = "" diff --git a/base/lighttpd-config/files/lighttpd.conf b/base/lighttpd-config/files/lighttpd.conf deleted file mode 100755 index af4d0394b..000000000 --- a/base/lighttpd-config/files/lighttpd.conf +++ /dev/null @@ -1,365 +0,0 @@ -# lighttpd configuration file -# -# use it as a base for lighttpd 1.0.0 and above -# -# $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $ - -############ Options you really have to take care of #################### - -## modules to load -# at least mod_access and mod_accesslog should be loaded -# all other module should only be loaded if really neccesary -# - saves some time -# - saves memory -server.modules = ( -# "mod_rewrite", -# "mod_redirect", -# "mod_alias", - "mod_access", -# "mod_cml", -# "mod_trigger_b4_dl", -# "mod_auth", -# "mod_status", -# "mod_setenv", -# "mod_fastcgi", - "mod_proxy", -# "mod_simple_vhost", -# "mod_evhost", -# "mod_userdir", -# "mod_cgi", -# "mod_compress", -# "mod_ssi", -# "mod_usertrack", -# "mod_expire", -# "mod_secdownload", -# "mod_rrdtool", -# "mod_webdav", - "mod_setenv", - "mod_accesslog" ) - -## a static document-root, for virtual-hosting take look at the -## server.virtual-* options -server.document-root = "/www/pages/" - -## where to send error-messages to -server.errorlog = "/var/log/lighttpd-error.log" - -# files to check for if .../ is requested -index-file.names = ( "index.php", "index.html", - "index.htm", "default.htm" ) - -## set the event-handler (read the performance section in the manual) -# server.event-handler = "freebsd-kqueue" # needed on OS X - -# mimetype mapping -mimetype.assign = ( - ".pdf" => "application/pdf", - ".sig" => "application/pgp-signature", - ".spl" => "application/futuresplash", - ".class" => "application/octet-stream", - ".ps" => "application/postscript", - ".torrent" => "application/x-bittorrent", - ".dvi" => "application/x-dvi", - ".gz" => "application/x-gzip", - ".pac" => "application/x-ns-proxy-autoconfig", - ".swf" => "application/x-shockwave-flash", - ".tar.gz" => "application/x-tgz", - ".tgz" => "application/x-tgz", - ".tar" => "application/x-tar", - ".zip" => "application/zip", - ".mp3" => "audio/mpeg", - ".m3u" => "audio/x-mpegurl", - ".wma" => "audio/x-ms-wma", - ".wax" => "audio/x-ms-wax", - ".ogg" => "application/ogg", - ".wav" => "audio/x-wav", - ".gif" => "image/gif", - ".jpg" => "image/jpeg", - ".jpeg" => "image/jpeg", - ".png" => "image/png", - ".svg" => "image/svg+xml", - ".xbm" => "image/x-xbitmap", - ".xpm" => "image/x-xpixmap", - ".xwd" => "image/x-xwindowdump", - ".css" => "text/css", - ".html" => "text/html", - ".htm" => "text/html", - ".js" => "text/javascript", - ".asc" => "text/plain", - ".c" => "text/plain", - ".cpp" => "text/plain", - ".log" => "text/plain", - ".conf" => "text/plain", - ".text" => "text/plain", - ".txt" => "text/plain", - ".dtd" => "text/xml", - ".xml" => "text/xml", - ".mpeg" => "video/mpeg", - ".mpg" => "video/mpeg", - ".mov" => "video/quicktime", - ".qt" => "video/quicktime", - ".avi" => "video/x-msvideo", - ".asf" => "video/x-ms-asf", - ".asx" => "video/x-ms-asf", - ".wmv" => "video/x-ms-wmv", - ".bz2" => "application/x-bzip", - ".tbz" => "application/x-bzip-compressed-tar", - ".tar.bz2" => "application/x-bzip-compressed-tar", - ".rpm" => "application/x-rpm", - ".cfg" => "text/plain" - ) - -# Use the "Content-Type" extended attribute to obtain mime type if possible -#mimetype.use-xattr = "enable" - - -## send a different Server: header -## be nice and keep it at lighttpd -# server.tag = "lighttpd" - -#### accesslog module -accesslog.filename = "/var/log/lighttpd-access.log" - - -## deny access the file-extensions -# -# ~ is for backupfiles from vi, emacs, joe, ... -# .inc is often used for code includes which should in general not be part -# of the document-root -url.access-deny = ( "~", ".inc" ) - -$HTTP["url"] =~ "\.pdf$" { - server.range-requests = "disable" -} - -## -# which extensions should not be handle via static-file transfer -# -# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi -static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) - -######### Options that are good to be but not neccesary to be changed ####### - -## bind to port 8080 -server.port = 8080 - -## bind to localhost (default: all interfaces) -#server.bind = "grisu.home.kneschke.de" - -## error-handler for status 404 -#server.error-handler-404 = "/error-handler.html" -#server.error-handler-404 = "/error-handler.php" - -## to help the rc.scripts -server.pid-file = "/var/run/lighttpd.pid" - - -###### virtual hosts -## -## If you want name-based virtual hosting add the next three settings and load -## mod_simple_vhost -## -## document-root = -## virtual-server-root + virtual-server-default-host + virtual-server-docroot -## or -## virtual-server-root + http-host + virtual-server-docroot -## -#simple-vhost.server-root = "/home/weigon/wwwroot/servers/" -#simple-vhost.default-host = "grisu.home.kneschke.de" -#simple-vhost.document-root = "/pages/" - - -## -## Format: .html -## -> ..../status-404.html for 'File not found' -#server.errorfile-prefix = "/home/weigon/projects/lighttpd/doc/status-" - -## virtual directory listings -## -## disabled as per Nessus scan CVE: 5.0 40984 -## Please do NOT enable as this is a security -## vulnerability. If you want dir listing for -## our dir path then a) either add a dir index (index.html) -## file within your dir path, or b) add your path as an exception -## rule (see the one for feeds/ dir below) -dir-listing.activate = "disable" - -## enable debugging -#debug.log-request-header = "enable" -#debug.log-response-header = "enable" -#debug.log-request-handling = "enable" -#debug.log-file-not-found = "enable" - -### only root can use these options -# -# chroot() to directory (default: no chroot() ) -#server.chroot = "/" - -## change uid to (default: don't care) -#server.username = "wwwrun" - -## change uid to (default: don't care) -#server.groupname = "wwwrun" - -## defaults to /var/tmp -server.upload-dirs = ( "/tmp" ) - -## change max-keep-alive-idle (default: 5 secs) -#server.max-keep-alive-idle = 5 - -#### compress module -#compress.cache-dir = "/tmp/lighttpd/cache/compress/" -#compress.filetype = ("text/plain", "text/html") - -#### proxy module -## read proxy.txt for more info - -# Proxy all non-static content to the local horizon dashboard -$HTTP["url"] !~ "^/(rel-[^/]*|feed|updates|static)/" { - proxy.server = ( "" => - ( "localhost" => - ( - "host" => "127.0.0.1", - "port" => 8008 - ) - ) - ) -} - -#### fastcgi module -## read fastcgi.txt for more info -## for PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini -#fastcgi.server = ( ".php" => -# ( "localhost" => -# ( -# "socket" => "/tmp/php-fastcgi.socket", -# "bin-path" => "/usr/local/bin/php" -# ) -# ) -# ) - -#### CGI module -#cgi.assign = ( ".pl" => "/usr/bin/perl", -# ".cgi" => "/usr/bin/perl" ) -# - -#### Listen to IPv6 -$SERVER["socket"] == "[::]:8080" { } - -#### status module -#status.status-url = "/server-status" -#status.config-url = "/server-config" - -#### auth module -## read authentication.txt for more info -#auth.backend = "plain" -#auth.backend.plain.userfile = "lighttpd.user" -#auth.backend.plain.groupfile = "lighttpd.group" - -#auth.backend.ldap.hostname = "localhost" -#auth.backend.ldap.base-dn = "dc=my-domain,dc=com" -#auth.backend.ldap.filter = "(uid=$)" - -#auth.require = ( "/server-status" => -# ( -# "method" => "digest", -# "realm" => "download archiv", -# "require" => "user=jan" -# ), -# "/server-config" => -# ( -# "method" => "digest", -# "realm" => "download archiv", -# "require" => "valid-user" -# ) -# ) - -#### url handling modules (rewrite, redirect, access) -#url.rewrite = ( "^/$" => "/server-status" ) -#url.redirect = ( "^/wishlist/(.+)" => "http://www.123.org/$1" ) - -#### both rewrite/redirect support back reference to regex conditional using %n -#$HTTP["host"] =~ "^www\.(.*)" { -# url.redirect = ( "^/(.*)" => "http://%1/$1" ) -#} - -# -# define a pattern for the host url finding -# %% => % sign -# %0 => domain name + tld -# %1 => tld -# %2 => domain name without tld -# %3 => subdomain 1 name -# %4 => subdomain 2 name -# -#evhost.path-pattern = "/home/storage/dev/www/%3/htdocs/" - -#### expire module -#expire.url = ( "/buggy/" => "access 2 hours", "/asdhas/" => "access plus 1 seconds 2 minutes") - -#### ssi -#ssi.extension = ( ".shtml" ) - -#### rrdtool -#rrdtool.binary = "/usr/bin/rrdtool" -#rrdtool.db-name = "/var/www/lighttpd.rrd" - -#### setenv -#setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" ) -#setenv.add-response-header = ( "X-Secret-Message" => "42" ) - -## for mod_trigger_b4_dl -# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db" -# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" ) -# trigger-before-download.trigger-url = "^/trigger/" -# trigger-before-download.download-url = "^/download/" -# trigger-before-download.deny-url = "http://127.0.0.1/index.html" -# trigger-before-download.trigger-timeout = 10 - -## for mod_cml -## don't forget to add index.cml to server.indexfiles -# cml.extension = ".cml" -# cml.memcache-hosts = ( "127.0.0.1:11211" ) - -#### variable usage: -## variable name without "." is auto prefixed by "var." and becomes "var.bar" -#bar = 1 -#var.mystring = "foo" - -## integer add -#bar += 1 -## string concat, with integer cast as string, result: "www.foo1.com" -#server.name = "www." + mystring + var.bar + ".com" -## array merge -#index-file.names = (foo + ".php") + index-file.names -#index-file.names += (foo + ".php") - -#### include -#include /etc/lighttpd/lighttpd-inc.conf -## same as above if you run: "lighttpd -f /etc/lighttpd/lighttpd.conf" -#include "lighttpd-inc.conf" - -#### include_shell -#include_shell "echo var.a=1" -## the above is same as: -#var.a=1 - -# deny access to feed directories for external connections. -# Only enable access to dir listing for feed directory if on internal network -# (i.e. mgmt or pxeboot networks) -include "/etc/lighttpd/lighttpd-inc.conf" -$HTTP["remoteip"] != "127.0.0.1" { - $HTTP["url"] =~ "^/(rel-[^/]*|feed|updates)/" { - dir-listing.activate = "enable" - } - $HTTP["remoteip"] != var.management_ip_network { - $HTTP["remoteip"] != var.pxeboot_ip_network { - $HTTP["url"] =~ "^/(rel-[^/]*|feed|updates)/" { - url.access-deny = ( "" ) - } - } - } -} -$HTTP["scheme"] == "https" { - setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=63072000; includeSubdomains; ") -} diff --git a/base/lighttpd-config/files/lighttpd.init b/base/lighttpd-config/files/lighttpd.init deleted file mode 100755 index 256e950cc..000000000 --- a/base/lighttpd-config/files/lighttpd.init +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/sh - -### BEGIN INIT INFO -# Provides: Web Server -# Required-Start: networking -# Required-Stop: networking -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Lighttpd Web Server -# Description: Web service to serve static files and proxy -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/lighttpd -NAME=lighttpd -DESC="Lighttpd Web Server" -OPTS="-f /etc/lighttpd/lighttpd.conf" -PIDFILE="/var/run/$NAME.pid" -PORT="80" - -start() -{ - - if lsof -t -i:${PORT} 1> /dev/null 2>&1; then - kill $(lsof -t -i:${PORT}) > /dev/null 2>&1 - fi - - if [ -e $PIDFILE ]; then - PIDDIR=/proc/$(cat $PIDFILE) - if [ -d ${PIDDIR} ]; then - echo "$DESC already running." - return - else - echo "Removing stale PID file $PIDFILE" - rm -f $PIDFILE - fi - fi - - echo -n "Checking scratch filesystem..." - let -i COUNT=0 - while [ ! -e /scratch ] - do - if [ $COUNT -ge 15 ] - then - echo "failed to find /scratch." - exit -1 - fi - let COUNT=COUNT+1 - sleep 1 - done - - echo -n "Mounting scratch filesystem to chroot tmp..." - umount /www/tmp >& /dev/null - rm -r /scratch/lighttpd >& /dev/null - mkdir -p /scratch/lighttpd - mount --bind /scratch/lighttpd /www/tmp/ - chown www /www/tmp/ - - echo -n "Starting $DESC..." - - start-stop-daemon --start --pidfile ${PIDFILE} -x "$DAEMON" -- $OPTS - RETVAL=$? - if [ $RETVAL -eq 0 ]; then - echo "done." - else - echo "failed." - fi -} - -stop() -{ - if [ ! -e $PIDFILE ]; then return; fi - - echo -n "Stopping $DESC..." - - start-stop-daemon --stop --quiet --pidfile ${PIDFILE} -x "$DAEMON" - RETVAL=$? - if [ $RETVAL -eq 0 ]; then - echo "done." - else - echo "failed." - fi - rm -f $PIDFILE - echo -n "Unmounting scratch filesystem from chroot tmp..." - umount /www/tmp -} - -status() -{ - pid=`cat $PIDFILE 2>/dev/null` - if [ -n "$pid" ]; then - if ps -p $pid &>/dev/null ; then - echo "$DESC is running" - RETVAL=0 - return - else - RETVAL=1 - fi - fi - echo "$DESC is not running" - RETVAL=3 -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart|force-reload|reload) - stop - start - ;; - status) - status - ;; - *) - echo "Usage: $0 {start|stop|force-reload|restart|reload|status}" - RETVAL=1 - ;; -esac - -exit $RETVAL diff --git a/base/lighttpd-config/files/lighttpd.logrotate b/base/lighttpd-config/files/lighttpd.logrotate deleted file mode 100644 index 5f1e87c8c..000000000 --- a/base/lighttpd-config/files/lighttpd.logrotate +++ /dev/null @@ -1,14 +0,0 @@ -/var/log/lighttpd-access.log -/var/log/lighttpd-error.log -/www/var/log/lighttpd-access.log -/www/var/log/lighttpd-error.log { - nodateext - size 10M - start 1 - rotate 10 - missingok - notifempty - compress - delaycompress - copytruncate -} diff --git a/base/net-snmp-config/centos/build_srpm.data b/base/net-snmp-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/base/net-snmp-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/base/net-snmp-config/centos/net-snmp-config.spec b/base/net-snmp-config/centos/net-snmp-config.spec deleted file mode 100644 index 64c3f4474..000000000 --- a/base/net-snmp-config/centos/net-snmp-config.spec +++ /dev/null @@ -1,53 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: net-snmp-config -Name: net-snmp-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: net-snmp -Summary: package StarlingX configuration files of net-snmp to system folder. - -%description -package StarlingX configuration files of net-snmp to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{_datadir}/starlingx -%{__install} -d %{buildroot}%{_datadir}/snmp -%{__install} -d %{buildroot}%{_initrddir} -%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system - -%{__install} -m 644 stx.snmpd.conf %{buildroot}%{_datadir}/starlingx/stx.snmpd.conf -%{__install} -m 755 stx.snmpd %{buildroot}%{_initddir}/snmpd -%{__install} -m 660 stx.snmp.conf %{buildroot}%{_datadir}/snmp/snmp.conf -%{__install} -m 644 snmpd.service %{buildroot}%{_sysconfdir}/systemd/system/snmpd.service - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.snmpd.conf %{_sysconfdir}/snmp/snmpd.conf - chmod 640 %{_sysconfdir}/snmp/snmpd.conf - chmod 640 %{_sysconfdir}/snmp/snmptrapd.conf -fi -%{_bindir}/systemctl disable snmpd.service - -%files -%{_datadir}/starlingx/stx.snmpd.conf -%{_initddir}/snmpd -%config(noreplace) %attr(0660,snmpd,snmpd) %{_datadir}/snmp/snmp.conf -%{_sysconfdir}/systemd/system/snmpd.service - diff --git a/base/net-snmp-config/files/snmpd.service b/base/net-snmp-config/files/snmpd.service deleted file mode 100644 index 131909137..000000000 --- a/base/net-snmp-config/files/snmpd.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Simple Network Management Protocol (SNMP) Daemon. -After=syslog.target network.target - -[Service] -Type=notify -Environment=OPTIONS="oamcontroller -u snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid" -EnvironmentFile=-/etc/sysconfig/snmpd -ExecStart=/etc/init.d/snmpd start -ExecStop=/etc/init.d/snmpd stop -ExecReload=/bin/kill -HUP $MAINPID - -[Install] -WantedBy=multi-user.target diff --git a/base/net-snmp-config/files/stx.snmp.conf b/base/net-snmp-config/files/stx.snmp.conf deleted file mode 100644 index c6315325f..000000000 --- a/base/net-snmp-config/files/stx.snmp.conf +++ /dev/null @@ -1,4 +0,0 @@ -# Configuration file for the Net-SNMP applications - -# Specifies the source address to be used by snmptrap application when sending SNMP traps -clientaddr oamcontroller diff --git a/base/net-snmp-config/files/stx.snmpd b/base/net-snmp-config/files/stx.snmpd deleted file mode 100644 index 78652baaf..000000000 --- a/base/net-snmp-config/files/stx.snmpd +++ /dev/null @@ -1,95 +0,0 @@ -#! /bin/sh -# /etc/init.d/snmpd: start snmp daemon. -. /etc/init.d/functions - -# Linux Standard Base (LSB) Error Codes -RETVAL=0 -GENERIC_ERROR=1 -INVALID_ARGS=2 -NOT_RUNNING=3 -NOT_INSTALLED=5 - -#set environment variables -export SNMPCONFPATH=/etc/snmp -export MIBDIRS=/usr/share/snmp/mibs - -SNMPDOPTS='oamcontroller -u snmpd -LS6d -Lf /dev/null -p /var/run/snmpd.pid' -PIDFILE=/var/run/snmpd.pid -SNMPTRAPDCONFIG=${SNMPCONFPATH}/snmpdtrapd.conf -SNMPDCONFIG=${SNMPCONFPATH}/snmpd.conf -SNMPDNAME=snmpd -SNMPD="/usr/sbin/${SNMPDNAME}" - -test -x ${SNMPD} || exit ${NOT_INSTALLED} - -# Reads config file (will override defaults above) -[ -r /etc/default/snmpd ] && . /etc/default/snmpd - -case "$1" in - start) - echo -n "Starting network management services: " - status ${SNMPD} >/dev/null - if [ $? -eq 0 ]; then - echo -n "is already running " - RETVAL=0 - elif [ -f ${SNMPDCONFIG} ]; then - start-stop-daemon -o --start --quiet --name ${SNMPDNAME} --pidfile "$PIDFILE" \ - --exec ${SNMPD} -- ${SNMPDOPTS} - RETVAL=$? - else - logger "${SNMPDCONFIG} is missing" - RETVAL=${GENERIC_ERROR} - fi - if [ ${RETVAL} -eq 0 ] ; then - pid=`pidof ${SNMPDNAME}` - echo "OK" - logger "${SNMPDNAME} (${pid})" - else - echo "FAIL" - RETVAL=${GENERIC_ERROR} - fi - - ;; - stop) - status ${SNMPD} >/dev/null - if [ $? -ne 0 ]; then - echo "$SNMPDNAME is not running" - RETVAL=0 - else - echo -n "Stopping network management services " - killproc ${SNMPDNAME} - if [ -n "`pidof ${SNMPDNAME}`" ] ; then - logger "Going to SIGKILL ${SNMPDNAME}" - killproc -KILL ${SNMPDNAME} - fi - /bin/rm -rf $PIDFILE - status ${SNMPD} >/dev/null - if [ $? -ne 0 ]; then - echo "Stopped" - RETVAL=0 - else - echo "Failed" - RETVAL=${GENERIC_ERROR} - fi - fi - ;; - status) - status ${SNMPD} >/dev/null - RETVAL=$? - if [ ! ${RETVAL} -eq 0 ] ; then - RETVAL=${NOT_RUNNING} - fi - - ;; - restart|reload|force-reload) - $0 stop - sleep 1 - $0 start - - ;; - *) - echo "Usage: /etc/init.d/snmpd {start|stop|status|restart|reload|force-reload}" - exit ${GENERIC_ERROR} -esac - -exit $RETVAL diff --git a/base/net-snmp-config/files/stx.snmpd.conf b/base/net-snmp-config/files/stx.snmpd.conf deleted file mode 100644 index 53eff7f7e..000000000 --- a/base/net-snmp-config/files/stx.snmpd.conf +++ /dev/null @@ -1,24 +0,0 @@ -########################################################################### -# -# snmpd.conf -# -# - created by the snmpconf configuration program -# -########################################################################### -# incl/excl subtree mask -view all included .1 80 - -sysDescr ? -sysObjectID 1.3.6.1.4.1.731.3 -sysContact ? -sysName ? -sysLocation ? -sysServices 72 - -[snmp] clientaddr oamcontroller -dlmod cgtsAgentPlugin /usr/lib64/libcgtsAgentPlugin.so.1 -dlmod snmpAuditPlugin /usr/lib64/libsnmpAuditPlugin.so.1 - -# Insert the snmpAudit hander into specific sections of the mib tree -injectHandler snmpAudit null -injectHandler snmpAudit bulk_to_next diff --git a/base/openssh-config/centos/build_srpm.data b/base/openssh-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/base/openssh-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/base/openssh-config/centos/openssh-config.spec b/base/openssh-config/centos/openssh-config.spec deleted file mode 100644 index f408f9f29..000000000 --- a/base/openssh-config/centos/openssh-config.spec +++ /dev/null @@ -1,48 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: openssh-config -Name: openssh-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: %{_bindir}/systemctl -Requires: openssh-clients -Requires: openssh-server - -Summary: package StarlingX configuration files of openssh to system folder. - -%description -package StarlingX configuration files of openssh to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{_datadir}/starlingx -%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system -%{__install} -m 644 sshd.service %{buildroot}%{_sysconfdir}/systemd/system/sshd.service -%{__install} -m 644 ssh_config %{buildroot}%{_datadir}/starlingx/ssh_config -%{__install} -m 600 sshd_config %{buildroot}%{_datadir}/starlingx/sshd_config - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/ssh_config %{_sysconfdir}/ssh/ssh_config - cp -f %{_datadir}/starlingx/sshd_config %{_sysconfdir}/ssh/sshd_config -fi - -%files -%{_sysconfdir}/systemd/system/sshd.service -%{_datadir}/starlingx/ssh_config -%{_datadir}/starlingx/sshd_config diff --git a/base/openssh-config/files/ssh_config b/base/openssh-config/files/ssh_config deleted file mode 100644 index c970defeb..000000000 --- a/base/openssh-config/files/ssh_config +++ /dev/null @@ -1,71 +0,0 @@ -# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $ - -# This is the ssh client system-wide configuration file. See -# ssh_config(5) for more information. This file provides defaults for -# users, and the values can be changed in per-user configuration files -# or on the command line. - -# Configuration data is parsed as follows: -# 1. command line options -# 2. user-specific file -# 3. system-wide file -# Any configuration value is only changed the first time it is set. -# Thus, host-specific definitions should be at the beginning of the -# configuration file, and defaults at the end. - -# Site-wide defaults for some commonly used options. For a comprehensive -# list of available options, their meanings and defaults, please see the -# ssh_config(5) man page. - -# Host * -# ForwardAgent no -# ForwardX11 no -# RhostsRSAAuthentication no -# RSAAuthentication yes -# PasswordAuthentication yes -# HostbasedAuthentication no -# GSSAPIAuthentication no -# GSSAPIDelegateCredentials no -# GSSAPIKeyExchange no -# GSSAPITrustDNS no -# BatchMode no -# CheckHostIP yes -# AddressFamily any -# ConnectTimeout 0 -# StrictHostKeyChecking ask -# IdentityFile ~/.ssh/identity -# IdentityFile ~/.ssh/id_rsa -# IdentityFile ~/.ssh/id_dsa -# IdentityFile ~/.ssh/id_ecdsa -# IdentityFile ~/.ssh/id_ed25519 -# Port 22 -# Protocol 2 -# Cipher 3des -# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc -# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 -# EscapeChar ~ -# Tunnel no -# TunnelDevice any:any -# PermitLocalCommand no -# VisualHostKey no -# ProxyCommand ssh -q -W %h:%p gateway.example.com -# RekeyLimit 1G 1h -# -# Uncomment this if you want to use .local domain -# Host *.local -# CheckHostIP no - -Host * - GSSAPIAuthentication yes -# If this option is set to yes then remote X11 clients will have full access -# to the original X11 display. As virtually no X11 client supports the untrusted -# mode correctly we set this to yes. - ForwardX11Trusted yes -# Send locale-related environment variables - SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES - SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT - SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE - SendEnv XMODIFIERS - -# Filtered key exchange algorithm list -KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 diff --git a/base/openssh-config/files/sshd.service b/base/openssh-config/files/sshd.service deleted file mode 100644 index 5cba52933..000000000 --- a/base/openssh-config/files/sshd.