mkdir -p './X11/xkb'
mkdir -p './acpi/events'
mkdir -p './apparmor.d/force-complain'
+mkdir -p './apt/auth.conf.d'
mkdir -p './apt/preferences.d'
mkdir -p './binfmt.d'
mkdir -p './ca-certificates/update.d'
mkdir -p './dbus-1/session.d'
+mkdir -p './dovecot/conf.d'
+mkdir -p './dovecot/private'
mkdir -p './dpkg/dpkg.cfg.d'
mkdir -p './fail2ban/fail2ban.d'
mkdir -p './gss/mech.d'
maybe chmod 0644 'apt/apt.conf.d/25loolwsd'
maybe chmod 0644 'apt/apt.conf.d/50command-not-found'
maybe chmod 0644 'apt/apt.conf.d/70debconf'
+maybe chmod 0755 'apt/auth.conf.d'
maybe chmod 0755 'apt/preferences.d'
maybe chmod 0644 'apt/sources.list'
maybe chmod 0755 'apt/sources.list.d'
maybe chmod 0700 'dkimkeys'
maybe chmod 0644 'dkimkeys/README.PrivateKeys'
maybe chmod 0755 'dovecot'
+maybe chmod 0755 'dovecot/conf.d'
maybe chmod 0770 'dovecot/dovecot-sql.conf'
maybe chmod 0644 'dovecot/dovecot.conf'
+maybe chmod 0700 'dovecot/private'
maybe chmod 0755 'dpkg'
maybe chmod 0644 'dpkg/dpkg.cfg'
maybe chmod 0755 'dpkg/dpkg.cfg.d'
{
"^firmware-linux.*";
"^linux-firmware$";
+ "^linux-image-[a-z0-9]*$";
+ "^linux-image-[a-z0-9]*-[a-z0-9]*$";
};
VersionedKernelPackages
cat <<EOF
# GRUB lacks write support for $abstraction, so recordfail support is disabled.
EOF
- return
+ return 1
;;
esac
done
cat <<EOF
# GRUB lacks write support for $FS, so recordfail support is disabled.
EOF
- return
+ return 1
;;
esac
EOF
}
- check_writable
+ if ! check_writable; then
+