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=OpenSSH server daemon -Documentation=man:sshd(8) man:sshd_config(5) -After=network.target sshd-keygen.service -Wants=sshd-keygen.service - -[Service] -EnvironmentFile=/etc/sysconfig/sshd -ExecStart=/etc/init.d/sshd start -ExecStop=/etc/init.d/sshd stop -ExecReload=/bin/kill -HUP $MAINPID -PIDFile=/var/run/sshd.pid -KillMode=none -#Restart=on-failure -#RestartSec=42s - -[Install] -WantedBy=multi-user.target diff --git a/base/openssh-config/files/sshd_config b/base/openssh-config/files/sshd_config deleted file mode 100644 index 0dfc0e2d9..000000000 --- a/base/openssh-config/files/sshd_config +++ /dev/null @@ -1,148 +0,0 @@ -# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -# If you want to change the port on a SELinux system, you have to tell -# SELinux about this change. -# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER -# -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key -HostKey /etc/ssh/ssh_host_ecdsa_key -HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -RekeyLimit default 1h - -# Logging -#SyslogFacility AUTH -#SyslogFacility AUTHPRIV -LogLevel INFO - -# Authentication: - -LoginGraceTime 1m -PermitRootLogin no -#StrictModes yes -MaxAuthTries 4 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 -# but this is overridden so installations will only check .ssh/authorized_keys -AuthorizedKeysFile .ssh/authorized_keys - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no -PasswordAuthentication yes - -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes -ChallengeResponseAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no -#KerberosUseKuserok yes - -# GSSAPI options -GSSAPIAuthentication no -GSSAPICleanupCredentials yes -#GSSAPIStrictAcceptorCheck yes -#GSSAPIKeyExchange no -#GSSAPIEnablek5users no - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass -# the setting of "PermitRootLogin without-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. -# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several -# problems. -UsePAM yes - -AllowAgentForwarding no -AllowTcpForwarding no -#GatewayPorts no -X11Forwarding no -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -#PrintMotd yes -#PrintLastLog yes -#TCPKeepAlive yes -#UseLogin no -UsePrivilegeSeparation yes -#PermitUserEnvironment no -Compression no -ClientAliveInterval 15 -ClientAliveCountMax 4 -#ShowPatchLevel no -# Make SSH connect faster on bootup -UseDNS no -#PidFile /var/run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# default banner path -Banner /etc/issue.net - -# Accept locale-related environment variables -AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES -AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT -AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE -AcceptEnv XMODIFIERS - -# override default of no subsystems -Subsystem sftp /usr/libexec/openssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server -DenyUsers admin secadmin operator -# Filtered cipher, MAC and key exchange algorithm list, defaults can be -# obtained by ssh -Q cipher, ssh -Q mac and ssh -Q kex -# TODO (aning): once openssh is updated to 7.5, an explicit exclusion list -# using "-" should be used for cipher, MAC and kex excluded suites. -Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com -MACs hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com -KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 diff --git a/base/setup-config/centos/build_srpm.data b/base/setup-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/base/setup-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/base/setup-config/centos/setup-config.spec b/base/setup-config/centos/setup-config.spec deleted file mode 100644 index a10984685..000000000 --- a/base/setup-config/centos/setup-config.spec +++ /dev/null @@ -1,46 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: setup-config -Name: setup-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: setup -Summary: package StarlingX configuration files of setup to system folder. - -%description -package StarlingX configuration files of setup to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{_sysconfdir}/profile.d -%{__install} -d %{buildroot}%{_datadir}/starlingx -%{__install} -m 644 motd %{buildroot}%{_datadir}/starlingx/stx.motd -%{__install} -m 644 prompt.sh %{buildroot}%{_sysconfdir}/profile.d/prompt.sh -%{__install} -m 644 custom.sh %{buildroot}%{_sysconfdir}/profile.d/custom.sh - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.motd %{_sysconfdir}/motd - chmod 600 %{_sysconfdir}/{exports,fstab} -fi - -%files -%defattr(-,root,root,-) -%{_datadir}/starlingx/stx.motd -%{_sysconfdir}/profile.d/prompt.sh -%{_sysconfdir}/profile.d/custom.sh diff --git a/base/setup-config/files/custom.sh b/base/setup-config/files/custom.sh deleted file mode 100644 index 37a727310..000000000 --- a/base/setup-config/files/custom.sh +++ /dev/null @@ -1 +0,0 @@ -export TMOUT=900 diff --git a/base/setup-config/files/motd b/base/setup-config/files/motd deleted file mode 100644 index e2c1470e6..000000000 --- a/base/setup-config/files/motd +++ /dev/null @@ -1,5 +0,0 @@ - -WARNING: Unauthorized access to this system is forbidden and will be -prosecuted by law. By accessing this system, you agree that your -actions may be monitored if unauthorized usage is suspected. - diff --git a/base/setup-config/files/prompt.sh b/base/setup-config/files/prompt.sh deleted file mode 100644 index 44869d392..000000000 --- a/base/setup-config/files/prompt.sh +++ /dev/null @@ -1,4 +0,0 @@ -if [ "$PS1" ]; then - PS1='\h:\w\$ ' -fi -export PS1 diff --git a/base/systemd-config/centos/build_srpm.data b/base/systemd-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/base/systemd-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/base/systemd-config/centos/systemd-config.spec b/base/systemd-config/centos/systemd-config.spec deleted file mode 100644 index c33fa3b80..000000000 --- a/base/systemd-config/centos/systemd-config.spec +++ /dev/null @@ -1,60 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX systemd Configuration File -Name: systemd-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -BuildRequires: systemd = 219-62.el7_6.5 -Requires: systemd - -%define debug_package %{nil} - -%description -StarlingX systemd configuration file - -%prep - -%setup - -%build - -%install -install -d %{buildroot}%{_datadir}/starlingx -install -m644 60-persistent-storage.rules %{buildroot}%{_datadir}/starlingx/60-persistent-storage.rules -install -m644 journald.conf %{buildroot}%{_datadir}/starlingx/journald.conf -install -m644 systemd.conf.tmpfiles.d %{buildroot}%{_datadir}/starlingx/systemd.conf.tmpfiles.d -install -m644 tmp.conf.tmpfiles.d %{buildroot}%{_datadir}/starlingx/tmp.conf.tmpfiles.d -install -m644 tmp.mount %{buildroot}%{_datadir}/starlingx/tmp.mount - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/60-persistent-storage.rules %{_udevrulesdir}/ - chmod 644 %{_udevrulesdir}/60-persistent-storage.rules - cp -f %{_datadir}/starlingx/journald.conf %{_sysconfdir}/systemd - chmod 644 %{_sysconfdir}/systemd/journald.conf - cp -f %{_datadir}/starlingx/systemd.conf.tmpfiles.d %{_usr}/lib/tmpfiles.d/systemd.conf - chmod 644 %{_usr}/lib/tmpfiles.d/systemd.conf - cp -f %{_datadir}/starlingx/tmp.conf.tmpfiles.d %{_usr}/lib/tmpfiles.d/tmp.conf - chmod 644 %{_usr}/lib/tmpfiles.d/tmp.conf - cp -f %{_datadir}/starlingx/tmp.mount %{_unitdir}/ - chmod 644 %{_unitdir}/tmp.mount -fi - -%files -%defattr(-,root,root) -%license LICENSE -%{_datadir}/starlingx/60-persistent-storage.rules -%{_datadir}/starlingx/journald.conf -%{_datadir}/starlingx/systemd.conf.tmpfiles.d -%{_datadir}/starlingx/tmp.conf.tmpfiles.d -%{_datadir}/starlingx/tmp.mount diff --git a/base/systemd-config/files/60-persistent-storage.rules b/base/systemd-config/files/60-persistent-storage.rules deleted file mode 100644 index f6900345e..000000000 --- a/base/systemd-config/files/60-persistent-storage.rules +++ /dev/null @@ -1,105 +0,0 @@ -# do not edit this file, it will be overwritten on update - -# persistent storage links: /dev/disk/{by-id,by-uuid,by-label,by-path} -# scheme based on "Linux persistent device names", 2004, Hannes Reinecke - -# forward scsi device event to corresponding block device -ACTION=="change", SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST=="block", ATTR{block/*/uevent}="change" - -ACTION=="remove", GOTO="persistent_storage_end" - -# enable in-kernel media-presence polling -ACTION=="add", SUBSYSTEM=="module", KERNEL=="block", ATTR{parameters/events_dfl_poll_msecs}=="0", ATTR{parameters/events_dfl_poll_msecs}="2000" - -SUBSYSTEM!="block", GOTO="persistent_storage_end" - -# skip rules for inappropriate block devices -KERNEL=="fd*|mtd*|nbd*|gnbd*|btibm*|dm-*|md*|zram*|mmcblk[0-9]*rpmb", GOTO="persistent_storage_end" - -# ignore partitions that span the entire disk -TEST=="whole_disk", GOTO="persistent_storage_end" - -# for partitions import parent information -ENV{DEVTYPE}=="partition", IMPORT{parent}="ID_*" - -# NVMe -KERNEL=="nvme*[0-9]n*[0-9]", ATTR{wwid}=="?*", SYMLINK+="disk/by-id/nvme-$attr{wwid}" -KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{wwid}=="?*", SYMLINK+="disk/by-id/nvme-$attr{wwid}-part%n" - -KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{serial}=="?*", ENV{ID_SERIAL_SHORT}="$attr{serial}" -KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{wwid}=="?*", ENV{ID_WWN}="$attr{wwid}" -KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{model}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_SERIAL}="$attr{model}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}", OPTIONS="string_escape=replace" - -KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{serial}=="?*", ENV{ID_SERIAL_SHORT}="$attr{serial}" -KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{model}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_SERIAL}="$attr{model}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n", OPTIONS="string_escape=replace" - -# virtio-blk -KERNEL=="vd*[!0-9]", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/virtio-$env{ID_SERIAL}" -KERNEL=="vd*[0-9]", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/virtio-$env{ID_SERIAL}-part%n" - -# ATA devices using the "scsi" subsystem -KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", SUBSYSTEMS=="scsi", ATTRS{vendor}=="ATA", IMPORT{program}="ata_id --export $devnode" -# ATA/ATAPI devices (SPC-3 or later) using the "scsi" subsystem -KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", SUBSYSTEMS=="scsi", ATTRS{type}=="5", ATTRS{scsi_level}=="[6-9]*", IMPORT{program}="ata_id --export $devnode" - -# Run ata_id on non-removable USB Mass Storage (SATA/PATA disks in enclosures) -KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", ATTR{removable}=="0", SUBSYSTEMS=="usb", IMPORT{program}="ata_id --export $devnode" -# Otherwise, fall back to using usb_id for USB devices -KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", SUBSYSTEMS=="usb", IMPORT{builtin}="usb_id" - -# scsi devices -KERNEL=="sd*[!0-9]|sr*", ENV{ID_SERIAL}!="?*", IMPORT{program}="scsi_id --export --whitelisted -d $devnode", ENV{ID_BUS}="scsi" -KERNEL=="cciss*", ENV{DEVTYPE}=="disk", ENV{ID_SERIAL}!="?*", IMPORT{program}="scsi_id --export --whitelisted -d $devnode", ENV{ID_BUS}="cciss" -KERNEL=="sd*|sr*|cciss*", ENV{DEVTYPE}=="disk", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/$env{ID_BUS}-$env{ID_SERIAL}" -KERNEL=="sd*|cciss*", ENV{DEVTYPE}=="partition", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/$env{ID_BUS}-$env{ID_SERIAL}-part%n" - -# firewire -KERNEL=="sd*[!0-9]|sr*", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394-$attr{ieee1394_id}" -KERNEL=="sd*[0-9]", ATTRS{ieee1394_id}=="?*", SYMLINK+="disk/by-id/ieee1394-$attr{ieee1394_id}-part%n" - -KERNEL=="mmcblk[0-9]", SUBSYSTEMS=="mmc", ATTRS{name}=="?*", ATTRS{serial}=="?*", ENV{ID_NAME}="$attr{name}", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/mmc-$env{ID_NAME}_$env{ID_SERIAL}" -KERNEL=="mmcblk[0-9]p[0-9]", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/mmc-$env{ID_NAME}_$env{ID_SERIAL}-part%n" -KERNEL=="mspblk[0-9]", SUBSYSTEMS=="memstick", ATTRS{name}=="?*", ATTRS{serial}=="?*", ENV{ID_NAME}="$attr{name}", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/memstick-$env{ID_NAME}_$env{ID_SERIAL}" -KERNEL=="mspblk[0-9]p[0-9]", ENV{ID_NAME}=="?*", ENV{ID_SERIAL}=="?*", SYMLINK+="disk/by-id/memstick-$env{ID_NAME}_$env{ID_SERIAL}-part%n" - -# by-path (parent device path) -ENV{DEVTYPE}=="disk", DEVPATH!="*/virtual/*", IMPORT{builtin}="path_id" -ENV{DEVTYPE}=="disk", ENV{ID_PATH}=="?*", SYMLINK+="disk/by-path/$env{ID_PATH}" -ENV{DEVTYPE}=="partition", ENV{ID_PATH}=="?*", SYMLINK+="disk/by-path/$env{ID_PATH}-part%n" - -# skip unpartitioned removable media devices from drivers which do not send "change" events -ENV{DEVTYPE}=="disk", KERNEL!="sd*|sr*", ATTR{removable}=="1", GOTO="persistent_storage_end" - -# legacy virtio-pci by-path links (deprecated) -KERNEL=="vd*[!0-9]", ENV{ID_PATH}=="pci-*", SYMLINK+="disk/by-path/virtio-$env{ID_PATH}" -KERNEL=="vd*[0-9]", ENV{ID_PATH}=="pci-*", SYMLINK+="disk/by-path/virtio-$env{ID_PATH}-part%n" - -# probe filesystem metadata of optical drives which have a media inserted -KERNEL=="sr*", ENV{DISK_EJECT_REQUEST}!="?*", ENV{ID_CDROM_MEDIA_TRACK_COUNT_DATA}=="?*", ENV{ID_CDROM_MEDIA_SESSION_LAST_OFFSET}=="?*", \ - IMPORT{builtin}="blkid --offset=$env{ID_CDROM_MEDIA_SESSION_LAST_OFFSET}" -# single-session CDs do not have ID_CDROM_MEDIA_SESSION_LAST_OFFSET -KERNEL=="sr*", ENV{DISK_EJECT_REQUEST}!="?*", ENV{ID_CDROM_MEDIA_TRACK_COUNT_DATA}=="?*", ENV{ID_CDROM_MEDIA_SESSION_LAST_OFFSET}=="", \ - IMPORT{builtin}="blkid --noraid" - -# probe filesystem metadata of disks -KERNEL!="sr*", IMPORT{builtin}="blkid" - -# watch metadata changes by tools closing the device after writing -KERNEL!="sr*", OPTIONS+="watch" - -# by-label/by-uuid links (filesystem metadata) -ENV{ID_FS_USAGE}=="filesystem|other|crypto", ENV{ID_FS_UUID_ENC}=="?*", SYMLINK+="disk/by-uuid/$env{ID_FS_UUID_ENC}" -ENV{ID_FS_USAGE}=="filesystem|other", ENV{ID_FS_LABEL_ENC}=="?*", SYMLINK+="disk/by-label/$env{ID_FS_LABEL_ENC}" - -# by-id (World Wide Name) -ENV{DEVTYPE}=="disk", ENV{ID_WWN_WITH_EXTENSION}=="?*", SYMLINK+="disk/by-id/wwn-$env{ID_WWN_WITH_EXTENSION}" -ENV{DEVTYPE}=="partition", ENV{ID_WWN_WITH_EXTENSION}=="?*", SYMLINK+="disk/by-id/wwn-$env{ID_WWN_WITH_EXTENSION}-part%n" - -# by-partlabel/by-partuuid links (partition metadata) -ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_ENTRY_UUID}=="?*", SYMLINK+="disk/by-partuuid/$env{ID_PART_ENTRY_UUID}" -ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_ENTRY_NAME}=="?*", SYMLINK+="disk/by-partlabel/$env{ID_PART_ENTRY_NAME}" - -# add symlink to GPT root disk -ENV{ID_PART_ENTRY_SCHEME}=="gpt", ENV{ID_PART_GPT_AUTO_ROOT}=="1", SYMLINK+="gpt-auto-root" - -LABEL="persistent_storage_end" diff --git a/base/systemd-config/files/LICENSE b/base/systemd-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/base/systemd-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/base/systemd-config/files/journald.conf b/base/systemd-config/files/journald.conf deleted file mode 100644 index 932578e0d..000000000 --- a/base/systemd-config/files/journald.conf +++ /dev/null @@ -1,40 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. -# -# Entries in this file show the compile time defaults. -# You can change settings by editing this file. -# Defaults can be restored by simply deleting this file. -# -# See journald.conf(5) for details. - -[Journal] -Storage=none -#Compress=yes -#Seal=yes -#SplitMode=uid -#SyncIntervalSec=5m -RateLimitInterval=30s -RateLimitBurst=5000 -#SystemMaxUse= -#SystemKeepFree= -#SystemMaxFileSize= -#RuntimeMaxUse= -#RuntimeKeepFree= -#RuntimeMaxFileSize= -#MaxRetentionSec= -#MaxFileSec=1month -ForwardToSyslog=yes -#ForwardToKMsg=no -#ForwardToConsole=no -#ForwardToWall=yes -#TTYPath=/dev/console -#MaxLevelStore=debug -#MaxLevelSyslog=debug -#MaxLevelKMsg=notice -#MaxLevelConsole=info -#MaxLevelWall=emerg -#LineMax=48K diff --git a/base/systemd-config/files/systemd.conf.tmpfiles.d b/base/systemd-config/files/systemd.conf.tmpfiles.d deleted file mode 100644 index 3a5f2fe36..000000000 --- a/base/systemd-config/files/systemd.conf.tmpfiles.d +++ /dev/null @@ -1,42 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -# See tmpfiles.d(5) for details - -d /run/user 0755 root root - -F! /run/utmp 0664 root utmp - - -d /run/systemd/ask-password 0755 root root - -d /run/systemd/seats 0755 root root - -d /run/systemd/sessions 0755 root root - -d /run/systemd/users 0755 root root - -d /run/systemd/machines 0755 root root - -d /run/systemd/shutdown 0755 root root - -d /run/systemd/netif 0755 systemd-network systemd-network - -d /run/systemd/netif/links 0755 systemd-network systemd-network - -d /run/systemd/netif/leases 0755 systemd-network systemd-network - - -d /run/log 0755 root root - - -z /run/log/journal 2755 root systemd-journal - - -Z /run/log/journal/%m ~2750 root systemd-journal - - - -a+ /run/log/journal/%m - - - - d:group:sys_protected:r-x,d:group:wheel:r-x -A+ /run/log/journal/%m - - - - group:sys_protected:r-x,group:wheel:r-x - -z /var/log/journal 2755 root systemd-journal - - -z /var/log/journal/%m 2755 root systemd-journal - - -z /var/log/journal/%m/system.journal 0640 root systemd-journal - - - -a+ /var/log/journal - - - - d:group:sys_protected:r-x,d:group:wheel:r-x -a+ /var/log/journal - - - - group:sys_protected:r-x,group:wheel:r-x -a+ /var/log/journal/%m - - - - d:group:sys_protected:r-x,d:group:wheel:r-x -a+ /var/log/journal/%m - - - - group:sys_protected:r-x,group:wheel:r-x -a+ /var/log/journal/%m/system.journal - - - - group:sys_protected:r--,group:wheel:r-- - -d /var/lib/systemd 0755 root root - -d /var/lib/systemd/coredump 0755 root root 3d diff --git a/base/systemd-config/files/tmp.conf.tmpfiles.d b/base/systemd-config/files/tmp.conf.tmpfiles.d deleted file mode 100644 index 4d2a732fe..000000000 --- a/base/systemd-config/files/tmp.conf.tmpfiles.d +++ /dev/null @@ -1,20 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -# See tmpfiles.d(5) for details - -# Clear tmp directories separately, to make them easier to override -v /tmp 1777 root root 10d -v /tmp/var.tmp 1777 root root 30d -L+ /var/tmp - - - - /tmp/var.tmp - -# Exclude namespace mountpoints created with PrivateTmp=yes -x /tmp/systemd-private-%b-* -X /tmp/systemd-private-%b-*/tmp -x /var/tmp/systemd-private-%b-* -X /var/tmp/systemd-private-%b-*/tmp -X /tmp/var.tmp diff --git a/base/systemd-config/files/tmp.mount b/base/systemd-config/files/tmp.mount deleted file mode 100644 index eda2334b2..000000000 --- a/base/systemd-config/files/tmp.mount +++ /dev/null @@ -1,25 +0,0 @@ -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -[Unit] -Description=Temporary Directory -Documentation=man:hier(7) -Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems -ConditionPathIsSymbolicLink=!/tmp -DefaultDependencies=no -Conflicts=umount.target -Before=local-fs.target umount.target - -[Mount] -What=tmpfs -Where=/tmp -Type=tmpfs -Options=mode=1777,strictatime,size=1G - -# Make 'systemctl enable tmp.mount' work: -[Install] -WantedBy=local-fs.target diff --git a/config-files/audit-config/centos/audit-config.spec b/config-files/audit-config/centos/audit-config.spec deleted file mode 100644 index 8e2d646bb..000000000 --- a/config-files/audit-config/centos/audit-config.spec +++ /dev/null @@ -1,45 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX audit Configuration File -Name: audit-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -Requires: audit -Requires: audit-libs -Requires: audit-libs-python - -%define debug_package %{nil} - -%description -StarlingX audit configuration file - -%prep - -%setup - -%build - -%install -install -d %{buildroot}%{_datadir}/starlingx -install -m640 syslog.conf %{buildroot}%{_datadir}/starlingx/syslog.conf - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/syslog.conf %{_sysconfdir}/audisp/plugins.d/syslog.conf - chmod 640 %{_sysconfdir}/audisp/plugins.d/syslog.conf -fi - -%files -%defattr(-,root,root) -%license LICENSE -%{_datadir}/starlingx/syslog.conf diff --git a/config-files/audit-config/centos/build_srpm.data b/config-files/audit-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/config-files/audit-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/config-files/audit-config/files/LICENSE b/config-files/audit-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/audit-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/audit-config/files/syslog.conf b/config-files/audit-config/files/syslog.conf deleted file mode 100644 index 0a80d72a6..000000000 --- a/config-files/audit-config/files/syslog.conf +++ /dev/null @@ -1,14 +0,0 @@ -# This file controls the configuration of the syslog plugin. -# It simply takes events and writes them to syslog. The -# arguments provided can be the default priority that you -# want the events written with. And optionally, you can give -# a second argument indicating the facility that you want events -# logged to. Valid options are LOG_LOCAL0 through 7, LOG_AUTH, -# LOG_AUTHPRIV, LOG_DAEMON, LOG_SYSLOG, and LOG_USER. - -active = yes -direction = out -path = builtin_syslog -type = builtin -args = LOG_INFO LOG_AUTH -format = string diff --git a/config-files/docker-config/centos/build_srpm.data b/config-files/docker-config/centos/build_srpm.data deleted file mode 100644 index 1ecddecca..000000000 --- a/config-files/docker-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="$PKG_BASE/files" -TIS_PATCH_VER=2 diff --git a/config-files/docker-config/centos/docker-config.spec b/config-files/docker-config/centos/docker-config.spec deleted file mode 100644 index 528d8f824..000000000 --- a/config-files/docker-config/centos/docker-config.spec +++ /dev/null @@ -1,32 +0,0 @@ -Summary: StarlingX Docker Configuration File -Name: docker-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown - -Source0: %{name}-%{version}.tar.gz - -BuildArch: noarch -Requires: docker-ce - -%define debug_package %{nil} - -%description -StarlingX docker configuration file - -%prep -%setup - -%install -make DATADIR=%{buildroot}%{_datadir} SYSCONFDIR=%{buildroot}%{_sysconfdir} install - -%files -%defattr(-,root,root) -%license LICENSE -%dir %{_sysconfdir}/systemd/system/docker.service.d -%{_sysconfdir}/pmon.d/docker.conf -%{_sysconfdir}/systemd/system/docker.service.d/docker-stx-override.conf -%{_sysconfdir}/logrotate.d/docker.logrotate \ No newline at end of file diff --git a/config-files/docker-config/files/LICENSE b/config-files/docker-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/docker-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/docker-config/files/Makefile b/config-files/docker-config/files/Makefile deleted file mode 100644 index 4007dd76d..000000000 --- a/config-files/docker-config/files/Makefile +++ /dev/null @@ -1,13 +0,0 @@ -# -# Copyright (c) 2019 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# - -install: - install -d -m 0755 $(SYSCONFDIR)/pmon.d - install -D -m 644 docker-pmond.conf $(SYSCONFDIR)/pmon.d/docker.conf - install -d -m 0755 $(SYSCONFDIR)/systemd/system/docker.service.d - install -D -m 644 docker-stx-override.conf $(SYSCONFDIR)/systemd/system/docker.service.d/docker-stx-override.conf - install -d -m 0755 $(SYSCONFDIR)/logrotate.d - install -D -m 644 docker.logrotate $(SYSCONFDIR)/logrotate.d/docker.logrotate \ No newline at end of file diff --git a/config-files/docker-config/files/docker-pmond.conf b/config-files/docker-config/files/docker-pmond.conf deleted file mode 100644 index e6c930e5b..000000000 --- a/config-files/docker-config/files/docker-pmond.conf +++ /dev/null @@ -1,15 +0,0 @@ -; -; Copyright (c) 2019 Wind River Systems, Inc. -; -; SPDX-License-Identifier: Apache-2.0 -; -[process] -process = dockerd -service = docker -pidfile = /var/run/dockerd.pid -style = lsb ; lsb -severity = critical ; minor, major, critical -restarts = 3 ; restarts before error assertion -startuptime = 5 ; seconds to wait after process start -interval = 5 ; number of seconds to wait between restarts -debounce = 20 ; number of seconds to wait before degrade clear diff --git a/config-files/docker-config/files/docker-stx-override.conf b/config-files/docker-config/files/docker-stx-override.conf deleted file mode 100644 index 85a66b139..000000000 --- a/config-files/docker-config/files/docker-stx-override.conf +++ /dev/null @@ -1,6 +0,0 @@ -[Service] -ExecStartPost=/bin/bash -c 'echo $MAINPID > /var/run/dockerd.pid;' -ExecStopPost=/bin/rm -f /var/run/dockerd.pid - -# pmond monitors docker service -Restart=no diff --git a/config-files/docker-config/files/docker.logrotate b/config-files/docker-config/files/docker.logrotate deleted file mode 100644 index a027840f5..000000000 --- a/config-files/docker-config/files/docker.logrotate +++ /dev/null @@ -1,42 +0,0 @@ -# -# Copyright (c) 2019 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# -# - -# copytruncate: Truncate the original log file in place after creating a copy, -# instead of moving the old log file and optionally creating a new one. It is -# used when some program can not be told to close its logfile and thus might -# continue writing (appending) to the previous log file forever. This prevents -# having to possibly reset the file handle of the log file. - -/var/lib/docker/containers/*/*-json.log -{ - nodateext - size 50M - start 1 - rotate 20 - missingok - notifempty - compress - delaycompress - copytruncate -} - -/var/lib/docker/overlay2/*/diff/var/log/apt/history.log -/var/lib/docker/overlay2/*/diff/var/log/bootstrap.log -/var/lib/docker/overlay2/*/diff/var/log/apt/term.log -/var/lib/docker/overlay2/*/diff/var/log/dpkg.log -/var/lib/docker/overlay2/*/diff/var/log/alternatives.log -{ - nodateext - size 10M - start 1 - rotate 20 - missingok - notifempty - compress - delaycompress - copytruncate -} diff --git a/config-files/io-scheduler/centos/build_srpm.data b/config-files/io-scheduler/centos/build_srpm.data deleted file mode 100644 index abc72096c..000000000 --- a/config-files/io-scheduler/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -COPY_LIST="$FILES_BASE/*" -TIS_PATCH_VER=0 diff --git a/config-files/io-scheduler/centos/files/60-io-scheduler.rules b/config-files/io-scheduler/centos/files/60-io-scheduler.rules deleted file mode 100644 index 66601737c..000000000 --- a/config-files/io-scheduler/centos/files/60-io-scheduler.rules +++ /dev/null @@ -1,28 +0,0 @@ -# This file contains the rules to customize io scheduler. - -# Heuristics: -# 'deadline' io-scheduler tuned settings -# - deadline generally recommended for databases, servers, and SSDs, -# and for more deterministic latency -# - note that read_expire is a key tuning parameter here -# - the following is recommended by DRBD user guide -# front_merges: 0 (from 1) -# read_expire: 150 (from 500) -# write_expire: 1500 (from 5000) -# -# 'noop' io scheduler for variants of HW-RAID. -# - RAID controller will do its own separate scheduling -# -# Overall: -# - We prefer to guarantee latency more than fairness for all platform services, -# especially under extreme read and write load, e.g, when creating/deleting -# multiple heat stacks, or running disk intensive operations. - -ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/scheduler}="deadline" -ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/iosched/front_merges}="0" -ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/iosched/read_expire}="150" -ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTR{queue/iosched/write_expire}="1500" - -# Set noop io scheduler for variants of HW-RAID. -# HP ProLiant DL360p Gen8; HP ProLiant DL380p Gen8 -ACTION=="add|change", SUBSYSTEM=="block", KERNEL=="sd[a-z]", ATTRS{raid_level}=="*RAID*", ATTR{queue/scheduler}="noop" diff --git a/config-files/io-scheduler/centos/files/LICENSE b/config-files/io-scheduler/centos/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/io-scheduler/centos/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/io-scheduler/centos/io-scheduler.spec b/config-files/io-scheduler/centos/io-scheduler.spec deleted file mode 100644 index af5d941e9..000000000 --- a/config-files/io-scheduler/centos/io-scheduler.spec +++ /dev/null @@ -1,29 +0,0 @@ -Summary: CGCS IO Scheduler Configuration -Name: io-scheduler -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: Wind River -URL: unknown - -Source0: 60-io-scheduler.rules -Source1: LICENSE - -%define udev_rules_d %{_sysconfdir}/udev/rules.d - -%description -CGCS io scheduler configuration and tuning. - -%install -mkdir -p %{buildroot}%{udev_rules_d} -install -m 644 %{SOURCE0} %{buildroot}%{udev_rules_d}/60-io-scheduler.rules - -%post -/bin/udevadm control --reload-rules -/bin/udevadm trigger --type=devices --subsystem-match=block - -%files -%license ../SOURCES/LICENSE -%defattr(-,root,root,-) -%{_sysconfdir}/udev/rules.d diff --git a/config-files/iptables-config/centos/build_srpm.data b/config-files/iptables-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/config-files/iptables-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/config-files/iptables-config/centos/iptables-config.spec b/config-files/iptables-config/centos/iptables-config.spec deleted file mode 100644 index fad1ebe12..000000000 --- a/config-files/iptables-config/centos/iptables-config.spec +++ /dev/null @@ -1,53 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX iptables Configuration File -Name: iptables-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -Requires: iptables -Requires: iptables-services -Requires: iptables-utils - -%define debug_package %{nil} - -%description -StarlingX iptables configuration file - -%prep - -%setup - -%build - -%install -install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig -install -d %{buildroot}%{_datadir}/starlingx -install -m 600 iptables.rules %{buildroot}%{_datadir}/starlingx/iptables.rules -install -m 600 ip6tables.rules %{buildroot}%{_datadir}/starlingx/ip6tables.rules - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/iptables.rules %{_sysconfdir}/sysconfig/iptables - chmod 600 %{_sysconfdir}/sysconfig/iptables - cp -f %{_datadir}/starlingx/ip6tables.rules %{_sysconfdir}/sysconfig/ip6tables - chmod 600 %{_sysconfdir}/sysconfig/ip6tables -fi - -%{_bindir}/systemctl enable iptables.service ip6tables.service >/dev/null 2>&1 -exit 0 - -%files -%defattr(-,root,root) -%license LICENSE -%{_datadir}/starlingx/iptables.rules -%{_datadir}/starlingx/ip6tables.rules diff --git a/config-files/iptables-config/files/LICENSE b/config-files/iptables-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/iptables-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/iptables-config/files/ip6tables.rules b/config-files/iptables-config/files/ip6tables.rules deleted file mode 100644 index 9ba9a2636..000000000 --- a/config-files/iptables-config/files/ip6tables.rules +++ /dev/null @@ -1,8 +0,0 @@ -# system default rules -*filter -:INPUT ACCEPT [0:0] -:FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] -:INPUT-custom-pre - [0:0] -:INPUT-custom-post - [0:0] -COMMIT diff --git a/config-files/iptables-config/files/iptables.rules b/config-files/iptables-config/files/iptables.rules deleted file mode 100644 index 9ba9a2636..000000000 --- a/config-files/iptables-config/files/iptables.rules +++ /dev/null @@ -1,8 +0,0 @@ -# system default rules -*filter -:INPUT ACCEPT [0:0] -:FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] -:INPUT-custom-pre - [0:0] -:INPUT-custom-post - [0:0] -COMMIT diff --git a/config-files/memcached-custom/centos/build_srpm.data b/config-files/memcached-custom/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/config-files/memcached-custom/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/config-files/memcached-custom/centos/memcached-custom.spec b/config-files/memcached-custom/centos/memcached-custom.spec deleted file mode 100644 index 8a6ade353..000000000 --- a/config-files/memcached-custom/centos/memcached-custom.spec +++ /dev/null @@ -1,36 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: memcached-custom -Name: memcached-custom -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Summary: package memcached service files to system folder. - -%description -package memcached service files to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system -%{__install} -m 644 -p memcached.service %{buildroot}%{_sysconfdir}/systemd/system/memcached.service - -%post - -%files -%defattr(-,root,root,-) -%{_sysconfdir}/systemd/system/memcached.service - diff --git a/config-files/memcached-custom/files/memcached.service b/config-files/memcached-custom/files/memcached.service deleted file mode 100644 index 8dd1e891c..000000000 --- a/config-files/memcached-custom/files/memcached.service +++ /dev/null @@ -1,55 +0,0 @@ -# -# This service file is a customized version in platform-util package from -# openstack/stx-integ project - -[Unit] -Description=memcached daemon -Before=httpd.service -After=network-online.target - -[Service] -EnvironmentFile=/etc/sysconfig/memcached -ExecStart=/usr/bin/memcached -p ${PORT} -u ${USER} -m ${CACHESIZE} -c ${MAXCONN} $OPTIONS - -# Set up a new file system namespace and mounts private /tmp and /var/tmp directories -# so this service cannot access the global directories and other processes cannot -# access this service's directories. -PrivateTmp=true - -# Mounts the /usr, /boot, and /etc directories read-only for processes invoked by this unit. -ProtectSystem=full - -# Ensures that the service process and all its children can never gain new privileges -NoNewPrivileges=true - -# Sets up a new /dev namespace for the executed processes and only adds API pseudo devices -# such as /dev/null, /dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it, -# but no physical devices such as /dev/sda. -PrivateDevices=true - -# Required for dropping privileges and running as a different user -CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE -LimitNOFILE=16384 - -# Attempts to create memory mappings that are writable and executable at the same time, -# or to change existing memory mappings to become executable are prohibited. -# XXX: this property is supported with systemd 231+ which is not yet on EL7 -# MemoryDenyWriteExecute=true - -# Restricts the set of socket address families accessible to the processes of this unit. -# Protects against vulnerabilities such as CVE-2016-8655 -RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX - -# These service parameters are commented out since they are incompatible with -# Centos 7 and generate warning messages when included. -#ProtectKernelModules=true -#ProtectKernelTunables=true -#ProtectControlGroups=true -#RestrictRealtime=true -#RestrictNamespaces=true - -Restart=always -RestartSec=10 - -[Install] -WantedBy=multi-user.target diff --git a/config-files/ntp-config/centos/build_srpm.data b/config-files/ntp-config/centos/build_srpm.data deleted file mode 100644 index 7e7b60ef4..000000000 --- a/config-files/ntp-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -COPY_LIST="files/*" -TIS_PATCH_VER=0 diff --git a/config-files/ntp-config/centos/ntp-config.spec b/config-files/ntp-config/centos/ntp-config.spec deleted file mode 100644 index b78c75397..000000000 --- a/config-files/ntp-config/centos/ntp-config.spec +++ /dev/null @@ -1,50 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX ntp Configuration File -Name: ntp-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown - -Source0: LICENSE -Source1: ntpd.sysconfig -Source2: ntp.conf - -BuildArch: noarch -Requires: ntp -Requires: ntpdate -Requires: ntp-perl - -%define debug_package %{nil} - -%description -StarlingX ntp configuration file - -%install -install -d %{buildroot}%{_datadir}/starlingx -install -D -m644 %{SOURCE1} %{buildroot}%{_datadir}/starlingx/ntpd.sysconfig -install -D -m644 %{SOURCE2} %{buildroot}%{_datadir}/starlingx/ntp.conf - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/ntpd.sysconfig %{_sysconfdir}/sysconfig/ntpd - cp -f %{_datadir}/starlingx/ntp.conf %{_sysconfdir}/ntp.conf - chmod 644 %{_sysconfdir}/sysconfig/ntpd - chmod 644 %{_sysconfdir}/ntp.conf -fi - -%preun - -%postun - -%files -%defattr(-,root,root) -%license ../SOURCES/LICENSE -%{_datadir}/starlingx/ntpd.sysconfig -%{_datadir}/starlingx/ntp.conf diff --git a/config-files/ntp-config/files/LICENSE b/config-files/ntp-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/ntp-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/ntp-config/files/ntp.conf b/config-files/ntp-config/files/ntp.conf deleted file mode 100644 index 991f836d1..000000000 --- a/config-files/ntp-config/files/ntp.conf +++ /dev/null @@ -1,14 +0,0 @@ -# This is the most basic ntp configuration file -# The driftfile must remain in a place specific to this -# machine - it records the machine specific clock error -#driftfile /etc/ntp.drift -# This obtains a random server which will be close -# (in IP terms) to the machine. Add other servers -# as required, or change this. -#server time.server.example.com -# Using local hardware clock as fallback -# Disable this when using ntpd -q -g -x as ntpdate or it will sync to itself -#server 127.127.1.0 -#fudge 127.127.1.0 stratum 14 -# Defining a default security setting - lock everything down -restrict default ignore diff --git a/config-files/ntp-config/files/ntpd.sysconfig b/config-files/ntp-config/files/ntpd.sysconfig deleted file mode 100644 index c7838909e..000000000 --- a/config-files/ntp-config/files/ntpd.sysconfig +++ /dev/null @@ -1,2 +0,0 @@ -# Command line options for ntpd -OPTIONS="-p /var/run/ntp.pid" diff --git a/config-files/pam-config/centos/build_srpm.data b/config-files/pam-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/config-files/pam-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/config-files/pam-config/centos/pam-config.spec b/config-files/pam-config/centos/pam-config.spec deleted file mode 100644 index 908395d2d..000000000 --- a/config-files/pam-config/centos/pam-config.spec +++ /dev/null @@ -1,56 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: pam-config -Name: pam-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: pam -Requires: openssh -Summary: package StarlingX configuration files of pam to system folder. - -%description -package StarlingX configuration files of pam to system folder. - -%define _pamconfdir %{_sysconfdir}/pam.d - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{_pamconfdir} -%{__install} -d %{buildroot}%{_datadir}/starlingx -%{__install} -m 644 sshd.pam %{buildroot}%{_datadir}/starlingx/sshd.pam -%{__install} -m 644 common-account %{buildroot}%{_pamconfdir}/common-account -%{__install} -m 644 common-auth %{buildroot}%{_pamconfdir}/common-auth -%{__install} -m 644 common-password %{buildroot}%{_pamconfdir}/common-password -%{__install} -m 644 common-session %{buildroot}%{_pamconfdir}/common-session -%{__install} -m 644 common-session-noninteractive %{buildroot}%{_pamconfdir}/common-session-noninteractive -%{__install} -m 644 system-auth.pamd %{buildroot}%{_datadir}/starlingx/stx.system-auth - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.system-auth %{_pamconfdir}/system-auth - cp -f %{_datadir}/starlingx/sshd.pam %{_pamconfdir}/sshd -fi - -%files -%{_datadir}/starlingx/stx.system-auth -%{_datadir}/starlingx/sshd.pam -%config(noreplace) %{_pamconfdir}/common-account -%config(noreplace) %{_pamconfdir}/common-auth -%config(noreplace) %{_pamconfdir}/common-password -%config(noreplace) %{_pamconfdir}/common-session -%config(noreplace) %{_pamconfdir}/common-session-noninteractive diff --git a/config-files/pam-config/files/common-account b/config-files/pam-config/files/common-account deleted file mode 100755 index 46c86d061..000000000 --- a/config-files/pam-config/files/common-account +++ /dev/null @@ -1,27 +0,0 @@ -# -# /etc/pam.d/common-account - authorization settings common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of the authorization modules that define -# the central access policy for use on the system. The default is to -# only deny service to users whose accounts are expired in /etc/shadow. -# -# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. -# To take advantage of this, it is recommended that you configure any -# local modules either before or after the default block, and use -# pam-auth-update to manage selection of other modules. See -# pam-auth-update(8) for details. -# - -# here are the per-package modules (the "Primary" block) -account required pam_tally2.so -account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so -account [success=1 new_authtok_reqd=done default=ignore] pam_ldap.so -# here's the fallback if no module succeeds -account requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -account required pam_permit.so -# and here are more per-package modules (the "Additional" block) -# end of pam-auth-update config diff --git a/config-files/pam-config/files/common-auth b/config-files/pam-config/files/common-auth deleted file mode 100755 index b0990fcc9..000000000 --- a/config-files/pam-config/files/common-auth +++ /dev/null @@ -1,22 +0,0 @@ -# -# /etc/pam.d/common-auth - authentication settings common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of the authentication modules that define -# the central authentication scheme for use on the system -# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the -# traditional Unix authentication mechanisms. - -# here are the per-package modules (the "Primary" block) -# auth [success=1 default=ignore] pam_unix.so nullok_secure -# auth sufficient pam_ldap.so use_first_pass -auth required pam_tally2.so deny=5 unlock_time=300 audit -auth [success=2 default=ignore] pam_unix.so nullok_secure -auth [success=1 default=ignore] pam_ldap.so use_first_pass debug -# here's the fallback if no module succeeds -auth requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -auth required pam_permit.so -# and here are more per-package modules (the "Additional" block) diff --git a/config-files/pam-config/files/common-password b/config-files/pam-config/files/common-password deleted file mode 100755 index cfb100fd8..000000000 --- a/config-files/pam-config/files/common-password +++ /dev/null @@ -1,38 +0,0 @@ -# -# /etc/pam.d/common-password - password-related modules common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of modules that define the services to be -# used to change user passwords. The default is pam_unix. - -# Explanation of pam_unix options: -# -# The "sha512" option enables salted SHA512 passwords. Without this option, -# the default is Unix crypt. Prior releases used the option "md5". -# -# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in -# login.defs. -# -# See the pam_unix manpage for other options. - -# here are the per-package modules (the "Primary" block) - -################## Titanium Cloud Password Rules ####################### -## Enforce a password containing atleast 1 lower case, 1 upper case, # -## 1 digit and 1 special character. Such a password will have a # -## minimum length of 7 characters. A user may not re-use the last most # -## recent password and every password must differ from its previous # -## one by atleast 3 characters # -## - Added enforce_for_root for pam_pwquality.so # -######################################################################## - -password required pam_pwquality.so try_first_pass retry=3 authtok_type= difok=3 minlen=7 lcredit=-1 ucredit=-1 ocredit=-1 dcredit=-1 enforce_for_root debug -password required pam_pwhistory.so use_authtok enforce_for_root remember=2 retry=3 debug - -password sufficient pam_unix.so sha512 use_authtok debug -password [success=done authtok_err=die perm_denied=die default=ignore] pam_ldap.so use_authtok debug - - - -# If we got this far then its clearly a DENY -password requisite pam_deny.so diff --git a/config-files/pam-config/files/common-session b/config-files/pam-config/files/common-session deleted file mode 100755 index 9ce31c485..000000000 --- a/config-files/pam-config/files/common-session +++ /dev/null @@ -1,21 +0,0 @@ -# -# /etc/pam.d/common-session - session-related modules common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of modules that define tasks to be performed -# at the start and end of sessions of *any* kind (both interactive and -# non-interactive). -# - -# here are the per-package modules (the "Primary" block) -session [default=1] pam_permit.so -# here's the fallback if no module succeeds -session requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -session required pam_permit.so -# and here are more per-package modules (the "Additional" block) -session [success=1 new_authtok_reqd=done default=ignore] pam_unix.so -session [success=ok new_authtok_reqd=done default=bad] pam_ldap.so -session required pam_mkhomedir.so umask=0022 skel=/etc/skel diff --git a/config-files/pam-config/files/common-session-noninteractive b/config-files/pam-config/files/common-session-noninteractive deleted file mode 100755 index 239055e57..000000000 --- a/config-files/pam-config/files/common-session-noninteractive +++ /dev/null @@ -1,20 +0,0 @@ -# -# /etc/pam.d/common-session-noninteractive - session-related modules -# common to all non-interactive services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of modules that define tasks to be performed -# at the start and end of all non-interactive sessions. -# - -# here are the per-package modules (the "Primary" block) -session [default=1] pam_permit.so -# here's the fallback if no module succeeds -session requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -session required pam_permit.so -# and here are more per-package modules (the "Additional" block) -session [success=1 new_authtok_reqd=done default=ignore] pam_unix.so -session [success=ok new_authtok_reqd=done default=bad] pam_ldap.so diff --git a/config-files/pam-config/files/sshd.pam b/config-files/pam-config/files/sshd.pam deleted file mode 100644 index 3d6ce0a41..000000000 --- a/config-files/pam-config/files/sshd.pam +++ /dev/null @@ -1,24 +0,0 @@ -# WRSM-1.0 - -auth include common-auth -account required pam_nologin.so - -# SELinux needs to be the first session rule. This ensures that any -# lingering context has been cleared. Without out this it is possible -# that a module could execute code in the wrong domain. -# When the module is present, "required" would be sufficient (When SELinux -# is disabled, this returns success.) -session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close - -account include common-account -password include common-password -session optional pam_keyinit.so force revoke -session include common-session -session required pam_loginuid.so - -# SELinux needs to intervene at login time to ensure that the process -# starts in the proper default security context. Only sessions which are -# intended to run in the user's context should be run after this. -# When the module is present, "required" would be sufficient (When SELinux -# is disabled, this returns success.) -session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open diff --git a/config-files/pam-config/files/system-auth.pamd b/config-files/pam-config/files/system-auth.pamd deleted file mode 100755 index 431142689..000000000 --- a/config-files/pam-config/files/system-auth.pamd +++ /dev/null @@ -1,31 +0,0 @@ -#%PAM-1.0 -auth required pam_env.so -auth sufficient pam_unix.so nullok try_first_pass -auth requisite pam_succeed_if.so uid >= 1000 quiet_success -auth required pam_deny.so - -account required pam_unix.so -account sufficient pam_localuser.so -account sufficient pam_succeed_if.so uid < 1000 quiet -account required pam_permit.so - -################# StarlingX Cloud Password Rules ####################### -# Enforce a password containing atleast 1 lower case, 1 upper case, # -# 1 digit and 1 special character. Such a password will have a # -# minimum length of 7 characters. A user may not re-use the last most # -# recent password and every password must differ from its previous # -# one by atleast 3 characters # -# - Added enforce_for_root for pam_pwquality.so # -####################################################################### - -password requisite pam_pwquality.so try_first_pass retry=3 authtok_type= difok=3 minlen=7 lcredit=-1 ucredit=-1 ocredit=-1 dcredit=-1 enforce_for_root debug -password requisite pam_pwhistory.so use_authtok enforce_for_root remember=2 - -password [success=2 default=ignore] pam_unix.so sha512 shadow nullok try_first_pass use_authtok -password [success=1 default=ignore] pam_ldap.so use_authtok - -session optional pam_keyinit.so revoke -session required pam_limits.so --session optional pam_systemd.so -session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid -session required pam_unix.so diff --git a/config-files/rsync-config/centos/build_srpm.data b/config-files/rsync-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/config-files/rsync-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/config-files/rsync-config/centos/rsync-config.spec b/config-files/rsync-config/centos/rsync-config.spec deleted file mode 100644 index 585578b64..000000000 --- a/config-files/rsync-config/centos/rsync-config.spec +++ /dev/null @@ -1,39 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: rsync-config -Name: rsync-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: rsync -Summary: package StarlingX configuration files of rsync to system folder. - -%description -package StarlingX configuration files of rsync to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{_datadir}/starlingx/ -%{__install} -m 644 rsyncd.conf %{buildroot}%{_datadir}/starlingx/stx.rsyncd.conf - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.rsyncd.conf %{_sysconfdir}/rsyncd.conf -fi - -%files -%{_datadir}/starlingx/stx.rsyncd.conf diff --git a/config-files/rsync-config/files/rsyncd.conf b/config-files/rsync-config/files/rsyncd.conf deleted file mode 100644 index f7a26e1df..000000000 --- a/config-files/rsync-config/files/rsyncd.conf +++ /dev/null @@ -1,57 +0,0 @@ -# /etc/rsyncd.conf - -# Configuration file for rsync daemon -# See rsync(1) and rsyncd.conf(5) man pages for help - -# This file is required by rsync --daemon -pid file = /var/run/rsyncd.pid -use chroot = yes -read only = yes - -# Simple example for enabling your own local rsync server -#[everything] -# path = / -# comment = Everything except /etc exposed -# exclude = /etc - -[patching] - path = /opt/patching - comment = Patching filesystem - uid = root - read only = no - -[repo] - path = /www/pages/updates - comment = Patching repo - uid = root - read only = no - -[platform] - path = /etc/platform - comment = Platform configuration - uid = root - read only = no - -[certificate] - path = /etc/ssl/private - comment = SSL certificate - uid = root - read only = no - -[instances] - path = /etc/nova/instances - comment = Nova instances data - uid = root - read only = no - -[cacert] - path = /etc/ssl/certs - comment = SSL ca certificate - uid = root - read only = no - -[helm_charts] - path = /www/pages/helm_charts - comment = Helm chart repo - uid = root - read only = no diff --git a/config-files/shadow-utils-config/centos/build_srpm.data b/config-files/shadow-utils-config/centos/build_srpm.data deleted file mode 100644 index 7e7b60ef4..000000000 --- a/config-files/shadow-utils-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -COPY_LIST="files/*" -TIS_PATCH_VER=0 diff --git a/config-files/shadow-utils-config/centos/shadow-utils-config.spec b/config-files/shadow-utils-config/centos/shadow-utils-config.spec deleted file mode 100644 index 0205c426e..000000000 --- a/config-files/shadow-utils-config/centos/shadow-utils-config.spec +++ /dev/null @@ -1,55 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX shadow-utils Configuration File -Name: shadow-utils-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown - -Source0: LICENSE -Source1: login.defs -Source2: clear_shadow_locks.service - -BuildArch: noarch -# systemd provides %{_unitdir} -BuildRequires: systemd -Requires: setup -Requires: shadow-utils - -%define debug_package %{nil} - -%description -StarlingX shadow-utils configuration file - -%install -install -d %{buildroot}%{_sysconfdir} -install -d %{buildroot}%{_datadir}/starlingx -install -D -m644 %{SOURCE1} %{buildroot}%{_datadir}/starlingx/login.defs - -install -d -m 755 %{buildroot}%{_sysconfdir}/init.d -install -D -m644 %{SOURCE2} %{buildroot}%{_unitdir}/clear_shadow_locks.service - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/login.defs %{_sysconfdir}/ - chmod 644 %{_sysconfdir}/login.defs -fi -%systemd_post clear_shadow_locks.service - -%preun -%systemd_preun clear_shadow_locks.service - -%postun -%systemd_postun_with_restart clear_shadow_locks.service - -%files -%defattr(-,root,root) -%license ../SOURCES/LICENSE -%{_unitdir}/clear_shadow_locks.service -%{_datadir}/starlingx/login.defs diff --git a/config-files/shadow-utils-config/files/LICENSE b/config-files/shadow-utils-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/shadow-utils-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/shadow-utils-config/files/clear_shadow_locks.service b/config-files/shadow-utils-config/files/clear_shadow_locks.service deleted file mode 100644 index db004c1d3..000000000 --- a/config-files/shadow-utils-config/files/clear_shadow_locks.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Remove stale shadow lockfiles -After=local-fs.target systemd-tmpfiles-setup.service -Before=sysinit.target shutdown.target - -[Service] -Type=simple -ExecStart=/usr/bin/rm -f /etc/gshadow.lock /etc/shadow.lock /etc/passwd.lock /etc/group.lock - -[Install] -WantedBy=multi-user.target diff --git a/config-files/shadow-utils-config/files/login.defs b/config-files/shadow-utils-config/files/login.defs deleted file mode 100644 index 9cf8ac4cf..000000000 --- a/config-files/shadow-utils-config/files/login.defs +++ /dev/null @@ -1,386 +0,0 @@ -# -# /etc/login.defs - Configuration control definitions for the shadow package. -# -# $Id: login.defs 3038 2009-07-23 20:41:35Z nekral-guest $ -# - -# -# Delay in seconds before being allowed another attempt after a login failure -# Note: When PAM is used, some modules may enfore a minimal delay (e.g. -# pam_unix enforces a 2s delay) -# -FAIL_DELAY 3 - -# -# Enable logging and display of /var/log/faillog login failure info. -# -#FAILLOG_ENAB yes - -# -# Enable display of unknown usernames when login failures are recorded. -# -LOG_UNKFAIL_ENAB no - -# -# Enable logging of successful logins -# -LOG_OK_LOGINS no - -# -# Enable logging and display of /var/log/lastlog login time info. -# -#LASTLOG_ENAB yes - -# -# Enable checking and display of mailbox status upon login. -# -# Disable if the shell startup files already check for mail -# ("mailx -e" or equivalent). -# -#MAIL_CHECK_ENAB yes - -# -# Enable additional checks upon password changes. -# -#OBSCURE_CHECKS_ENAB yes - -# -# Enable checking of time restrictions specified in /etc/porttime. -# -#PORTTIME_CHECKS_ENAB yes - -# -# Enable setting of ulimit, umask, and niceness from passwd gecos field. -# -#QUOTAS_ENAB yes - -# -# Enable "syslog" logging of su activity - in addition to sulog file logging. -# SYSLOG_SG_ENAB does the same for newgrp and sg. -# -SYSLOG_SU_ENAB yes -SYSLOG_SG_ENAB yes - -# -# If defined, either full pathname of a file containing device names or -# a ":" delimited list of device names. Root logins will be allowed only -# upon these devices. -# -CONSOLE /etc/securetty -#CONSOLE console:tty01:tty02:tty03:tty04 - -# -# If defined, all su activity is logged to this file. -# -#SULOG_FILE /var/log/sulog - -# -# If defined, ":" delimited list of "message of the day" files to -# be displayed upon login. -# -#MOTD_FILE /etc/motd -#MOTD_FILE /etc/motd:/usr/lib/news/news-motd - -# -# If defined, this file will be output before each login prompt. -# -#ISSUE_FILE /etc/issue - -# -# If defined, file which maps tty line to TERM environment parameter. -# Each line of the file is in a format something like "vt100 tty01". -# -#TTYTYPE_FILE /etc/ttytype - -# -# If defined, login failures will be logged here in a utmp format. -# last, when invoked as lastb, will read /var/log/btmp, so... -# -#FTMP_FILE /var/log/btmp - -# -# If defined, name of file whose presence which will inhibit non-root -# logins. The contents of this file should be a message indicating -# why logins are inhibited. -# -#NOLOGINS_FILE /etc/nologin - -# -# If defined, the command name to display when running "su -". For -# example, if this is defined as "su" then a "ps" will display the -# command is "-su". If not defined, then "ps" would display the -# name of the shell actually being run, e.g. something like "-sh". -# -SU_NAME su - -# -# *REQUIRED* -# Directory where mailboxes reside, _or_ name of file, relative to the -# home directory. If you _do_ define both, #MAIL_DIR takes precedence. -# -#MAIL_DIR /var/spool/mail -MAIL_FILE .mail - -# -# If defined, file which inhibits all the usual chatter during the login -# sequence. If a full pathname, then hushed mode will be enabled if the -# user's name or shell are found in the file. If not a full pathname, then -# hushed mode will be enabled if the file exists in the user's home directory. -# -HUSHLOGIN_FILE .hushlogin -#HUSHLOGIN_FILE /etc/hushlogins - -# -# If defined, either a TZ environment parameter spec or the -# fully-rooted pathname of a file containing such a spec. -# -#ENV_TZ TZ=CST6CDT -#ENV_TZ /etc/tzname - -# -# If defined, an HZ environment parameter spec. -# -# for Linux/x86 -#ENV_HZ HZ=100 -# For Linux/Alpha... -#ENV_HZ HZ=1024 - -# -# *REQUIRED* The default PATH settings, for superuser and normal users. -# -# (they are minimal, add the rest in the shell startup files) -ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin -ENV_PATH PATH=/bin:/usr/bin - -# -# Terminal permissions -# -# TTYGROUP Login tty will be assigned this group ownership. -# TTYPERM Login tty will be set to this permission. -# -# If you have a "write" program which is "setgid" to a special group -# which owns the terminals, define TTYGROUP to the group number and -# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign -# TTYPERM to either 622 or 600. -# -TTYGROUP tty -TTYPERM 0600 - -# -# Login configuration initializations: -# -# ERASECHAR Terminal ERASE character ('\010' = backspace). -# KILLCHAR Terminal KILL character ('\025' = CTRL/U). -# ULIMIT Default "ulimit" value. -# -# The ERASECHAR and KILLCHAR are used only on System V machines. -# The ULIMIT is used only if the system supports it. -# (now it works with setrlimit too; ulimit is in 512-byte units) -# -# Prefix these values with "0" to get octal, "0x" to get hexadecimal. -# -ERASECHAR 0177 -KILLCHAR 025 -#ULIMIT 2097152 - -# Default initial "umask" value for non-PAM enabled systems. -# UMASK is also used by useradd and newusers to set the mode of new home -# directories. -# 022 is the default value, but 027, or even 077, could be considered -# better for privacy. There is no One True Answer here: each sysadmin -# must make up her mind. -UMASK 022 - -# -# Password aging controls: -# -# PASS_MAX_DAYS Maximum number of days a password may be used. -# PASS_MIN_DAYS Minimum number of days allowed between password changes. -# PASS_MIN_LEN Minimum acceptable password length. -# PASS_WARN_AGE Number of days warning given before a password expires. -# -PASS_MAX_DAYS 99999 -PASS_MIN_DAYS 0 -#PASS_MIN_LEN 5 -PASS_WARN_AGE 7 - -# -# If "yes", the user must be listed as a member of the first gid 0 group -# in /etc/group (called "root" on most Linux systems) to be able to "su" -# to uid 0 accounts. If the group doesn't exist or is empty, no one -# will be able to "su" to uid 0. -# -#SU_WHEEL_ONLY no - -# -# If compiled with cracklib support, where are the dictionaries -# -#CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict - -# -# Min/max values for automatic uid selection in useradd -# -UID_MIN 1000 -UID_MAX 60000 -# System accounts -SYS_UID_MIN 101 -SYS_UID_MAX 999 - -# -# Min/max values for automatic gid selection in groupadd -# -GID_MIN 1000 -GID_MAX 60000 -# System accounts -SYS_GID_MIN 101 -SYS_GID_MAX 999 - -# -# Max number of login retries if password is bad -# -LOGIN_RETRIES 5 - -# -# Max time in seconds for login -# -LOGIN_TIMEOUT 60 - -# -# Maximum number of attempts to change password if rejected (too easy) -# -#PASS_CHANGE_TRIES 5 - -# -# Warn about weak passwords (but still allow them) if you are root. -# -#PASS_ALWAYS_WARN yes - -# -# Number of significant characters in the password for crypt(). -# Default is 8, don't change unless your crypt() is better. -# Ignored if MD5_CRYPT_ENAB set to "yes". -# -#PASS_MAX_LEN 8 - -# -# Require password before chfn/chsh can make any changes. -# -#CHFN_AUTH yes - -# -# Which fields may be changed by regular users using chfn - use -# any combination of letters "frwh" (full name, room number, work -# phone, home phone). If not defined, no changes are allowed. -# For backward compatibility, "yes" = "rwh" and "no" = "frwh". -# -CHFN_RESTRICT rwh - -# -# Password prompt (%s will be replaced by user name). -# -# XXX - it doesn't work correctly yet, for now leave it commented out -# to use the default which is just "Password: ". -#LOGIN_STRING "%s's Password: " - -# -# Only works if compiled with MD5_CRYPT defined: -# If set to "yes", new passwords will be encrypted using the MD5-based -# algorithm compatible with the one used by recent releases of FreeBSD. -# It supports passwords of unlimited length and longer salt strings. -# Set to "no" if you need to copy encrypted passwords to other systems -# which don't understand the new algorithm. Default is "no". -# -# Note: If you use PAM, it is recommended to use a value consistent with -# the PAM modules configuration. -# -# This variable is deprecated. You should use ENCRYPT_METHOD. -# -#MD5_CRYPT_ENAB no - -# -# Only works if compiled with ENCRYPTMETHOD_SELECT defined: -# If set to MD5 , MD5-based algorithm will be used for encrypting password -# If set to SHA256, SHA256-based algorithm will be used for encrypting password -# If set to SHA512, SHA512-based algorithm will be used for encrypting password -# If set to DES, DES-based algorithm will be used for encrypting password (default) -# Overrides the MD5_CRYPT_ENAB option -# -# Note: If you use PAM, it is recommended to use a value consistent with -# the PAM modules configuration. -# -#ENCRYPT_METHOD DES - -# -# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. -# -# Define the number of SHA rounds. -# With a lot of rounds, it is more difficult to brute forcing the password. -# But note also that it more CPU resources will be needed to authenticate -# users. -# -# If not specified, the libc will choose the default number of rounds (5000). -# The values must be inside the 1000-999999999 range. -# If only one of the MIN or MAX values is set, then this value will be used. -# If MIN > MAX, the highest value will be used. -# -# SHA_CRYPT_MIN_ROUNDS 5000 -# SHA_CRYPT_MAX_ROUNDS 5000 - -# -# List of groups to add to the user's supplementary group set -# when logging in on the console (as determined by the CONSOLE -# setting). Default is none. -# -# Use with caution - it is possible for users to gain permanent -# access to these groups, even when not logged in on the console. -# How to do it is left as an exercise for the reader... -# -#CONSOLE_GROUPS floppy:audio:cdrom - -# -# Should login be allowed if we can't cd to the home directory? -# Default in no. -# -DEFAULT_HOME yes - -# -# If this file exists and is readable, login environment will be -# read from it. Every line should be in the form name=value. -# -#ENVIRON_FILE /etc/environment - -# -# If defined, this command is run when removing a user. -# It should remove any at/cron/print jobs etc. owned by -# the user to be removed (passed as the first argument). -# -#USERDEL_CMD /usr/sbin/userdel_local - -# -# Enable setting of the umask group bits to be the same as owner bits -# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is -# the same as gid, and username is the same as the primary group name. -# -# This also enables userdel to remove user groups if no members exist. -# -USERGROUPS_ENAB yes - -# -# If set to a non-nul number, the shadow utilities will make sure that -# groups never have more than this number of users on one line. -# This permit to support split groups (groups split into multiple lines, -# with the same group ID, to avoid limitation of the line length in the -# group file). -# -# 0 is the default value and disables this feature. -# -#MAX_MEMBERS_PER_GROUP 0 - -# -# If useradd should create home directories for users by default (non -# system users only) -# This option is overridden with the -M or -m flags on the useradd command -# line. -# -CREATE_HOME yes - diff --git a/config-files/sudo-config/centos/build_srpm.data b/config-files/sudo-config/centos/build_srpm.data deleted file mode 100644 index 2ec7ea02f..000000000 --- a/config-files/sudo-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -COPY_LIST="files/*" -TIS_PATCH_VER=1 diff --git a/config-files/sudo-config/centos/sudo-config.spec b/config-files/sudo-config/centos/sudo-config.spec deleted file mode 100644 index 537f5b1ca..000000000 --- a/config-files/sudo-config/centos/sudo-config.spec +++ /dev/null @@ -1,36 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX Sudo Configuration File -Name: sudo-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown - -Source0: sysadmin.sudo -Source1: LICENSE - -%define SYSADMIN_P 4SuW8cnXFyxsk - -%description -StarlingX sudo configuration file - -%install -install -d %{buildroot}/%{_sysconfdir}/sudoers.d -install -m 440 %{SOURCE0} %{buildroot}/%{_sysconfdir}/sudoers.d/sysadmin - -%pre -getent group sys_protected >/dev/null || groupadd -f -g 345 sys_protected -getent passwd sysadmin > /dev/null || \ -useradd -m -g sys_protected -G root \ - -d /home/sysadmin -p %{SYSADMIN_P} \ - -s /bin/sh sysadmin 2> /dev/null || : - -%files -%license ../SOURCES/LICENSE -%config(noreplace) %{_sysconfdir}/sudoers.d/sysadmin diff --git a/config-files/sudo-config/files/LICENSE b/config-files/sudo-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/sudo-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/sudo-config/files/sysadmin.sudo b/config-files/sudo-config/files/sysadmin.sudo deleted file mode 100644 index 0e3f513e9..000000000 --- a/config-files/sudo-config/files/sysadmin.sudo +++ /dev/null @@ -1,12 +0,0 @@ -## -## User privilege specification -## -sysadmin ALL=(ALL) ALL -sysadmin ALL=(root) NOPASSWD: /usr/bin/config_controller -sysadmin ALL=(root) NOPASSWD: /usr/bin/config_region -sysadmin ALL=(root) NOPASSWD: /usr/bin/config_subcloud -sysadmin ALL=(root) NOPASSWD: /usr/bin/config_management -sysadmin ALL=(root) NOPASSWD: /usr/local/sbin/collect - -Defaults lecture=never, secure_path=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin -Defaults passprompt="Password: " diff --git a/config-files/syslog-ng-config/centos/build_srpm.data b/config-files/syslog-ng-config/centos/build_srpm.data deleted file mode 100644 index aba1d8c1c..000000000 --- a/config-files/syslog-ng-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=5 diff --git a/config-files/syslog-ng-config/centos/syslog-ng-config.spec b/config-files/syslog-ng-config/centos/syslog-ng-config.spec deleted file mode 100644 index c2d0d8b8f..000000000 --- a/config-files/syslog-ng-config/centos/syslog-ng-config.spec +++ /dev/null @@ -1,69 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX syslog-ng Configuration File -Name: syslog-ng-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -# systemd provides %{_unitdir} -BuildRequires: systemd -Requires: syslog-ng -Requires: syslog-ng-libdbi - -%define debug_package %{nil} - -%description -StarlingX syslog-ng configuration file - -%prep - -%setup - -%build - -%install -install -d %{buildroot}%{_datadir}/starlingx -install -D -m644 syslog-ng.conf %{buildroot}%{_datadir}/starlingx/syslog-ng.conf -install -D -m644 syslog-ng.logrotate %{buildroot}%{_datadir}/starlingx/syslog-ng.logrotate -install -D -m644 remotelogging.conf %{buildroot}%{_sysconfdir}/syslog-ng/remotelogging.conf -install -d %{buildroot}%{_sbindir} -install -D -m700 fm_event_syslogger %{buildroot}%{_sbindir}/fm_event_syslogger -install -D -m644 syslog-ng.service %{buildroot}%{_datadir}/starlingx/syslog-ng.service - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/syslog-ng.conf %{_sysconfdir}/syslog-ng/syslog-ng.conf - chmod 644 %{_sysconfdir}/syslog-ng/syslog-ng.conf - cp -f %{_datadir}/starlingx/syslog-ng.logrotate %{_sysconfdir}/logrotate.d/syslog - chmod 644 %{_sysconfdir}/logrotate.d/syslog - cp -f %{_datadir}/starlingx/syslog-ng.service %{_unitdir}/syslog-ng.service - chmod 644 %{_unitdir}/syslog-ng.service -fi -ldconfig -%systemd_post syslog-ng.service - -%preun -%systemd_preun syslog-ng.service - -%postun -ldconfig -%systemd_postun_with_restart syslog-ng.service - - -%files -%defattr(-,root,root) -%license LICENSE -%config(noreplace) %{_sysconfdir}/syslog-ng/remotelogging.conf -%{_datadir}/starlingx/syslog-ng.conf -%{_datadir}/starlingx/syslog-ng.logrotate -%{_datadir}/starlingx/syslog-ng.service -%{_sbindir}/fm_event_syslogger diff --git a/config-files/syslog-ng-config/files/LICENSE b/config-files/syslog-ng-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/config-files/syslog-ng-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/config-files/syslog-ng-config/files/fm_event_syslogger b/config-files/syslog-ng-config/files/fm_event_syslogger deleted file mode 100644 index e9fb1ba4b..000000000 --- a/config-files/syslog-ng-config/files/fm_event_syslogger +++ /dev/null @@ -1,78 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2017 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# - -# Install a new certificate file, pushing it to both controllers -# Also allow a TPM option to install the certificate files using -# an onboard Trusted Platform Module (TPM) - -source /etc/platform/platform.conf - -processIMAAppraisal() -{ - # SAMPLE INCOMING EVENT: - # 20:43:51.000 localhost audispd: info node=localhost.localdomain - # type=INTEGRITY_DATA msg=audit(1507236231.359:4179): pid=4411 uid=0 - # auid=1875 ses=18 op="appraise_data" cause="missing-signature" - # comm=sudo name=/usr/lib64/ld-2.17.so dev=sda3 ino=262715 res=0 - event_array=($1) - _hostname=${event_array[0]} - _appraisal_msg=${event_array[@]:1} - # parse appraise specific fields from the message - for field in $_appraisal_msg; do - set -- `echo $field | tr '=' ' '` - eval _$1=$2; - done - - # sanity check (make sure its an appraisal event - if [ "${_op}" == "appraise_data" ]; then - # Fields explanation: - # - # alarm_id: 500.500 - # alarm_state: msg - # entity_type_id: system.service - # entity_instance_id: host=.service= - # severity: major - # reason_text: Host has IMA Appraisal failure for service , - # reason = - # alarm_type: integrity-violation - # probable_cause: information-modification-detected - # proposed_repair_action:free-format string providing additional details on how to - # clear the alarm. Optional. - # service_affecting: false - # suppression: false - # uuid: unique identifier of an active alarm instance, filled by FM system - # Timestamp: filled by FM system - _absol_path=`which $_comm` - [ $? -eq 0 ] || _absol_path="$_comm" -FM_EVENT_LOG="### ###500.500###msg###system.service###host=$_hostname.service=$_comm### ###major###Host $_hostname has IMA Appraisal failure for service $_absol_path when executing file $_name, reason = $_cause###integrity-violation###information-modification-detected### ### ### ###" - fmClientCli -c "\"$FM_EVENT_LOG\"" - fi -} - -while read line; do - if [ ! -z "$line" ]; then - # Before we proceed, we need to ensure that - # this node has been configured so that FM Events can - # be logged - if [ ${nodetype} == "controller" ]; then - _configuration_flag_file="/var/run/.controller_config_complete" - elif [ ${nodetype} == "worker" ]; then - _configuration_flag_file="/var/run/.worker_config_complete" - elif [ ${nodetype} == "storage" ]; then - _configuration_flag_file="/var/run/.storage_config_complete" - else - _configuration_flag_file="" - fi - - if [ -n "${_configuration_flag_file}" ] && [ -f "${_configuration_flag_file}" ]; then - # Only covers IMA appraisals at the moment, since this destination - # is only set up to IMA appraise logs in syslog-ng.conf, but this - # can be opened up to other FM Event Sysloggers - processIMAAppraisal "$line" - fi - fi -done diff --git a/config-files/syslog-ng-config/files/remotelogging.conf b/config-files/syslog-ng-config/files/remotelogging.conf deleted file mode 100644 index 3e63fb2c9..000000000 --- a/config-files/syslog-ng-config/files/remotelogging.conf +++ /dev/null @@ -1 +0,0 @@ -# THIS FILE IS NOW MANAGED THROUGH A PUPPET TEMPLATE diff --git a/config-files/syslog-ng-config/files/syslog-ng.conf b/config-files/syslog-ng-config/files/syslog-ng.conf deleted file mode 100644 index 43a406723..000000000 --- a/config-files/syslog-ng-config/files/syslog-ng.conf +++ /dev/null @@ -1,451 +0,0 @@ -@version: 3.4 -#@include "remotelogging.conf" -# -# Syslog-ng configuration file, compatible with default Debian syslogd -# installation. Originally written by anonymous (I can't find his name) -# Revised, and rewrited by me (SZALAY Attila ) - -# Common log format with fractional seconds, hostname, and priority -template t_log { - template("${YEAR}-${MONTH}-${DAY}T${HOUR}:${MIN}:${SEC}.${MSEC} ${HOST} ${MSGHDR}${PRIORITY} ${MSG}\n"); - template-escape(no); -}; - -template t_ocf_log { - template("${R_YEAR}-${R_MONTH}-${R_DAY}T${R_HOUR}:${R_MIN}:${R_SEC}.${R_MSEC} ${HOST} ${MSGHDR}${PRIORITY} ${MSG}\n"); - template-escape(no); -}; - -# Format for openstack logs that provide their own timestamp, priority, etc... -template t_openstack { - template("${MSG}\n"); - template-escape(no); -}; - -template t_libvirtd { - template("${YEAR}-${MONTH}-${DAY}T${HOUR}:${MIN}:${SEC}.${MSEC} ${MSG}\n"); - template-escape(no); -}; - -template t_nfv { - template("${YEAR}-${MONTH}-${DAY}T${HOUR}:${MIN}:${SEC}.${MSEC} ${HOST} ${MSG}\n"); - template-escape(no); -}; - -template t_mtc { - template("${R_YEAR}-${R_MONTH}-${R_DAY}T${R_HOUR}:${R_MIN}:${R_SEC}.${R_MSEC} ${MSG}\n"); - template-escape(no); -}; - -template t_fm { - template("${R_YEAR}-${R_MONTH}-${R_DAY}T${R_HOUR}:${R_MIN}:${R_SEC}.${R_MSEC} ${MSG}\n"); - template-escape(no); -}; - -template t_ima_appraise { - template ("${HOST} ${MSGONLY}\n"); - template-escape(no); -}; - -# First, set some global options. -options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); - owner("root"); group("root"); perm(0644); stats_freq(0); - bad_hostname("^gconfd$"); - frac_digits(3); - log_msg_size(65535); - file-template(t_log); -}; - -######################## -# Sources -######################## -# This is the default behavior of sysklogd package -# Logs may come from unix stream, but not from another machine. -# -source s_src { unix-dgram("/dev/log" ); internal(); - file("/proc/kmsg" program_override("kernel") ); -}; - -# If you wish to get logs from remote machine you should uncomment -# this and comment the above source line. -# -#source s_net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); }; - -# UDP source for HAProxy -source s_udp { udp(ip(127.0.0.1) port(514)); }; - -######################## -# Destinations -######################## -# -# remote_log_server destination is added when remotelogging is enabled. -# The /etc/syslog-ng/remotelogging.conf file has the log statement to -# send messages to the remote log server. -# -# Note: remotelogging.conf must be updated when adding a logfile. -# -#destination remote_log_server {udp("10.1.2.3" port(514));}; -# -# First some standard logfile -# -destination d_auth { file("/var/log/auth.log" perm(0640)); }; -destination d_cron { file("/var/log/cron.log"); }; -destination d_daemon { file("/var/log/daemon.log"); }; -destination d_daemon_ocf { file("/var/log/daemon-ocf.log" template(t_ocf_log) ); }; -destination d_kern { file("/var/log/kern.log"); }; -destination d_lpr { file("/var/log/lpr.log"); }; -destination d_mail { file("/var/log/mail.log"); }; -destination d_syslog { file("/var/log/syslog"); }; -destination d_user { file("/var/log/user.log" perm(0640)); }; -destination d_uucp { file("/var/log/uucp.log"); }; -destination d_postgres { file("/var/log/postgres.log"); }; -destination d_platform { file("/var/log/platform.log"); }; -destination d_openstack { file("/var/log/openstack.log" template(t_openstack)); }; -destination d_sm { file("/var/log/sm.log"); }; - -# Maintenance Log destinations -destination d_pmon { file("/var/log/pmond.log" template(t_mtc) perm(0640)); }; -destination d_lmon { file("/var/log/lmond.log" template(t_mtc)); }; -destination d_hostwd { file("/var/log/hostwd.log" template(t_mtc) perm(0640)); }; -destination d_fsmon { file("/var/log/fsmond.log" template(t_mtc)); }; -destination d_hwmon { file("/var/log/hwmond.log" template(t_mtc)); }; -destination d_mtclogd { file("/var/log/mtclogd.log" template(t_mtc)); }; -destination d_mtcalarmd { file("/var/log/mtcalarmd.log" template(t_mtc)); }; -destination d_mtcclient { file("/var/log/mtcClient.log" template(t_mtc)); }; -destination d_mtcagent { file("/var/log/mtcAgent.log" template(t_mtc)); }; -destination d_hbsclient { file("/var/log/hbsClient.log" template(t_mtc)); }; -destination d_hbsagent { file("/var/log/hbsAgent.log" template(t_mtc)); }; -destination d_guestagent { file("/var/log/guestAgent.log" template(t_mtc)); }; -destination d_guestserver { file("/var/log/guestServer.log" template(t_mtc)); }; -destination d_mtcagentalarm { file("/var/log/mtcAgent_alarm.log" template(t_mtc)); }; -destination d_mtcagentapi { file("/var/log/mtcAgent_api.log" template(t_mtc) perm(0640)); }; -destination d_mtcagentevent { file("/var/log/mtcAgent_event.log" template(t_mtc)); }; - -# HAProxy Log destination -destination d_haproxy { file("/var/log/haproxy.log"); }; - -# Fault Management Log destination -destination d_fm_event { file("/var/log/fm-event.log"); }; -destination d_fm_manager { file("/var/log/fm-manager.log" template(t_fm)); }; - -# IMA Log destination -destination d_ima { file("/var/log/ima.log"); }; -# The destination for IMA Appraisals are FM Events -destination d_ima_appraise { - program( - "/usr/sbin/fm_event_syslogger" - template(t_ima_appraise) - log-fifo-size(2Mb) - ); -}; - -# Sysinv Log destination -destination d_sysinv { file("/var/log/sysinv.log" template(t_openstack) perm(0640)); }; -destination d_sysinvapi { file("/var/log/sysinv-api.log" template(t_openstack) perm(0640)); }; - -# Distributed Cloud Log destination -destination d_dcmanager { file("/var/log/dcmanager/dcmanager.log" template(t_openstack)); }; -destination d_dcorch { file("/var/log/dcorch/dcorch.log" template(t_openstack)); }; -destination d_dcdbsync { file("/var/log/dcdbsync/dcdbsync.log" template(t_openstack)); }; -destination d_dcdbsync_openstack { file("/var/log/dcdbsync/dcdbsync_openstack.log" template(t_openstack)); }; - -# Openstack Log destinations -destination d_horizon { file("/var/log/horizon.log" template(t_openstack) perm(0640)); }; -destination d_libvirtd { file("/var/log/libvirt/libvirtd.log" template(t_libvirtd)); }; -destination d_keystoneall { file("/var/log/keystone/keystone-all.log" template(t_openstack)); }; -destination d_keystoneapi { file("/var/log/keystone/keystone-api.log" template(t_openstack) perm(0640)); }; -destination d_barbicanapi { file("/var/log/barbican/barbican-api.log" template(t_openstack) perm(0640)); }; -destination d_barbicandbsync { file("/var/log/barbican/barbican-dbsync.log" template(t_openstack)); }; -destination d_barbicankeystonelistener { file("/var/log/barbican/barbican-keystone-listener.log" template(t_openstack)); }; -destination d_barbicanworker { file("/var/log/barbican/barbican-worker.log" template(t_openstack)); }; -destination d_barbicancleaner { file("/var/log/barbican/barbican-cleaner.log" template(t_openstack)); }; - -# NFV-VIM Log destinations -destination d_vim { file("/var/log/nfv-vim.log" template(t_nfv)); }; -destination d_vim_api { file("/var/log/nfv-vim-api.log" template(t_nfv) perm(0640)); }; -destination d_vim_webserver { file("/var/log/nfv-vim-webserver.log" template(t_nfv)); }; - -# Local Log destinations -destination d_local4 { file("/var/log/local4.log"); }; -destination d_local5 { file("/var/log/local5.log"); }; -destination d_local6 { file("/var/log/local6.log"); }; -destination d_local7 { file("/var/log/local7.log"); }; - -# This files are the log come from the mail subsystem. -# -destination d_mailinfo { file("/var/log/mail/mail.info"); }; -destination d_mailwarn { file("/var/log/mail/mail.warn"); }; -destination d_mailerr { file("/var/log/mail/mail.err"); }; - -# Logging for INN news system -# -destination d_newscrit { file("/var/log/news/news.crit"); }; -destination d_newserr { file("/var/log/news/news.err"); }; -destination d_newsnotice { file("/var/log/news/news.notice"); }; - -# Some `catch-all' logfiles. -# -destination d_debug { file("/var/log/debug"); }; -destination d_error { file("/var/log/error"); }; -destination d_messages { file("/var/log/messages"); }; - -# The root's console. -# -destination d_console { usertty("root"); }; - -# Virtual console. -# -destination d_console_all { file("/dev/tty10"); }; - -# The named pipe /dev/xconsole is for the nsole' utility. To use it, -# you must invoke nsole' with the -file' option: -# -# $ xconsole -file /dev/xconsole [...] -# -destination d_xconsole { pipe("/dev/xconsole"); }; - -# Send the messages to an other host -# -#destination d_net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); }; - -# Debian only -destination d_ppp { file("/var/log/ppp.log"); }; - -# Bash history. -destination d_bash { file("/var/log/bash.log" owner("root") group("root") perm(0600)); }; - -# SNMP Audit Trail -destination d_snmpat { file("/var/log/snmp-api.log" perm(0640)); }; - -######################## -# Filters -######################## -# Here's come the filter options. With this rules, we can set which -# message go where. - -filter f_dbg { level(debug); }; -filter f_info { level(info); }; -filter f_notice { level(notice); }; -filter f_warn { level(warn); }; -filter f_err { level(err); }; -filter f_crit { level(crit .. emerg); }; - -filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; -filter f_error { level(err .. emerg) ; }; - -filter f_messages { level(info,notice,warn) and - not facility(auth,authpriv,cron,daemon,mail,news); }; - -filter f_auth { facility(auth, authpriv) and not program("audispd"); }; -filter f_cron { facility(cron); }; -filter f_daemon { facility(daemon) and not program("^(OCF_).") and not match("snmp-auditor" value("MESSAGE")); }; -filter f_daemon_ocf { facility(daemon) and program("^(OCF_)."); }; -filter f_kern { facility(kern); }; -filter f_lpr { facility(lpr); }; -filter f_local { facility(local0, local1, local3, local4, local5, - local6, local7); }; -filter f_mail { facility(mail); }; -#filter f_news { facility(news); }; -filter f_newscrit { facility(news) and filter(f_crit); }; -filter f_newserr { facility(news) and filter(f_err); }; -filter f_newsnotice { facility(news) and filter(f_notice); }; -#filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; -filter f_syslog { facility(syslog); }; -filter f_user { facility(user) and not filter(f_vim) and not filter(f_vim_api) - and not filter(f_vim_webserver) and not match("fmClientCli"); - and not program("^(-)?(ba)?(su|sh)$"); }; -filter f_uucp { facility(uucp); }; - -#filter f_cnews { level(notice, err, crit) and facility(news); }; -filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; - -filter f_ppp { facility(local2); }; -filter f_console { level(warn .. emerg); }; - -# Local Log Filters -filter f_local0 { facility(local0); }; -filter f_local1 { facility(local1) - and not program(fmManager); }; -filter f_local2 { facility(local2) - and not program(barbican-api) - and not program(barbican-dbsync) - and not program(barbican-keystone-listener) - and not program(barbican-worker) - and not program(barbican-cleaner) - and not filter(f_keystoneall) - and not filter(f_keystoneapi) }; -filter f_local3 { facility(local3); }; -filter f_local4 { facility(local4); }; -filter f_local5 { facility(local5); }; -filter f_local6 { facility(local6); }; -filter f_local7 { facility(local7); }; - -# Maintenance Log Filters -filter f_pmon { facility(local5) and program(pmond); }; -filter f_lmon { facility(local5) and program(lmond); }; -filter f_hostw { facility(local5) and program(hostwd); }; -filter f_fsmon { facility(local5) and program(fsmond); }; -filter f_hwmon { facility(local5) and program(hwmond); }; -filter f_mtclogd { facility(local5) and program(mtclogd); }; -filter f_mtcalarmd { facility(local5) and program(mtcalarmd); }; -filter f_mtcclient { facility(local5) and program(mtcClient); }; -filter f_mtcagent { facility(local5) and program(mtcAgent); }; -filter f_hbsclient { facility(local5) and program(hbsClient); }; -filter f_hbsagent { facility(local5) and program(hbsAgent); }; -filter f_guestagent { facility(local5) and program(guestAgent); }; -filter f_guestserver { facility(local5) and program(guestServer); }; -filter f_mtcagentalarm { facility(local5) and program(/var/log/mtcAgent_alarm.log); }; -filter f_mtcagentapi { facility(local5) and program(/var/log/mtcAgent_api.log); }; -filter f_mtcagentevent { facility(local5) and program(/var/log/mtcAgent_event.log); }; - -# Fault Management Filter -filter f_fm_event { facility(local5) and program(fmManager); }; -filter f_fm_manager { facility(local1) and program(fmManager); }; - -# IMA Filters -filter f_ima { facility(auth) and program(audispd) and match("type=INTEGRITY_") ; }; -filter f_ima_appraise { filter(f_ima) and match("appraise_data") ; }; - -# Sysinv Log Filter -filter f_sysinv { facility(local6) and program(sysinv) and not match("sysinv.api.hooks.auditor"); }; -filter f_sysinvapi { facility(local6) and program(sysinv) and match("sysinv.api.hooks.auditor"); }; - -# Distributed Cloud Log Filters -filter f_dcmanagermanager { facility(local2) and program(dcmanager-manager); }; -filter f_dcmanagerapi { facility(local2) and program(dcmanager-api); }; - -filter f_dcorchengine { facility(local2) and program(dcorch-engine); }; -filter f_dcorchsnmp { facility(local2) and program(dcorch-snmp); }; -filter f_dcorchapiproxy { facility(local2) and program(dcorch-api-proxy); }; - -filter f_dcdbsyncapi { facility(local2) and program(dcdbsync-api); }; -filter f_dcdbsyncopenstackapi { facility(local3) and program(dcdbsync-api); }; - -# Openstack Log Filters -filter f_horizon { facility(local7) }; -filter f_libvirtd { program(libvirtd) }; -filter f_keystoneall { facility(local2) and message("keystone.*") and not match("keystone.common.wsgi"); }; -filter f_keystoneapi { facility(local2) and match("keystone.common.wsgi"); }; -filter f_barbicanapi { facility(local2) and program(barbican-api); }; -filter f_barbicandbsync { facility(local2) and program(barbican-dbsync); }; -filter f_barbicankeystonelistener { facility(local2) and program(barbican-keystone-listener); }; -filter f_barbicanworker { facility(local2) and program(barbican-worker); }; -filter f_barbicancleaner { facility(local2) and program(barbican-cleaner); }; - -# NFV-VIM Log Filters -filter f_vim { facility(user) and program(VIM_); }; -filter f_vim_api { facility(user) and program(VIM-API_); }; -filter f_vim_webserver { facility(user) and program(VIM-WEB_); }; - -# bash Log Filter -filter f_bash { facility(user) and program("^(-)?(ba)?(su|sh)$"); }; - -# SNMP Audit Trail -filter f_snmpat { facility(daemon) and program(snmpd) and match("snmp-auditor" value("MESSAGE")); }; - -######################## -# Log paths -######################## -log { source(s_src); filter(f_auth); destination(d_auth); }; -log { source(s_src); filter(f_cron); destination(d_cron); }; -log { source(s_src); filter(f_daemon); destination(d_daemon); }; -log { source(s_src); filter(f_daemon_ocf); destination(d_daemon_ocf); }; -log { source(s_src); filter(f_kern); destination(d_kern); }; -log { source(s_src); filter(f_lpr); destination(d_lpr); }; -#log { source(s_src); filter(f_syslog3); destination(d_syslog); }; -log { source(s_src); filter(f_syslog); destination(d_syslog); }; -log { source(s_src); filter(f_user); destination(d_user); }; -log { source(s_src); filter(f_uucp); destination(d_uucp); }; -log { source(s_src); filter(f_local0); destination(d_postgres); }; -log { source(s_src); filter(f_local1); destination(d_platform); }; -log { source(s_src); filter(f_local2); destination(d_openstack); }; -log { source(s_src); filter(f_local3); destination(d_sm); }; - -# Maintenance Log Paths -log { source(s_src); filter(f_pmon); destination(d_pmon); }; -log { source(s_src); filter(f_lmon); destination(d_lmon); }; -log { source(s_src); filter(f_hostw); destination(d_hostwd); }; -log { source(s_src); filter(f_fsmon); destination(d_fsmon); }; -log { source(s_src); filter(f_hwmon); destination(d_hwmon); }; -log { source(s_src); filter(f_mtclogd); destination(d_mtclogd); }; -log { source(s_src); filter(f_mtcalarmd); destination(d_mtcalarmd); }; -log { source(s_src); filter(f_mtcclient); destination(d_mtcclient); }; -log { source(s_src); filter(f_mtcagent); destination(d_mtcagent); }; -log { source(s_src); filter(f_hbsclient); destination(d_hbsclient); }; -log { source(s_src); filter(f_hbsagent); destination(d_hbsagent); }; -log { source(s_src); filter(f_guestagent); destination(d_guestagent); }; -log { source(s_src); filter(f_guestserver); destination(d_guestserver); }; -log { source(s_src); filter(f_mtcagentalarm); destination(d_mtcagentalarm); }; -log { source(s_src); filter(f_mtcagentapi); destination(d_mtcagentapi); }; -log { source(s_src); filter(f_mtcagentevent); destination(d_mtcagentevent); }; - -# HAProxy Log Path -log { source(s_udp); filter(f_local1); destination(d_haproxy); }; - -# Fault Management Log Path -log { source(s_src); filter(f_fm_event); destination(d_fm_event); }; -log { source(s_src); filter(f_fm_manager); destination(d_fm_manager); }; - -# IMA Log Path -log { source(s_src); filter(f_ima); destination(d_ima); }; -# we need to pass along IMA Appraisal failures to FM in order to -# generate FM EVENT logs -log { source(s_src); filter(f_ima_appraise); destination(d_ima_appraise); }; - -# Sysinv Log Path -log {source(s_src); filter(f_sysinv); destination(d_sysinv); }; -log {source(s_src); filter(f_sysinvapi); destination(d_sysinvapi); }; - -# Distributed Cloud Log Path -log {source(s_src); filter(f_dcmanagermanager); destination(d_dcmanager); }; -log {source(s_src); filter(f_dcmanagerapi); destination(d_dcmanager); }; -log {source(s_src); filter(f_dcorchengine); destination(d_dcorch); }; -log {source(s_src); filter(f_dcorchsnmp); destination(d_dcorch); }; -log {source(s_src); filter(f_dcorchapiproxy); destination(d_dcorch); }; -log {source(s_src); filter(f_dcdbsyncapi); destination(d_dcdbsync); }; -log {source(s_src); filter(f_dcdbsyncopenstackapi); destination(d_dcdbsync_openstack); }; - -# Openstack Log Paths -log { source(s_src); filter(f_horizon); destination(d_horizon); }; -log { source(s_src); filter(f_libvirtd); destination(d_libvirtd); }; -log { source(s_src); filter(f_keystoneall); destination(d_keystoneall); }; -log { source(s_src); filter(f_keystoneapi); destination(d_keystoneapi); }; -log { source(s_src); filter(f_barbicanapi); destination(d_barbicanapi); }; -log { source(s_src); filter(f_barbicandbsync); destination(d_barbicandbsync); }; -log { source(s_src); filter(f_barbicankeystonelistener); destination(d_barbicankeystonelistener); }; -log { source(s_src); filter(f_barbicanworker); destination(d_barbicanworker); }; -log { source(s_src); filter(f_barbicancleaner); destination(d_barbicancleaner); }; - -# NFV-VIM Log Paths -log {source(s_src); filter(f_vim); destination(d_vim); }; -log {source(s_src); filter(f_vim_api); destination(d_vim_api); }; -log {source(s_src); filter(f_vim_webserver); destination(d_vim_webserver); }; - -# Local Log Paths -log { source(s_src); filter(f_local4); destination(d_local4); }; -log { source(s_src); filter(f_mail); destination(d_mail); }; -#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; -#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; -#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; - -log { source(s_src); filter(f_newscrit); destination(d_newscrit); }; -log { source(s_src); filter(f_newserr); destination(d_newserr); }; -log { source(s_src); filter(f_newsnotice); destination(d_newsnotice); }; -#log { source(s_src); filter(f_cnews); destination(d_console_all); }; -#log { source(s_src); filter(f_cother); destination(d_console_all); }; - -#log { source(s_src); filter(f_ppp); destination(d_ppp); }; - -log { source(s_src); filter(f_console); destination(d_console_all); - destination(d_xconsole); }; -log { source(s_src); filter(f_crit); destination(d_console); }; - -# All messages send to a remote site -# -#log { source(s_src); destination(d_net); }; - -# Bash log Path -log { source(s_src); filter(f_bash); destination(d_bash); }; - -# SNMP Audit Trail -log { source(s_src); filter(f_snmpat); destination(d_snmpat); }; diff --git a/config-files/syslog-ng-config/files/syslog-ng.logrotate b/config-files/syslog-ng-config/files/syslog-ng.logrotate deleted file mode 100644 index 818be5f14..000000000 --- a/config-files/syslog-ng-config/files/syslog-ng.logrotate +++ /dev/null @@ -1,109 +0,0 @@ -# /etc/logrotate.d/syslog-ng - Provided by syslog-ng-logrotate - -/var/log/syslog -/var/log/auth.log -/var/log/cron.log -/var/log/daemon.log -/var/log/daemon-ocf.log -/var/log/kern.log -/var/log/lpr.log -/var/log/mail.log -/var/log/news.log -/var/log/user.log -/var/log/uucp.log -/var/log/local*.log -/var/log/postgres.log -/var/log/postgresql.log -/var/log/haproxy.log -/var/log/platform.log -/var/log/openstack.log -/var/log/sysinv.log -/var/log/sysinv-api.log -/var/log/nfv-vim-api.log -/var/log/nfv-vim-webserver.log -/var/log/keystone/*.log -/var/log/horizon.log -/var/log/snmp-api.log -/var/log/dcmanager/*.log -/var/log/dcorch/*.log -/var/log/barbican/barbican-keystone-listener.log -/var/log/barbican/barbican-worker.log -{ - nodateext - size 10M - start 1 - rotate 20 - missingok - notifempty - compress - sharedscripts - postrotate - systemctl reload syslog-ng > /dev/null 2>&1 || true - endscript -} - -/var/log/nfv-vim.log -{ - nodateext - size 20M - start 1 - rotate 40 - missingok - notifempty - compress - sharedscripts - postrotate - systemctl reload syslog-ng > /dev/null 2>&1 || true - endscript -} - -/var/log/collect.log -/var/log/ldapscripts.log -/var/log/tuned/tuned.log -/var/log/armada/*.log -{ - nodateext - size 10M - start 1 - rotate 20 - missingok - notifempty - compress - copytruncate -} - -/var/log/sm.log -/var/log/ima.log -{ - nodateext - size 50M - start 1 - rotate 10 - missingok - notifempty - compress - sharedscripts - postrotate - systemctl reload syslog-ng > /dev/null 2>&1 || true - endscript -} - -/var/log/bash.log -{ - nodateext - size 100M - start 1 - rotate 20 - missingok - notifempty - compress - sharedscripts - firstaction - /usr/bin/logmgmt_prerotate > /dev/null 2>&1 || true - endscript - # using lastaction to ensure log file compression succeeds - lastaction - service syslog-ng reload > /dev/null 2>&1 || true - /usr/bin/logmgmt_postrotate > /dev/null 2>&1 || true - endscript -} diff --git a/config-files/syslog-ng-config/files/syslog-ng.service b/config-files/syslog-ng-config/files/syslog-ng.service deleted file mode 100644 index 606a967dd..000000000 --- a/config-files/syslog-ng-config/files/syslog-ng.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=System Logger Daemon -Documentation=man:syslog-ng(8) - -[Service] -Type=notify -Sockets=syslog.socket -ExecStartPre=-/usr/bin/mkdir -p /var/run/syslog-ng/ -ExecStart=/usr/sbin/syslog-ng -F -p /var/run/syslog-ng/syslog-ng.pid -ExecReload=/bin/kill -HUP $MAINPID -StandardOutput=null -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Alias=syslog.service diff --git a/config-files/util-linux-config/centos/build_srpm.data b/config-files/util-linux-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/config-files/util-linux-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/config-files/util-linux-config/centos/util-linux-config.spec b/config-files/util-linux-config/centos/util-linux-config.spec deleted file mode 100644 index b20b7b334..000000000 --- a/config-files/util-linux-config/centos/util-linux-config.spec +++ /dev/null @@ -1,47 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: util-linux-config -Name: util-linux-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: util-linux -Summary: package StarlingX configuration files of util-linux to system folder. - -%description -package StarlingX configuration files of util-linux to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d 644 %{buildroot}%{_datadir}/starlingx/ -%{__install} -m 644 stx.su %{buildroot}%{_datadir}/starlingx/stx.su -%{__install} -m 644 stx.login %{buildroot}%{_datadir}/starlingx/stx.login - -%post -%define _pamconfdir %{_sysconfdir}/pam.d -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/stx.su %{_pamconfdir}/su - cp -f %{_datadir}/starlingx/stx.login %{_pamconfdir}/login -fi - -%preun - -%postun - -%files -%defattr(-,root,root) -%{_datadir}/starlingx/stx.su -%{_datadir}/starlingx/stx.login diff --git a/config-files/util-linux-config/files/stx.login b/config-files/util-linux-config/files/stx.login deleted file mode 100644 index 7950a8c2c..000000000 --- a/config-files/util-linux-config/files/stx.login +++ /dev/null @@ -1,19 +0,0 @@ -#%PA-1.0 -auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so -auth substack system-auth -auth include postlogin -account required pam_nologin.so -account include system-auth -password include system-auth -# pam_selinux.so close should be the first session rule -session required pam_selinux.so close -session required pam_mkhomedir.so skel=/etc/skel umask=0022 -session required pam_loginuid.so -session optional pam_console.so -# pam_selinux.so open should only be followed by sessions to be executed in the user context -session required pam_selinux.so open -session required pam_namespace.so -session optional pam_keyinit.so force revoke -session include system-auth -session include postlogin --session optional pam_ck_connector.so diff --git a/config-files/util-linux-config/files/stx.su b/config-files/util-linux-config/files/stx.su deleted file mode 100644 index 1d4e12b1a..000000000 --- a/config-files/util-linux-config/files/stx.su +++ /dev/null @@ -1,69 +0,0 @@ -# -# The PAM configuration file for the Shadow `su' service -# - -# This allows root to su without passwords (normal operation) -auth sufficient pam_rootok.so - -# Uncomment this to force users to be a member of group root -# before they can use `su'. You can also add "group=foo" -# to the end of this line if you want to use a group other -# than the default "root" (but this may have side effect of -# denying "root" user, unless she's a member of "foo" or explicitly -# permitted earlier by e.g. "sufficient pam_rootok.so"). -# (Replaces the `SU_WHEEL_ONLY' option from login.defs) -# auth required pam_wheel.so - -# Uncomment this if you want wheel members to be able to -# su without a password. -# auth sufficient pam_wheel.so trust - -# Uncomment this if you want members of a specific group to not -# be allowed to use su at all. -# auth required pam_wheel.so deny group=nosu - -# Uncomment and edit /etc/security/time.conf if you need to set -# time restrainst on su usage. -# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs -# as well as /etc/porttime) -# account requisite pam_time.so - -# This module parses environment configuration file(s) -# and also allows you to use an extended config -# file /etc/security/pam_env.conf. -# -# parsing /etc/environment needs "readenv=1" -session required pam_env.so readenv=1 - -# Defines the MAIL environment variable -# However, userdel also needs MAIL_DIR and MAIL_FILE variables -# in /etc/login.defs to make sure that removing a user -# also removes the user's mail spool file. -# See comments in /etc/login.defs -# -# "nopen" stands to avoid reporting new mail when su'ing to another user -session optional pam_mail.so nopen - -# Sets up user limits, please uncomment and read /etc/security/limits.conf -# to enable this functionality. -# (Replaces the use of /etc/limits in old login) -# session required pam_limits.so - -# For first time login or when the user authentication -# token stack has been flushed, su will call passwd -# which will fails with "Authentication Token Error" -# since the previous token on the stack is NULL -# -# Tickle the password service to push a previous -# authentication token on the PAM stack -password optional pam_ldap.so -password optional pam_unix.so - -# The standard Unix authentication modules, used with -# NIS (man nsswitch) as well as normal /etc/passwd and -# /etc/shadow entries. -auth include common-auth -account include common-account -session include common-session - - diff --git a/filesystem/filesystem-scripts/.gitignore b/filesystem/filesystem-scripts/.gitignore deleted file mode 100644 index c03fe64e5..000000000 --- a/filesystem/filesystem-scripts/.gitignore +++ /dev/null @@ -1,6 +0,0 @@ -!.distro -.distro/centos7/rpmbuild/RPMS -.distro/centos7/rpmbuild/SRPMS -.distro/centos7/rpmbuild/BUILD -.distro/centos7/rpmbuild/BUILDROOT -.distro/centos7/rpmbuild/SOURCES/filesystem-scripts*tar.gz diff --git a/filesystem/filesystem-scripts/LICENSE b/filesystem/filesystem-scripts/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/filesystem/filesystem-scripts/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/filesystem/filesystem-scripts/PKG-INFO b/filesystem/filesystem-scripts/PKG-INFO deleted file mode 100644 index 5643c29d0..000000000 --- a/filesystem/filesystem-scripts/PKG-INFO +++ /dev/null @@ -1,13 +0,0 @@ -Metadata-Version: 1.1 -Name: filesystem-scripts -Version: 1.0 -Summary: File System Script Package -Home-page: -Author: Windriver -Author-email: info@windriver.com -License: Apache-2.0 - -Description: File System Script Package - - -Platform: UNKNOWN diff --git a/filesystem/filesystem-scripts/centos/build_srpm.data b/filesystem/filesystem-scripts/centos/build_srpm.data deleted file mode 100644 index 04f8d4fab..000000000 --- a/filesystem/filesystem-scripts/centos/build_srpm.data +++ /dev/null @@ -1,3 +0,0 @@ -SRC_DIR="filesystem-scripts-1.0" -COPY_LIST="$PKG_BASE/LICENSE" -TIS_PATCH_VER=2 diff --git a/filesystem/filesystem-scripts/centos/filesystem-scripts.spec b/filesystem/filesystem-scripts/centos/filesystem-scripts.spec deleted file mode 100644 index 07a4e609d..000000000 --- a/filesystem/filesystem-scripts/centos/filesystem-scripts.spec +++ /dev/null @@ -1,56 +0,0 @@ -Summary: File System Script Package -Name: filesystem-scripts -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: Wind River -URL: unknown -Source0: %{name}-%{version}.tar.gz -Source1: LICENSE - -BuildRequires: systemd-devel -Requires: /bin/systemctl - -%description -File System Script Package - -%define local_bindir /usr/bin/ -%define local_etc_initd /etc/init.d/ -%define local_ocfdir /usr/lib/ocf/resource.d/platform/ - -%define debug_package %{nil} - -%prep -%setup - -%build - -%install - -install -d -m 755 %{buildroot}%{local_etc_initd} -install -p -D -m 755 uexportfs %{buildroot}%{local_etc_initd}/uexportfs - -install -d -m 755 %{buildroot}%{local_ocfdir} -install -p -D -m 755 nfsserver-mgmt %{buildroot}%{local_ocfdir}/nfsserver-mgmt - -install -d -m 755 %{buildroot}%{local_bindir} -install -p -D -m 755 nfs-mount %{buildroot}%{local_bindir}/nfs-mount - -install -p -D -m 644 uexportfs.service %{buildroot}%{_unitdir}/uexportfs.service - -%post -/bin/systemctl enable uexportfs.service - - -%clean -rm -rf $RPM_BUILD_ROOT - -%files -%license LICENSE -%defattr(-,root,root,-) -%{local_bindir}/* -%{local_etc_initd}/* -%dir %{local_ocfdir} -%{local_ocfdir}/* -%{_unitdir}/uexportfs.service diff --git a/filesystem/filesystem-scripts/filesystem-scripts-1.0/LICENSE b/filesystem/filesystem-scripts/filesystem-scripts-1.0/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/filesystem/filesystem-scripts/filesystem-scripts-1.0/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/filesystem/filesystem-scripts/filesystem-scripts-1.0/nfs-mount b/filesystem/filesystem-scripts/filesystem-scripts-1.0/nfs-mount deleted file mode 100644 index dc35a2099..000000000 --- a/filesystem/filesystem-scripts/filesystem-scripts-1.0/nfs-mount +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2015 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# - -# -# This utility is a wrapper around mount, to provide a single script -# with preferred options for NFS mounting. It takes exactly two arguments: -# - network source path -# - local destination path -# - -function show_help() -{ - cat >&2 << EOF -$(basename $0): - Wrapper around "mount" to provide a set of default options for NFS mounts. - This utility takes exactly two arguments: - - network source path - - local destination path - -EOF - exit 1 -} - -function get_proto() -{ - local host=$1 - - # Check /etc/hosts for the hostname - local ipaddr=$(cat /etc/hosts | awk -v host=$host '$2 == host {print $1}') - if [[ "$ipaddr" =~ ^[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*$ ]] - then - echo "udp" - return - fi - if [[ "$ipaddr" =~ ^[0-9a-z]*\:[0-9a-z\:]*$ ]] - then - echo "udp6" - return - fi - # Try the DNS query - ipaddr=$(dig +short ANY $host) - if [[ "$ipaddr" =~ ^[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*$ ]] - then - echo "udp" - return - fi - if [[ "$ipaddr" =~ ^[0-9a-z]*\:[0-9a-z\:]*$ ]] - then - echo "udp6" - return - fi - - # Use default of udp to avoid invalid option - echo "udp" - return -} - - -if [[ ${BASH_ARGC[0]} != 2 ]] -then - show_help -fi - -if mountpoint -q $2 -then - echo "$2 is already mounted. Not mounting." - exit -fi - -HOST=`echo $1|awk -F ':' '{print $1}'` -declare proto=`get_proto $HOST` -declare -i timeo=30 -declare -i rw_size=1024 -declare DEFAULT_OPTS="timeo=$timeo,proto=$proto,vers=3,rsize=$rw_size,wsize=$rw_size" - -exec mount -t nfs -o $DEFAULT_OPTS $1 $2 - diff --git a/filesystem/filesystem-scripts/filesystem-scripts-1.0/nfsserver-mgmt b/filesystem/filesystem-scripts/filesystem-scripts-1.0/nfsserver-mgmt deleted file mode 100644 index 1bd26f838..000000000 --- a/filesystem/filesystem-scripts/filesystem-scripts-1.0/nfsserver-mgmt +++ /dev/null @@ -1,307 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2013-2014 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# Support: www.windriver.com -# -# Purpose: This resource agent manages File System Service -# -# RA Spec: -# -# http://www.opencf.org/cgi-bin/viewcvs.cgi/specs/ra/resource-agent-api.txt?rev=HEAD -# -####################################################################### -# Initialization: - -: ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat} -. ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs - -####################################################################### - -####################################################################### - -usage() { - cat < - - -1.0 - - - This OCF Compliant Resource Agent makes sure the nfs server is in the - correct state. - - - -Makes sure the NFS Server is in the correct state. - - - - -List of exports that should not be exported anymore -List of exports - - - - -List of mounts that should not be mounted anymore -List of mounts - - - - - - - - - - - - -END - return ${OCF_SUCCESS} -} - -nfs_server_mgmt_validate() { - check_binary service - check_binary grep - check_binary cat - check_binary exportfs - check_binary fuser - check_binary mount - check_binary umount - check_binary logger - return ${OCF_SUCCESS} -} - -nfs_server_mgmt_status() { - return ${OCF_NOT_RUNNING} -} - -nfs_server_mgmt_monitor () { - return ${OCF_NOT_RUNNING} -} - -check_exportfs () { - local CLIENTSPEC_DIR=$1 - local rc - - OLD_IFS="${IFS}" - IFS=":" - STR_ARRAY=( $CLIENTSPEC_DIR ) - IFS="${OLD_IFS}" - - CLIENTSPEC=${STR_ARRAY[0]} - DIR=${STR_ARRAY[1]} - - cat /proc/fs/nfsd/exports | grep "${CLIENTSPEC}" | grep "${DIR}" > /dev/null 2>&1 - rc=$? - if [ ${rc} -eq 0 ] - then - return 1 - fi - - exportfs | grep "${CLIENTSPEC}" | grep "${DIR}" > /dev/null 2>&1 - rc=$? - if [ ${rc} -eq 0 ] - then - return 1 - fi - - return 0 -} - -do_nfs_restart () { - while true - do - ocf_log info "NFS Server restart" - service nfsserver restart - ocf_log info "NFS Server restart complete" - - service nfsserver status | grep stopped > /dev/null 2>&1 || { - ocf_log info "NFS Server is now running" - return ${OCF_SUCCESS} - } - - ocf_log error "NFS Server still not running" - sleep 5 - done -} - -do_umount () { - local DEV_DIR=$1 - - OLD_IFS="${IFS}" - IFS=":" - STR_ARRAY=( $DEV_DIR ) - IFS="${OLD_IFS}" - - DEV=${STR_ARRAY[0]} - DIR=${STR_ARRAY[1]} - - mount | grep "${DEV}" | grep "${DIR}" > /dev/null 2>&1 || { - ocf_log info "${DEV} ${DIR} not mounted" - return ${OCF_SUCCESS} - } - - ocf_log info "umount on ${DEV} ${DIR}" - umount ${DEV} ${DIR} > /dev/null 2>&1 - - while true - do - mount | grep "${DEV}" | grep "${DIR}" > /dev/null 2>&1 || { - ocf_log info "unmounted ${DEV} ${DIR} successfully" - return ${OCF_SUCCESS} - } - - if fuser -KILL -m -k ${DIR} - then - ocf_log info "Processes killed using ${DEV} ${DIR}" - else - ocf_log info "No processes using ${DEV} ${DIR}" - fi - - ocf_log info "umount force on ${DEV} ${DIR}" - umount -f ${DEV} ${DIR} > /dev/null 2>&1 - - sleep 2 - - mount | grep "${DEV}" | grep "${DIR}" > /dev/null 2>&1 || { - ocf_log info "unmounted ${DEV} ${DIR} successfully" - return ${OCF_SUCCESS} - } - - do_nfs_restart - done - - return ${OCF_SUCCESS} -} - -nfs_server_mgmt_start () { - service nfsserver status | grep stopped > /dev/null 2>&1 || { - ocf_log info "NFS Server is running" - return ${OCF_SUCCESS} - } - - ocf_log error "NFS Server not running, restarting" - do_nfs_restart - return $? -} - -nfs_server_mgmt_stop () { - local need_nfs_restart=0 - local rc - - # Make sure exports are stopped... - while IFS=',' read -ra CLIENTSPEC_DIRS - do - for CLIENTSPEC_DIR in "${CLIENTSPEC_DIRS[@]}" - do - check_exportfs ${CLIENTSPEC_DIR} - rc=$? - if [ ${rc} -eq 1 ] - then - ocf_log info "export ${CLIENTSPEC_DIR} found" - let need_nfs_restart=1 - fi - done - done <<< "${OCF_RESKEY_exports}" - - if [ ${need_nfs_restart} -ne 0 ] - then - do_nfs_restart - rc=$? - if [ ${rc} -ne ${OCF_SUCCESS} ] - then - return ${rc} - fi - fi - - # Make sure mounts are not mounted. - while IFS=',' read -ra MOUNTS - do - for MOUNT in "${MOUNTS[@]}" - do - do_umount ${MOUNT} - done - done <<< "${OCF_RESKEY_mounts}" - - return ${OCF_SUCCESS} -} - -nfs_server_mgmt_reload () { - local rc - - nfs_server_mgmt_stop - rc=$? - if [ $rc -eq ${OCF_SUCCESS} ] - then - nfs_server_mgmt_start - rc=$? - if [ $rc -eq ${OCF_SUCCESS} ] - then - ocf_log info "NFS Server Managment reloaded" - fi - fi - - if [ ${rc} -ne ${OCF_SUCCESS} ] - then - ocf_log info "NFS Server Managment reload failed (rc=${rc})" - fi - - return ${rc} -} - -case ${__OCF_ACTION} in - meta-data) meta_data - exit ${OCF_SUCCESS} - ;; - usage|help) usage - exit ${OCF_SUCCESS} - ;; -esac - -# Anything except meta-data and help must pass validation -nfs_server_mgmt_validate || exit $? - -case ${__OCF_ACTION} in - start) nfs_server_mgmt_start - ;; - stop) nfs_server_mgmt_stop - ;; - status) nfs_server_mgmt_status - ;; - reload) nfs_server_mgmt_reload - ;; - monitor) nfs_server_mgmt_monitor - ;; - validate-all) nfs_server_mgmt_validate - ;; - *) usage - exit ${OCF_ERR_UNIMPLEMENTED} - ;; -esac diff --git a/filesystem/filesystem-scripts/filesystem-scripts-1.0/uexportfs b/filesystem/filesystem-scripts/filesystem-scripts-1.0/uexportfs deleted file mode 100644 index ba3c103ba..000000000 --- a/filesystem/filesystem-scripts/filesystem-scripts-1.0/uexportfs +++ /dev/null @@ -1,19 +0,0 @@ -#! /bin/sh -# -# Copyright (c) 2013-2014 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# - -### BEGIN INIT INFO -# Provides: uexportfs -# Default-Start: 3 -# Default-Stop: -# Short-Description: Used to remove all exported filesystems on a boot -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin - -exportfs -r > /dev/null 2>&1 - -: exit 0 diff --git a/filesystem/filesystem-scripts/filesystem-scripts-1.0/uexportfs.service b/filesystem/filesystem-scripts/filesystem-scripts-1.0/uexportfs.service deleted file mode 100644 index d687ad660..000000000 --- a/filesystem/filesystem-scripts/filesystem-scripts-1.0/uexportfs.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Titanium Cloud Filesystem Initialization -After=network.target nfscommon.service - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/etc/init.d/uexportfs start -ExecStop=/etc/init.d/uexportfs stop - -[Install] -WantedBy=multi-user.target diff --git a/filesystem/iscsi-initiator-utils-config/centos/build_srpm.data b/filesystem/iscsi-initiator-utils-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/filesystem/iscsi-initiator-utils-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/filesystem/iscsi-initiator-utils-config/centos/iscsi-initiator-utils-config.spec b/filesystem/iscsi-initiator-utils-config/centos/iscsi-initiator-utils-config.spec deleted file mode 100644 index 55163b496..000000000 --- a/filesystem/iscsi-initiator-utils-config/centos/iscsi-initiator-utils-config.spec +++ /dev/null @@ -1,50 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: iscsi-initiator-utils-config -Name: iscsi-initiator-utils-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: iscsi-initiator-utils -Requires: iscsi-initiator-utils-iscsiuio -Summary: package StarlingX configuration files of iscsi-initiator-utils to system folder. - -%description -package StarlingX configuration files of iscsi-initiator-utils to system folder. - -%prep -%setup - -%build - -%install -%{__install} -d %{buildroot}%{_tmpfilesdir} -%{__install} -d %{buildroot}%{_sysconfdir}/systemd/system -%{__install} -d %{buildroot}%{_datadir}/starlingx - -%{__install} -m 0644 iscsi-cache.volatiles %{buildroot}%{_tmpfilesdir}/iscsi-cache.conf -%{__install} -m 0644 iscsi-shutdown.service %{buildroot}%{_sysconfdir}/systemd/system -%{__install} -m 0644 iscsid.conf %{buildroot}%{_datadir}/starlingx/stx.iscsid.conf - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.iscsid.conf %{_sysconfdir}/iscsi/iscsid.conf - chmod 0750 %{_sysconfdir}/iscsi - chmod 0640 %{_sysconfdir}/iscsi/iscsid.conf -fi -/bin/systemctl disable iscsi-shutdown.service - -%files -%{_tmpfilesdir}/iscsi-cache.conf -%{_sysconfdir}/systemd/system/iscsi-shutdown.service -%{_datadir}/starlingx/stx.iscsid.conf diff --git a/filesystem/iscsi-initiator-utils-config/files/iscsi-cache.volatiles b/filesystem/iscsi-initiator-utils-config/files/iscsi-cache.volatiles deleted file mode 100644 index 9f26672a7..000000000 --- a/filesystem/iscsi-initiator-utils-config/files/iscsi-cache.volatiles +++ /dev/null @@ -1,3 +0,0 @@ -# See "man tmpfiles.d" for details -d /run/iscsi-cache 0755 root root - -L /var/lib/iscsi - - - - /run/iscsi-cache diff --git a/filesystem/iscsi-initiator-utils-config/files/iscsi-shutdown.service b/filesystem/iscsi-initiator-utils-config/files/iscsi-shutdown.service deleted file mode 100644 index 35ee8ba71..000000000 --- a/filesystem/iscsi-initiator-utils-config/files/iscsi-shutdown.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=Logout off all iSCSI sessions on shutdown -Documentation=man:iscsid(8) man:iscsiadm(8) -DefaultDependencies=no -Conflicts=shutdown.target -After=systemd-remount-fs.service network.target iscsid.service iscsiuio.service -After=network.service -Before=remote-fs-pre.target -Wants=remote-fs-pre.target -RefuseManualStop=yes - -[Service] -Type=oneshot -RemainAfterExit=true -ExecStart=-/bin/true -ExecStop=-/sbin/iscsiadm -m node --logoutall=all diff --git a/filesystem/iscsi-initiator-utils-config/files/iscsid.conf b/filesystem/iscsi-initiator-utils-config/files/iscsid.conf deleted file mode 100644 index 8468807d1..000000000 --- a/filesystem/iscsi-initiator-utils-config/files/iscsid.conf +++ /dev/null @@ -1,317 +0,0 @@ -# -# Open-iSCSI default configuration. -# Could be located at /etc/iscsi/iscsid.conf or ~/.iscsid.conf -# -# Note: To set any of these values for a specific node/session run -# the iscsiadm --mode node --op command for the value. See the README -# and man page for iscsiadm for details on the --op command. -# - -###################### -# iscsid daemon config -###################### -# If you want iscsid to start the first time an iscsi tool -# needs to access it, instead of starting it when the init -# scripts run, set the iscsid startup command here. This -# should normally only need to be done by distro package -# maintainers. -# -# Default for Fedora and RHEL. (uncomment to activate). -# Use socket activation, but try to make sure the socket units are listening -iscsid.startup = /bin/systemctl start iscsid.socket iscsiuio.socket -# -# Default for upstream open-iscsi scripts (uncomment to activate). -# iscsid.startup = /sbin/iscsid - -# Check for active mounts on devices reachable through a session -# and refuse to logout if there are any. Defaults to "No". -# iscsid.safe_logout = Yes - -############################# -# NIC/HBA and driver settings -############################# -# open-iscsi can create a session and bind it to a NIC/HBA. -# To set this up see the example iface config file. - -#***************** -# Startup settings -#***************** - -# To request that the iscsi initd scripts startup a session set to "automatic". -# node.startup = automatic -# -# To manually startup the session set to "manual". The default is automatic. -node.startup = automatic - -# For "automatic" startup nodes, setting this to "Yes" will try logins on each -# available iface until one succeeds, and then stop. The default "No" will try -# logins on all available ifaces simultaneously. -node.leading_login = No - -# ************* -# CHAP Settings -# ************* - -# To enable CHAP authentication set node.session.auth.authmethod -# to CHAP. The default is None. -#node.session.auth.authmethod = CHAP - -# To set a CHAP username and password for initiator -# authentication by the target(s), uncomment the following lines: -#node.session.auth.username = username -#node.session.auth.password = password - -# To set a CHAP username and password for target(s) -# authentication by the initiator, uncomment the following lines: -#node.session.auth.username_in = username_in -#node.session.auth.password_in = password_in - -# To enable CHAP authentication for a discovery session to the target -# set discovery.sendtargets.auth.authmethod to CHAP. The default is None. -#discovery.sendtargets.auth.authmethod = CHAP - -# To set a discovery session CHAP username and password for the initiator -# authentication by the target(s), uncomment the following lines: -#discovery.sendtargets.auth.username = username -#discovery.sendtargets.auth.password = password - -# To set a discovery session CHAP username and password for target(s) -# authentication by the initiator, uncomment the following lines: -#discovery.sendtargets.auth.username_in = username_in -#discovery.sendtargets.auth.password_in = password_in - -# ******** -# Timeouts -# ******** -# -# See the iSCSI README's Advanced Configuration section for tips -# on setting timeouts when using multipath or doing root over iSCSI. -# -# To specify the length of time to wait for session re-establishment -# before failing SCSI commands back to the application when running -# the Linux SCSI Layer error handler, edit the line. -# The value is in seconds and the default is 120 seconds. -# Special values: -# - If the value is 0, IO will be failed immediately. -# - If the value is less than 0, IO will remain queued until the session -# is logged back in, or until the user runs the logout command. -node.session.timeo.replacement_timeout = 900 - -# To specify the time to wait for login to complete, edit the line. -# The value is in seconds and the default is 15 seconds. -node.conn[0].timeo.login_timeout = 15 - -# To specify the time to wait for logout to complete, edit the line. -# The value is in seconds and the default is 15 seconds. -node.conn[0].timeo.logout_timeout = 15 - -# Time interval to wait for on connection before sending a ping. -node.conn[0].timeo.noop_out_interval = 900 - -# To specify the time to wait for a Nop-out response before failing -# the connection, edit this line. Failing the connection will -# cause IO to be failed back to the SCSI layer. If using dm-multipath -# this will cause the IO to be failed to the multipath layer. -node.conn[0].timeo.noop_out_timeout = 900 - -# To specify the time to wait for abort response before -# failing the operation and trying a logical unit reset edit the line. -# The value is in seconds and the default is 15 seconds. -node.session.err_timeo.abort_timeout = 15 - -# To specify the time to wait for a logical unit response -# before failing the operation and trying session re-establishment -# edit the line. -# The value is in seconds and the default is 30 seconds. -node.session.err_timeo.lu_reset_timeout = 30 - -# To specify the time to wait for a target response -# before failing the operation and trying session re-establishment -# edit the line. -# The value is in seconds and the default is 30 seconds. -node.session.err_timeo.tgt_reset_timeout = 30 - - -#****** -# Retry -#****** - -# To specify the number of times iscsid should retry a login -# if the login attempt fails due to the node.conn[0].timeo.login_timeout -# expiring modify the following line. Note that if the login fails -# quickly (before node.conn[0].timeo.login_timeout fires) because the network -# layer or the target returns an error, iscsid may retry the login more than -# node.session.initial_login_retry_max times. -# -# This retry count along with node.conn[0].timeo.login_timeout -# determines the maximum amount of time iscsid will try to -# establish the initial login. node.session.initial_login_retry_max is -# multiplied by the node.conn[0].timeo.login_timeout to determine the -# maximum amount. -# -# The default node.session.initial_login_retry_max is 8 and -# node.conn[0].timeo.login_timeout is 15 so we have: -# -# node.conn[0].timeo.login_timeout * node.session.initial_login_retry_max = -# 120 seconds -# -# Valid values are any integer value. This only -# affects the initial login. Setting it to a high value can slow -# down the iscsi service startup. Setting it to a low value can -# cause a session to not get logged into, if there are distuptions -# during startup or if the network is not ready at that time. -node.session.initial_login_retry_max = 8 - -################################ -# session and device queue depth -################################ - -# To control how many commands the session will queue set -# node.session.cmds_max to an integer between 2 and 2048 that is also -# a power of 2. The default is 128. -node.session.cmds_max = 128 - -# To control the device's queue depth set node.session.queue_depth -# to a value between 1 and 1024. The default is 32. -node.session.queue_depth = 32 - -################################## -# MISC SYSTEM PERFORMANCE SETTINGS -################################## - -# For software iscsi (iscsi_tcp) and iser (ib_iser) each session -# has a thread used to transmit or queue data to the hardware. For -# cxgb3i you will get a thread per host. -# -# Setting the thread's priority to a lower value can lead to higher throughput -# and lower latencies. The lowest value is -20. Setting the priority to -# a higher value, can lead to reduced IO performance, but if you are seeing -# the iscsi or scsi threads dominate the use of the CPU then you may want -# to set this value higher. -# -# Note: For cxgb3i you must set all sessions to the same value, or the -# behavior is not defined. -# -# The default value is -20. The setting must be between -20 and 20. -node.session.xmit_thread_priority = -20 - - -#*************** -# iSCSI settings -#*************** - -# To enable R2T flow control (i.e., the initiator must wait for an R2T -# command before sending any data), uncomment the following line: -# -#node.session.iscsi.InitialR2T = Yes -# -# To disable R2T flow control (i.e., the initiator has an implied -# initial R2T of "FirstBurstLength" at offset 0), uncomment the following line: -# -# The defaults is No. -node.session.iscsi.InitialR2T = No - -# -# To disable immediate data (i.e., the initiator does not send -# unsolicited data with the iSCSI command PDU), uncomment the following line: -# -#node.session.iscsi.ImmediateData = No -# -# To enable immediate data (i.e., the initiator sends unsolicited data -# with the iSCSI command packet), uncomment the following line: -# -# The default is Yes -node.session.iscsi.ImmediateData = Yes - -# To specify the maximum number of unsolicited data bytes the initiator -# can send in an iSCSI PDU to a target, edit the following line. -# -# The value is the number of bytes in the range of 512 to (2^24-1) and -# the default is 262144 -node.session.iscsi.FirstBurstLength = 262144 - -# To specify the maximum SCSI payload that the initiator will negotiate -# with the target for, edit the following line. -# -# The value is the number of bytes in the range of 512 to (2^24-1) and -# the defauls it 16776192 -node.session.iscsi.MaxBurstLength = 16776192 - -# To specify the maximum number of data bytes the initiator can receive -# in an iSCSI PDU from a target, edit the following line. -# -# The value is the number of bytes in the range of 512 to (2^24-1) and -# the default is 262144 -node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144 - -# To specify the maximum number of data bytes the initiator will send -# in an iSCSI PDU to the target, edit the following line. -# -# The value is the number of bytes in the range of 512 to (2^24-1). -# Zero is a special case. If set to zero, the initiator will use -# the target's MaxRecvDataSegmentLength for the MaxXmitDataSegmentLength. -# The default is 0. -node.conn[0].iscsi.MaxXmitDataSegmentLength = 0 - -# To specify the maximum number of data bytes the initiator can receive -# in an iSCSI PDU from a target during a discovery session, edit the -# following line. -# -# The value is the number of bytes in the range of 512 to (2^24-1) and -# the default is 32768 -# -discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768 - -# To allow the targets to control the setting of the digest checking, -# with the initiator requesting a preference of enabling the checking, uncomment -# the following lines (Data digests are not supported.): -#node.conn[0].iscsi.HeaderDigest = CRC32C,None - -# -# To allow the targets to control the setting of the digest checking, -# with the initiator requesting a preference of disabling the checking, -# uncomment the following line: -#node.conn[0].iscsi.HeaderDigest = None,CRC32C -# -# To enable CRC32C digest checking for the header and/or data part of -# iSCSI PDUs, uncomment the following line: -#node.conn[0].iscsi.HeaderDigest = CRC32C -# -# To disable digest checking for the header and/or data part of -# iSCSI PDUs, uncomment the following line: -#node.conn[0].iscsi.HeaderDigest = None -# -# The default is to never use DataDigests or HeaderDigests. -# -node.conn[0].iscsi.HeaderDigest = None - -# For multipath configurations, you may want more than one session to be -# created on each iface record. If node.session.nr_sessions is greater -# than 1, performing a 'login' for that node will ensure that the -# appropriate number of sessions is created. -node.session.nr_sessions = 1 - -#************ -# Workarounds -#************ - -# Some targets like IET prefer after an initiator has sent a task -# management function like an ABORT TASK or LOGICAL UNIT RESET, that -# it does not respond to PDUs like R2Ts. To enable this behavior uncomment -# the following line (The default behavior is Yes): -node.session.iscsi.FastAbort = Yes - -# Some targets like Equalogic prefer that after an initiator has sent -# a task management function like an ABORT TASK or LOGICAL UNIT RESET, that -# it continue to respond to R2Ts. To enable this uncomment this line -# node.session.iscsi.FastAbort = No - -# To prevent doing automatic scans that would add unwanted luns to the system -# we can disable them and have sessions only do manually requested scans. -# Automatic scans are performed on startup, on login, and on AEN/AER reception -# on devices supporting it. For HW drivers all sessions will use the value -# defined in the configuration file. This configuration option is independent -# of scsi_mod scan parameter. (The default behavior is auto): -node.session.scan = auto - - diff --git a/filesystem/nfs-utils-config/centos/build_srpm.data b/filesystem/nfs-utils-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/filesystem/nfs-utils-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/filesystem/nfs-utils-config/centos/nfs-utils-config.spec b/filesystem/nfs-utils-config/centos/nfs-utils-config.spec deleted file mode 100644 index bec9992f2..000000000 --- a/filesystem/nfs-utils-config/centos/nfs-utils-config.spec +++ /dev/null @@ -1,67 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: nfs-utils-config -Name: nfs-utils-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: StarlingX -URL: unknown -BuildArch: noarch -Source: %name-%version.tar.gz - -Requires: nfs-utils -Summary: package customized configuration and service files of nfs-utils to system folder. - -%description -package customized configuration and service files of nfs-utils to system folder. - -%prep -%setup - -%build - -%install -install -d %{buildroot}%{_sysconfdir}/init.d -install -d %{buildroot}%{_unitdir} -install -d %{buildroot}%{_datadir}/starlingx -install -m 755 -p -D nfscommon %{buildroot}%{_sysconfdir}/init.d -install -m 644 -p -D nfscommon.service %{buildroot}%{_unitdir} -install -m 755 -p -D nfsserver %{buildroot}%{_sysconfdir}/init.d -install -m 644 -p -D nfsserver.service %{buildroot}%{_unitdir} -install -m 644 -p -D nfsmount.conf %{buildroot}%{_datadir}/starlingx/stx.nfsmount.conf - -%post -if [ $1 -eq 1 ] ; then - # Initial installation - cp -f %{_datadir}/starlingx/stx.nfsmount.conf %{_sysconfdir}/nfsmount.conf - chmod 644 %{_sysconfdir}/nfsmount.conf -fi -# STX - disable these service files as rpc-statd is started by nfscommon -%{_bindir}/systemctl disable rpc-statd.service -%{_bindir}/systemctl disable rpc-statd-notify.service -%{_bindir}/systemctl disable nfs-lock.service -%{_bindir}/systemctl disable nfslock.service - -%{_bindir}/systemctl enable nfscommon.service >/dev/null 2>&1 || : -%{_bindir}/systemctl enable nfsserver.service >/dev/null 2>&1 || : - -%preun -if [ $1 -eq 0 ]; then - # pre uninstall - %{_bindir}/systemctl disable nfscommon.service >/dev/null 2>&1 || : - %{_bindir}/systemctl disable nfsserver.service >/dev/null 2>&1 || : -fi - - -%files -%defattr(-,root,root,-) -%{_sysconfdir}/init.d/nfscommon -%{_unitdir}/nfscommon.service -%{_sysconfdir}/init.d/nfsserver -%{_unitdir}/nfsserver.service -%{_datadir}/starlingx/stx.nfsmount.conf diff --git a/filesystem/nfs-utils-config/files/nfscommon b/filesystem/nfs-utils-config/files/nfscommon deleted file mode 100644 index c5f320766..000000000 --- a/filesystem/nfs-utils-config/files/nfscommon +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: nfs-common -# Required-Start: $portmap hwclock -# Required-Stop: $portmap hwclock -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: NFS support for both client and server -# Description: NFS is a popular protocol for file sharing across -# TCP/IP networks. This service provides various -# support functions for NFS mounts. -### END INIT INFO -# -# Startup script for nfs-utils -# -# -# Location of executables: - -# Source function library. -. /etc/init.d/functions - -test -x "$NFS_STATD" || NFS_STATD=/usr/sbin/rpc.statd -test -x "$NFS_IDMAPD" || NFS_IDMAPD=/usr/sbin/rpc.idmapd -test -z "$STATD_PID" && STATD_PID=/var/run/rpc.statd.pid -# -# The default state directory is /var/lib/nfs -test -n "$NFS_STATEDIR" || NFS_STATEDIR=/var/lib/nfs -# -# -#---------------------------------------------------------------------- -# Startup and shutdown functions. -# Actual startup/shutdown is at the end of this file. -#directories -create_directories(){ - echo -n 'creating NFS state directory: ' - mkdir -p "$NFS_STATEDIR" - ( cd "$NFS_STATEDIR" - umask 077 - mkdir -p rpc_pipefs - mkdir -p sm sm.bak statd - chown rpcuser:rpcuser sm sm.bak statd - test -w statd/state || { - rm -f statd/state - :>statd/state - } - umask 022 - for file in xtab etab smtab rmtab - do - test -w "$file" || { - rm -f "$file" - :>"$file" - } - done - ) - chown rpcuser:rpcuser "$NFS_STATEDIR" - echo done -} - -# Parse the fstab and exports file, determine if we need idmapd. -# -NEED_IDMAPD=no - -if [ -f /etc/fstab ]; then - exec 9<&0 /dev/null - echo done -} -#statd -start_statd(){ - echo -n "starting statd: " - start-stop-daemon --start --exec "$NFS_STATD" --pidfile "$STATD_PID" - echo done -} -stop_statd(){ - echo -n 'stopping statd: ' - start-stop-daemon --stop --quiet --signal 1 --pidfile "$STATD_PID" - echo done -} - -#---------------------------------------------------------------------- -# -# supported options: -# start -# stop -# restart: stops and starts mountd -#FIXME: need to create the /var/lib/nfs/... directories -case "$1" in - start) - create_directories - start_statd - start_idmapd;; - stop) stop_idmapd - stop_statd;; - status) - status $NFS_STATD; - RETVAL=$? - if [ "$NEED_IDMAPD" = yes ] - then - status $NFS_IDMAPD - rval=$? - [ $rval -ne 0 ] && exit $rval - fi - exit $RETVAL;; - restart) - $0 stop - $0 start;; - *) - echo "Usage: /etc/init.d/nfscommon {start|stop|status|restart}" - exit 1;; -esac diff --git a/filesystem/nfs-utils-config/files/nfscommon.service b/filesystem/nfs-utils-config/files/nfscommon.service deleted file mode 100644 index 36d50cadf..000000000 --- a/filesystem/nfs-utils-config/files/nfscommon.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=StarlingX Filesystem Common -After=network.target rpcbind.service -Before=nfsserver.service mountnfs.service - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/etc/init.d/nfscommon start -ExecStop=/etc/init.d/nfscommon stop - -[Install] -WantedBy=multi-user.target diff --git a/filesystem/nfs-utils-config/files/nfsmount.conf b/filesystem/nfs-utils-config/files/nfsmount.conf deleted file mode 100644 index 1728575a0..000000000 --- a/filesystem/nfs-utils-config/files/nfsmount.conf +++ /dev/null @@ -1,30 +0,0 @@ -# -# /etc/nfsmount.conf - see nfsmount.conf(5) for details -# - -[ NFSMount_Global_Options ] - -# Protocol Version [2,3,4] -# This defines the default protocol version which will -# be used to start the negotiation with the server. -Defaultvers=3 - -# Setting this option makes it mandatory the server supports the -# given version. The mount will fail if the given version is -# not support by the server. -Nfsvers=3 - -# Network Protocol [udp,tcp,rdma] (Note: values are case sensitive) -# This defines the default network protocol which will -# be used to start the negotiation with the server. -Defaultproto=udp - -# Setting this option makes it mandatory the server supports the -# given network protocol. The mount will fail if the given network -# protocol is not supported by the server. -Proto=udp - -# Server Mountd Protocol -#mountproto=udp - - diff --git a/filesystem/nfs-utils-config/files/nfsserver b/filesystem/nfs-utils-config/files/nfsserver deleted file mode 100644 index 6449537b9..000000000 --- a/filesystem/nfs-utils-config/files/nfsserver +++ /dev/null @@ -1,136 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: nfs-kernel-server -# Required-Start: $remote_fs nfs-common $portmap hwclock -# Required-Stop: $remote_fs nfs-common $portmap hwclock -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Kernel NFS server support -# Description: NFS is a popular protocol for file sharing across -# TCP/IP networks. This service provides NFS server -# functionality, which is configured via the -# /etc/exports file. -### END INIT INFO -# -# Startup script for nfs-utils -# -# Source function library. -. /etc/init.d/functions - -# -# The environment variable NFS_SERVERS may be set in /etc/default/nfsd -# Other control variables may be overridden here too -# -# Commented out by 'emacdona' during port to Centos due to change from sysv to systemd -# test -r /etc/default/nfsd && . /etc/default/nfsd - - -# -# Location of executables: -test -x "$NFS_MOUNTD" || NFS_MOUNTD=/usr/sbin/rpc.mountd -test -x "$NFS_NFSD" || NFS_NFSD=/usr/sbin/rpc.nfsd -test -z "$STATD_PID" && STATD_PID=/var/run/rpc.statd.pid -# -# The user mode program must also exist (it just starts the kernel -# threads using the kernel module code). -test -x "$NFS_MOUNTD" || exit 0 -test -x "$NFS_NFSD" || exit 0 -# -# Default is 8 threads, value is settable between 1 and the truely -# ridiculous 99 -test "$NFS_SERVERS" != "" && test "$NFS_SERVERS" -gt 0 && test "$NFS_SERVERS" -lt 100 || NFS_SERVERS=8 -# -#---------------------------------------------------------------------- -# Startup and shutdown functions. -# Actual startup/shutdown is at the end of this file. -#mountd -start_mountd(){ - echo -n 'starting mountd: ' - start-stop-daemon --start --exec "$NFS_MOUNTD" -- "-f /etc/exports $@" - echo done -} -stop_mountd(){ - echo -n 'stopping mountd: ' - start-stop-daemon --stop --quiet --exec "$NFS_MOUNTD" - echo done -} -# -#nfsd -start_nfsd(){ - modprobe -q nfsd - grep -q nfsd /proc/filesystems || { - echo NFS daemon support not enabled in kernel - exit 1 - } - grep -q nfsd /proc/mounts || mount -t nfsd nfsd /proc/fs/nfsd - grep -q nfsd /proc/mounts || { - echo nfsd filesystem could not be mounted at /proc/fs/nfsd - exit 1 - } - - echo -n "starting $1 nfsd kernel threads: " - start-stop-daemon --start --exec "$NFS_NFSD" -- "$@" - echo done -} -delay_nfsd(){ - for delay in 0 1 2 3 4 5 6 7 8 9 - do - if pidof nfsd >/dev/null - then - echo -n . - sleep 1 - else - return 0 - fi - done - return 1 -} -stop_nfsd(){ - # WARNING: this kills any process with the executable - # name 'nfsd'. - echo -n 'stopping nfsd: ' - start-stop-daemon --stop --quiet --signal 1 --name nfsd - if delay_nfsd || { - echo failed - echo ' using signal 9: ' - start-stop-daemon --stop --quiet --signal 9 --name nfsd - delay_nfsd - } - then - echo done - else - echo failed - fi -} - -#---------------------------------------------------------------------- -# -# supported options: -# start -# stop -# reload: reloads the exports file -# restart: stops and starts mountd -#FIXME: need to create the /var/lib/nfs/... directories -case "$1" in - start) exportfs -r - start_nfsd "$NFS_SERVERS" - start_mountd - test -r /etc/exports && exportfs -a;; - stop) exportfs -ua - stop_mountd - stop_nfsd;; - status) - status /usr/sbin/rpc.mountd - RETVAL=$? - status nfsd - rval=$? - [ $RETVAL -eq 0 ] && exit $rval - exit $RETVAL;; - reload) test -r /etc/exports && exportfs -r;; - restart) - $0 stop - $0 start;; - *) echo "Usage: $0 {start|stop|status|reload|restart}" - exit 1;; - -esac diff --git a/filesystem/nfs-utils-config/files/nfsserver.service b/filesystem/nfs-utils-config/files/nfsserver.service deleted file mode 100644 index 93bfd6d91..000000000 --- a/filesystem/nfs-utils-config/files/nfsserver.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=StarlingX Filesystem Server -After=network.target nfscommon.service hwclock.service -Before=ntpd.service - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/etc/init.d/nfsserver start -ExecStop=/etc/init.d/nfsserver stop - -[Install] -WantedBy=multi-user.target diff --git a/ldap/openldap-config/centos/build_srpm.data b/ldap/openldap-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/ldap/openldap-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/ldap/openldap-config/centos/openldap-config.spec b/ldap/openldap-config/centos/openldap-config.spec deleted file mode 100644 index f273a6aaf..000000000 --- a/ldap/openldap-config/centos/openldap-config.spec +++ /dev/null @@ -1,57 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX openldap Configuration File -Name: openldap-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -Requires: openldap-servers - -%define debug_package %{nil} - -%description -StarlingX openldap configuration file - -%prep - -%setup - -%build - -%install -mkdir -p %{buildroot}%{_sysconfdir}/rc.d/init.d -install -m 755 initscript %{buildroot}%{_sysconfdir}/rc.d/init.d/openldap -install -d -m 740 %{buildroot}%{_sysconfdir}/openldap -install -m 600 slapd.conf %{buildroot}%{_sysconfdir}/openldap/slapd.conf -install -m 600 initial_config.ldif %{buildroot}%{_sysconfdir}/openldap/initial_config.ldif - -install -d %{buildroot}%{_datadir}/starlingx -install -m 644 slapd.service %{buildroot}%{_datadir}/starlingx/slapd.service -install -m 644 slapd.sysconfig %{buildroot}%{_datadir}/starlingx/slapd.sysconfig - - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/slapd.service %{_unitdir}/slapd.service - chmod 644 %{_unitdir}/slapd.service - cp -f %{_datadir}/starlingx/slapd.sysconfig %{_sysconfdir}/sysconfig/slapd - chmod 644 %{_unitdir}/slapd -fi - -%files -%defattr(-,root,root) -%license LICENSE -%{_sysconfdir}/rc.d/init.d/openldap -%{_sysconfdir}/openldap/slapd.conf -%{_sysconfdir}/openldap/initial_config.ldif -%{_datadir}/starlingx/slapd.service -%{_datadir}/starlingx/slapd.sysconfig diff --git a/ldap/openldap-config/files/LICENSE b/ldap/openldap-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/ldap/openldap-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/ldap/openldap-config/files/initial_config.ldif b/ldap/openldap-config/files/initial_config.ldif deleted file mode 100644 index 672e364b5..000000000 --- a/ldap/openldap-config/files/initial_config.ldif +++ /dev/null @@ -1,80 +0,0 @@ -#ldapadd -D "cn=ldapadmin,dc=cgcs,dc=local" -W -f /etc/openldap/initial_config.ldif -#ldapsearch -x -b 'dc=cgcs,dc=local' '(objectclass=*)' -dn: dc=cgcs,dc=local -dc: cgcs -objectClass: top -objectClass: domain - -dn: ou=policies,dc=cgcs,dc=local -ou: policies -objectClass: top -objectClass: organizationalUnit - -dn: ou=People,dc=cgcs,dc=local -ou: People -objectClass: top -objectClass: organizationalUnit - -dn: ou=Group,dc=cgcs,dc=local -ou: Group -objectClass: top -objectClass: organizationalUnit - -dn: ou=SUDOers,dc=cgcs,dc=local -objectClass: top -objectClass: organizationalUnit -ou: SUDOers - -dn: cn=users,ou=Group,dc=cgcs,dc=local -objectClass: posixGroup -objectClass: top -cn: users -userPassword: {crypt}x -gidNumber: 100 - -dn: cn=cgcs,ou=Group,dc=cgcs,dc=local -objectClass: posixGroup -objectClass: top -cn: cgcs -userPassword: {crypt}x -gidNumber: 1000 - -dn: cn=default,ou=policies,dc=cgcs,dc=local -objectClass: top -objectClass: device -objectClass: pwdPolicy -objectClass: pwdPolicyChecker -cn: default -pwdAttribute: userPassword -pwdMaxAge: 0 -pwdExpireWarning: 432000 -pwdInHistory: 2 -pwdCheckModule: check_password.so -pwdCheckQuality: 1 -pwdMinLength: 7 -pwdMaxFailure: 5 -pwdLockout: TRUE -pwdLockoutDuration: 300 -pwdFailureCountInterval: 0 -pwdMustChange: TRUE -pwdAllowUserChange: TRUE -pwdSafeModify: FALSE -pwdGraceAuthNLimit: 0 - -dn: cn=defaults,ou=SUDOers,dc=cgcs,dc=local -objectClass: top -objectClass: sudoRole -cn: defaults -description: Default sudoOption's go here -sudoOrder: 1 - -dn: cn=admin,ou=SUDOers,dc=cgcs,dc=local -objectClass: top -objectClass: sudoRole -cn: admin -sudoUser: admin -sudoHost: ALL -sudoRunAsUser: ALL -sudoCommand: ALL -sudoOrder: 2 -sudoOption: secure_path=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin diff --git a/ldap/openldap-config/files/initscript b/ldap/openldap-config/files/initscript deleted file mode 100755 index d3208dd9a..000000000 --- a/ldap/openldap-config/files/initscript +++ /dev/null @@ -1,100 +0,0 @@ -#! /bin/sh -# -# This is an init script for openembedded -# Copy it to /etc/init.d/openldap and type -# > update-rc.d openldap defaults 60 -# -. /etc/init.d/functions - -################################################################################ -# Wait for a process to stop running. -# -################################################################################ -function wait_for_proc_stop() -{ - PROGNAME=$1 - TIMEOUT=${2:-"5"} - - for I in $(seq 1 $TIMEOUT); do - PID=$(pidof $PROGNAME 2> /dev/null) - if [ $? -ne 0 ]; then - ## already dead - return 0 - fi - sleep 1 - done - - return 1 -} - -slapd=/usr/sbin/slapd -test -x "$slapd" || exit 0 - -RETVAL=0 - -case "$1" in - start) - echo -n "Starting SLAPD: " - if [ -f /etc/openldap/schema/cn=config.ldif ]; then - start-stop-daemon --start --oknodo --quiet --exec $slapd \ - -- -F /etc/openldap/schema/ - RETVAL=$? - else - start-stop-daemon --start --oknodo --quiet --exec $slapd - RETVAL=$? - fi - if [ $RETVAL -ne 0 ]; then - echo "Failed to start SLAPD." - exit $RETVAL - fi - - # we need to start nscd service as part of this openldap - # init.d script since SM manages this as a service and both - # daemons should be running on a controller host - systemctl status nscd.service - if [ $? -ne 0 ]; then - echo -n "Starting NSCD: " - systemctl start nscd.service - RETVAL=$? - if [ $RETVAL -ne 0 ]; then - echo "Failed to start NSCD." - exit $RETVAL - fi - fi - - echo "." - ;; - stop) - echo -n "Stopping NSCD: " - systemctl stop nscd.service - rm -f /var/run/nscd/nscd.pid - - echo -n "Stopping SLAPD: " - start-stop-daemon --retry 60 --stop --oknodo --quiet --pidfile /var/run/slapd.pid - RETVAL=$? - wait_for_proc_stop $slapd 10 - WRETVAL=$? - while [ $WRETVAL -eq 1 ]; do - killproc $slapd - wait_for_proc_stop $slapd 10 - WRETVAL=$? - done - rm -f /var/run/slapd.pid - echo "." - ;; - status) - status $slapd - [ $? -eq 0 ] || exit $? - systemctl status nscd.service - [ $? -eq 0 ] || exit $? - ;; - restart) - $0 stop - $0 start - ;; - *) - echo "Usage: /etc/init.d/openldap {start|stop|status|restart}" - exit 1 -esac - -exit $RETVAL diff --git a/ldap/openldap-config/files/slapd.conf b/ldap/openldap-config/files/slapd.conf deleted file mode 100644 index 3b6fcc545..000000000 --- a/ldap/openldap-config/files/slapd.conf +++ /dev/null @@ -1,117 +0,0 @@ -# -# See slapd.conf(5) for details on configuration options. -# This file should NOT be world readable. -# -include /etc/openldap/schema/core.schema -include /etc/openldap/schema/cosine.schema -include /etc/openldap/schema/inetorgperson.schema -include /etc/openldap/schema/nis.schema -include /etc/openldap/schema/ppolicy.schema -include /etc/openldap/schema/sudo.schema - -# Define global ACLs to disable default read access. - -# Do not enable referrals until AFTER you have a working directory -# service AND an understanding of referrals. -#referral ldap://root.openldap.org - -pidfile /var/run/slapd.pid -argsfile /var/run/slapd.args - -# uniquely identifies this server -serverID 001 - -# Load dynamic backend modules: -modulepath /usr/libexec/openldap -moduleload back_mdb.la -moduleload ppolicy.la -moduleload syncprov.la - -# Sample security restrictions -# Require integrity protection (prevent hijacking) -# Require 112-bit (3DES or better) encryption for updates -# Require 63-bit encryption for simple bind -# security ssf=1 update_ssf=112 simple_bind=64 - -# Sample access control policy: -# Root DSE: allow anyone to read it -# Subschema (sub)entry DSE: allow anyone to read it -# Other DSEs: -# Allow self write access -# Allow authenticated users read access -# Allow anonymous users to authenticate -# Directives needed to implement policy: -#access to dn.base="" by * read -#access to dn.base="cn=Subschema" by * read -#access to * -# by self write -# by anonymous auth -# by * read -# -# if no access controls are present, the default policy -# allows anyone and everyone to read anything but restricts -# updates to rootdn. (e.g., "access to * by * read") -# -# rootdn can always read and write EVERYTHING! - -####################################################################### -# BDB database definitions -####################################################################### - -database mdb -suffix "dc=cgcs,dc=local" -rootdn "cn=ldapadmin,dc=cgcs,dc=local" -# Cleartext passwords, especially for the rootdn, should -# be avoid. See slappasswd(8) and slapd.conf(5) for details. -# Use of strong authentication encouraged. -rootpw _LDAPADMIN_PW_ -# The database directory MUST exist prior to running slapd AND -# should only be accessible by the slapd and slap tools. -# Mode 700 recommended. -directory /var/lib/openldap-data -# Maximum size -maxsize 1073741824 -# Indices to maintain -index cn eq -index objectClass eq -index uid eq,pres,sub -index uidNumber eq -index gidNumber eq -index memberUid eq -index sudoUser eq,sub - -access to * - by self write - by * read - -loglevel none - -overlay ppolicy -ppolicy_default "cn=default,ou=policies,dc=cgcs,dc=local" -ppolicy_use_lockout - -# NOTE: -# syncrepl directives for each of the other masters -syncrepl rid=000 - provider=ldap://controller-1 - type=refreshAndPersist - retry="5 5 300 +" - searchbase="dc=cgcs,dc=local" - attrs="*,+" - bindmethod=simple - binddn="cn=ldapadmin,dc=cgcs,dc=local" - credentials=_LDAPADMIN_PW_ - -# syncprov specific indexing (add others as required) -index entryCSN eq -index entryUUID eq -# ... -# # mirror mode essential to allow writes -# # and must appear after all syncrepl directives -mirrormode TRUE -# -# # define the provider to use the syncprov overlay -# # (last directives in database section) -overlay syncprov -# # contextCSN saved to database every 100 updates or ten minutes -syncprov-checkpoint 1 1 diff --git a/ldap/openldap-config/files/slapd.service b/ldap/openldap-config/files/slapd.service deleted file mode 100644 index 24b39380a..000000000 --- a/ldap/openldap-config/files/slapd.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=OpenLDAP Server Daemon -Before=rsyncd.service -After=network.target syslog-ng.target -Documentation=man:slapd -Documentation=man:slapd-config -Documentation=man:slapd-hdb -Documentation=man:slapd-mdb -Documentation=file:///usr/share/doc/openldap-servers/guide.html - -[Service] -Type=forking -PIDFile=/var/run/slapd.pid -Environment="SLAPD_URLS=ldap:/// ldapi:///" "SLAPD_OPTIONS=" -EnvironmentFile=/etc/sysconfig/slapd -ExecStartPre=/usr/libexec/openldap/check-config.sh -ExecStart=/etc/init.d/openldap start -ExecStop=/etc/init.d/openldap stop -ExecReload=/etc/init.d/openldap restart -RemainAfterExit=yes - -[Install] -WantedBy=multi-user.target diff --git a/ldap/openldap-config/files/slapd.sysconfig b/ldap/openldap-config/files/slapd.sysconfig deleted file mode 100644 index 573486da4..000000000 --- a/ldap/openldap-config/files/slapd.sysconfig +++ /dev/null @@ -1,15 +0,0 @@ -# OpenLDAP server configuration -# see 'man slapd' for additional information - -# Where the server will run (-h option) -# - ldapi:/// is required for on-the-fly configuration using client tools -# (use SASL with EXTERNAL mechanism for authentication) -# - default: ldapi:/// ldap:/// -# - example: ldapi:/// ldap://127.0.0.1/ ldap://10.0.0.1:1389/ ldaps:/// -SLAPD_URLS="ldapi:/// ldap:///" - -# Any custom options -SLAPD_OPTIONS="" - -# Keytab location for GSSAPI Kerberos authentication -#KRB5_KTNAME="FILE:/etc/openldap/ldap.keytab" diff --git a/logging/logrotate-config/centos/build_srpm.data b/logging/logrotate-config/centos/build_srpm.data deleted file mode 100644 index da1e20bd8..000000000 --- a/logging/logrotate-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=0 diff --git a/logging/logrotate-config/centos/logrotate-config.spec b/logging/logrotate-config/centos/logrotate-config.spec deleted file mode 100644 index f3fa62ec0..000000000 --- a/logging/logrotate-config/centos/logrotate-config.spec +++ /dev/null @@ -1,49 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX logrotate Configuration File -Name: logrotate-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -Requires: logrotate - -%define debug_package %{nil} - -%description -StarlingX logrotate configuration file - -%prep - -%setup - -%build - -%install -mkdir -p %{buildroot}%{_sysconfdir}/cron.d -install -m 644 logrotate-cron.d %{buildroot}%{_sysconfdir}/cron.d/logrotate -install -d %{buildroot}%{_datadir}/starlingx -install -m 644 logrotate.conf %{buildroot}%{_datadir}/starlingx/logrotate.conf - - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/logrotate.conf %{_sysconfdir}/logrotate.conf - chmod 644 %{_sysconfdir}/logrotate.conf - mv %{_sysconfdir}/cron.daily/logrotate %{_sysconfdir}/logrotate.cron - chmod 700 %{_sysconfdir}/logrotate.cron -fi - -%files -%defattr(-,root,root) -%license LICENSE -%{_sysconfdir}/cron.d/logrotate -%{_datadir}/starlingx/logrotate.conf diff --git a/logging/logrotate-config/files/LICENSE b/logging/logrotate-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/logging/logrotate-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/logging/logrotate-config/files/logrotate-cron.d b/logging/logrotate-config/files/logrotate-cron.d deleted file mode 100644 index 52cb93c74..000000000 --- a/logging/logrotate-config/files/logrotate-cron.d +++ /dev/null @@ -1,4 +0,0 @@ -# m h dom mon dow user command -## Commenting out cron. Replaced by logmgmt daemon -#*/10 * * * * root /etc/logrotate.cron - diff --git a/logging/logrotate-config/files/logrotate.conf b/logging/logrotate-config/files/logrotate.conf deleted file mode 100644 index c7a6f0823..000000000 --- a/logging/logrotate-config/files/logrotate.conf +++ /dev/null @@ -1,38 +0,0 @@ -# see "man logrotate" for details -# rotate log files weekly -weekly - -# keep 4 weeks worth of backlogs -rotate 4 - -# create new (empty) log files after rotating old ones -create - -# use date as a suffix of the rotated file -dateext - -# Use su to rotate as root to ensure we don't fail due to dir permissions -su root root - -# uncomment this if you want your log files compressed -#compress - -# RPM packages drop log rotation information into this directory -include /etc/logrotate.d - -# no packages own wtmp and btmp -- we'll rotate them here -/var/log/wtmp { - monthly - create 0664 root utmp - minsize 1M - rotate 1 -} - -/var/log/btmp { - missingok - monthly - create 0600 root utmp - rotate 1 -} - -# system-specific logs may be also be configured here. diff --git a/networking/mellanox/mlx4-config/centos/build_srpm.data b/networking/mellanox/mlx4-config/centos/build_srpm.data deleted file mode 100644 index 57d0e0ecd..000000000 --- a/networking/mellanox/mlx4-config/centos/build_srpm.data +++ /dev/null @@ -1,4 +0,0 @@ -COPY_LIST=" \ - $PKG_BASE/files/* \ -" -TIS_PATCH_VER=2 diff --git a/networking/mellanox/mlx4-config/centos/mlx4-config.spec b/networking/mellanox/mlx4-config/centos/mlx4-config.spec deleted file mode 100644 index 6197766bd..000000000 --- a/networking/mellanox/mlx4-config/centos/mlx4-config.spec +++ /dev/null @@ -1,48 +0,0 @@ -Summary: Wind River Mellanox port-type configuration scripts -Name: mlx4-config -Version: 1.0.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: base -Packager: Wind River -URL: unknown - -Source1: mlx4-configure.sh -Source2: mlx4-config.service -Source3: LICENSE -Source4: mlx4_core_goenabled.sh -Source5: mlx4_core_config.sh - -BuildRequires: chkconfig -BuildRequires: systemd-devel - -%description -Wind River Mellanox port-type configuration scripts - -%install -%{__install} -d %{buildroot}%{_sysconfdir}/init.d -%{__install} -d %{buildroot}%{_unitdir} -%{__install} -d %{buildroot}%{_sysconfdir}/goenabled.d -%{__install} -d %{buildroot}%{_bindir} -%{__install} -m 755 %SOURCE1 %{buildroot}%{_sysconfdir}/init.d/ -%{__install} -m 644 %SOURCE2 %{buildroot}%{_unitdir}/ -%{__install} -m 555 %SOURCE4 %{buildroot}%{_sysconfdir}/goenabled.d/ -%{__install} -m 755 %SOURCE5 %{buildroot}%{_bindir}/ - -%clean -%{__rm} -rf %{buildroot} - -%post -/bin/systemctl enable mlx4-config.service >/dev/null 2>&1 - -%preun -/bin/systemctl disable mlx4-config.service >/dev/null 2>&1 - - -%files -%license ../SOURCES/LICENSE -%defattr(-,root,root,-) -%{_sysconfdir}/init.d/mlx4-configure.sh -%{_unitdir}/mlx4-config.service -%{_sysconfdir}/goenabled.d/mlx4_core_goenabled.sh -%{_bindir}/mlx4_core_config.sh diff --git a/networking/mellanox/mlx4-config/files/LICENSE b/networking/mellanox/mlx4-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/networking/mellanox/mlx4-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/networking/mellanox/mlx4-config/files/mlx4-config.service b/networking/mellanox/mlx4-config/files/mlx4-config.service deleted file mode 100644 index 5a834f2c0..000000000 --- a/networking/mellanox/mlx4-config/files/mlx4-config.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Wind River Mellanox port-type configuration scripts -Before=network.target - -[Service] -Type=oneshot -User=root -ExecStart=/etc/init.d/mlx4-configure.sh start -ExecStop=/etc/init.d/mlx4-configure.sh stop - -[Install] -WantedBy=multi-user.target diff --git a/networking/mellanox/mlx4-config/files/mlx4-configure.sh b/networking/mellanox/mlx4-config/files/mlx4-configure.sh deleted file mode 100644 index 959024e09..000000000 --- a/networking/mellanox/mlx4-config/files/mlx4-configure.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/bin/bash -################################################################################ -# Copyright (c) 2015 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# -################################################################################ - -PROGNAME=$(basename $0) -VENDOR_MLX4="0x15b3" -SYSFS_PCI_DEVICES=/sys/bus/pci/devices -DEBUG=${DEBUG:-0} - -# enable complex pattern matching so that in "configure_device()" we can get -# all files beginning in "mlx4_port" and ending in one or more digits. -shopt -s extglob - -function log { - local MSG="${PROGNAME}: $1" - if [ ${DEBUG} -ne 0 ]; then - echo "${MSG}" - fi - echo "${MSG}" >> /var/log/mlx4-configure.log -} - -function configure_device { - local DEVICE=$1 - local DEVICE_PATH=${SYSFS_PCI_DEVICES}/${DEVICE} - - if [ ! -d ${DEVICE_PATH} ]; then - log "device path ${DEVICE_PATH} not present for ${DEVICE}" - return 1 - fi - - local PORTS=$(ls -v1 ${DEVICE_PATH}/mlx4_port+([0-9])) - - local RESULT=0 - for PORT in ${PORTS}; do - local PORT_NAME=$(basename ${PORT}) - local PORT_TYPE=$(cat ${PORT}) - - if [ "${PORT_TYPE}" != "eth" ]; then - echo "eth" > ${PORT} - if [ $? -ne 0 ]; then - log "failed to change ${DEVICE}/${PORT_NAME} port type from \"${PORT_TYPE}\" to \"eth\"" - RESULT=1 - else - log "successfully changed ${DEVICE}/${PORT_NAME} port type from \"${PORT_TYPE}\" to \"eth\"" - fi - else - log "port type already set to \"eth\" for ${DEVICE}/${PORT_NAME}" - fi - done - - return ${RESULT} -} - - -function scan_devices { - local DEVICES=$(ls -1 ${SYSFS_PCI_DEVICES}) - - for DEVICE in ${DEVICES}; do - local VENDOR=$(cat ${SYSFS_PCI_DEVICES}/${DEVICE}/vendor) - local CLASS=$(cat ${SYSFS_PCI_DEVICES}/${DEVICE}/class) - - if ((((${CLASS} & 0xff0000)) != 0x020000)); then - ## Not a networking controller - continue - fi - - if [ "${VENDOR}" != "${VENDOR_MLX4}" ]; then - ## Not a Mellanox device - continue - fi - - configure_device ${DEVICE} - done - - return 0 -} - - -function start { - scan_devices - return $? -} - -function stop { - return 0 -} - -function status { - return 0 -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; - status) - status - ;; - *) - echo "Usage: $0 {start|stop|restart|status}" - exit 1 -esac diff --git a/networking/mellanox/mlx4-config/files/mlx4_core_config.sh b/networking/mellanox/mlx4-config/files/mlx4_core_config.sh deleted file mode 100644 index b1c0652d8..000000000 --- a/networking/mellanox/mlx4-config/files/mlx4_core_config.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -################################################################################ -# Copyright (c) 2015-2016 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# -################################################################################ -# -# Purpose: -# create /var/run/.mlx4_cx3_reboot_required to indicate a reboot is required -# this way newly generated mlx4_core kernel options can be applied -# inject /etc/modprobe.d/mlx4_sriov.conf into initramfs, since when the system -# is booted, the mlx4_core kernel module in initramfs will be used, so we need -# to inject the newly created modprobe conf file into initramfs -# -# Usage: /usr/bin/mlx4_core_config.sh -# -# Define minimal path -PATH=/bin:/usr/bin:/usr/local/bin - -/usr/sbin/touch /var/run/.mlx4_cx3_reboot_required -/usr/bin/dracut --include /etc/modprobe.d/mlx4_sriov.conf /etc/modprobe.d/mlx4_sriov.conf --force - -exit 0 diff --git a/networking/mellanox/mlx4-config/files/mlx4_core_goenabled.sh b/networking/mellanox/mlx4-config/files/mlx4_core_goenabled.sh deleted file mode 100644 index dae8aa317..000000000 --- a/networking/mellanox/mlx4-config/files/mlx4_core_goenabled.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2014 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# - -# mlx4_core options "goenabled" check. -# If a /etc/modprobe.d/mlx_sriov.conf has been modified/created on this node, it should be rebooted to apply this options. - -NAME=$(basename $0) -OPTIONS_CHANGED_FLAG=/var/run/.mlx4_cx3_reboot_required -WORKER_CONFIG_COMPLETE=/var/run/.worker_config_complete - -function LOG { - logger "$NAME: $*" -} - -if [ -f $OPTIONS_CHANGED_FLAG ] && [ -f $WORKER_CONFIG_COMPLETE ]; then - LOG "mlx4_core options has been changed. Failing goenabled check." - exit 1 -fi - -exit 0 - diff --git a/networking/openvswitch-config/centos/build_srpm.data b/networking/openvswitch-config/centos/build_srpm.data deleted file mode 100644 index 2c3b2cb8b..000000000 --- a/networking/openvswitch-config/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -SRC_DIR="files" -TIS_PATCH_VER=1 diff --git a/networking/openvswitch-config/centos/openvswitch-config.spec b/networking/openvswitch-config/centos/openvswitch-config.spec deleted file mode 100644 index 345c6599b..000000000 --- a/networking/openvswitch-config/centos/openvswitch-config.spec +++ /dev/null @@ -1,48 +0,0 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# Copyright (C) 2019 Intel Corporation -# -Summary: StarlingX openvswitch Configuration File -Name: openvswitch-config -Version: 1.0 -Release: %{tis_patch_ver}%{?_tis_dist} -License: Apache-2.0 -Group: config-files -Packager: StarlingX -URL: unknown -Source: %name-%version.tar.gz - -BuildArch: noarch -Requires: openvswitch - -%define debug_package %{nil} - -%description -StarlingX openvswitch configuration file - -%prep - -%setup - -%build - -%install -install -d -m 0755 %{buildroot}%{_sysconfdir}/openvswitch -install -m 0644 ovsdb-server.pmon.conf %{buildroot}%{_sysconfdir}/openvswitch/ovsdb-server.pmon.conf -install -m 0644 ovs-vswitchd.pmon.conf %{buildroot}%{_sysconfdir}/openvswitch/ovs-vswitchd.pmon.conf -install -d %{buildroot}%{_datadir}/starlingx -install -m 0640 etc_logrotate.d_openvswitch %{buildroot}%{_datadir}/starlingx/etc_logrotate.d_openvswitch - -%post -if [ $1 -eq 1 ] ; then - cp -f %{_datadir}/starlingx/etc_logrotate.d_openvswitch %{_sysconfdir}/logrotate.d/openvswitch - chmod 644 %{_sysconfdir}/logrotate.d/openvswitch -fi - -%files -%defattr(-,root,root) -%license LICENSE -%config(noreplace) %{_sysconfdir}/openvswitch/ovsdb-server.pmon.conf -%config(noreplace) %{_sysconfdir}/openvswitch/ovs-vswitchd.pmon.conf -%{_datadir}/starlingx/etc_logrotate.d_openvswitch diff --git a/networking/openvswitch-config/files/LICENSE b/networking/openvswitch-config/files/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/networking/openvswitch-config/files/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/networking/openvswitch-config/files/etc_logrotate.d_openvswitch b/networking/openvswitch-config/files/etc_logrotate.d_openvswitch deleted file mode 100644 index f9ae766e5..000000000 --- a/networking/openvswitch-config/files/etc_logrotate.d_openvswitch +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright (C) 2009, 2010, 2011, 2012 Nicira, Inc. -# -# Copying and distribution of this file, with or without modification, -# are permitted in any medium without royalty provided the copyright -# notice and this notice are preserved. This file is offered as-is, -# without warranty of any kind. - -/var/log/openvswitch/*.log { - nodateext - size 10M - start 1 - rotate 20 - notifempty - compress - sharedscripts - missingok - postrotate - # Tell Open vSwitch daemons to reopen their log files - if [ -d /var/run/openvswitch ]; then - for ctl in /var/run/openvswitch/*.ctl; do - ovs-appctl -t "$ctl" vlog/reopen 2>/dev/null || : - done - fi - endscript -} diff --git a/networking/openvswitch-config/files/ovs-vswitchd.pmon.conf b/networking/openvswitch-config/files/ovs-vswitchd.pmon.conf deleted file mode 100644 index 145989305..000000000 --- a/networking/openvswitch-config/files/ovs-vswitchd.pmon.conf +++ /dev/null @@ -1,24 +0,0 @@ -[process] -process = ovs-vswitchd -service = ovs-vswitchd ; The name of the process's systemd service file without the extension -pidfile = /var/run/openvswitch/ovs-vswitchd.pid -style = lsb ; ocf or lsb -severity = critical ; minor, major, critical -restarts = 0 ; restarts before error assertion -interval = 0 ; number of seconds to wait between restarts -debounce = 20 ; number of seconds that a process needs to remain - ; running before degrade is removed and retry count - ; is cleared. -startuptime = 5 ; Seconds to wait after process start before starting the debounce monitor -mode = passive ; Monitoring mode: passive (default) or active - ; passive: process death monitoring (default: always) - ; active : heartbeat monitoring, i.e. request / response messaging - ; ignore : do not monitor or stop monitoring -subfunction = worker ; Optional label. - ; Manage this process in the context of a combo host subfunction - ; Choices: worker or storage. - ; when specified pmond will wait for - ; /var/run/.worker_config_complete or - ; /var/run/.storage_config_complete - ; ... before managing this process with the specified subfunction - ; Excluding this label will cause this process to be managed by default on startup diff --git a/networking/openvswitch-config/files/ovsdb-server.pmon.conf b/networking/openvswitch-config/files/ovsdb-server.pmon.conf deleted file mode 100644 index 9fa8b51a0..000000000 --- a/networking/openvswitch-config/files/ovsdb-server.pmon.conf +++ /dev/null @@ -1,25 +0,0 @@ -[process] -process = ovsdb-server -service = ovsdb-server ; The name of the process's systemd service file without the extension -pidfile = /var/run/openvswitch/ovsdb-server.pid -style = lsb ; ocf or lsb -severity = critical ; minor, major, critical -restarts = 3 ; restarts before error assertion -interval = 5 ; number of seconds to wait between restarts -debounce = 20 ; number of seconds that a process needs to remain - ; running before degrade is removed and retry count - ; is cleared. -startuptime = 5 ; Seconds to wait after process start before starting the debounce monitor -mode = passive ; Monitoring mode: passive (default) or active - ; passive: process death monitoring (default: always) - ; active : heartbeat monitoring, i.e. request / response messaging - ; ignore : do not monitor or stop monitoring -subfunction = worker ; Optional label. - ; Manage this process in the context of a combo host subfunction - ; Choices: worker or storage. - ; when specified pmond will wait for - ; /var/run/.worker_config_complete or - ; /var/run/.storage_config_complete - ; ... before managing this process with the specified subfunction - ; Excluding this label will cause this process to be managed by default on startup -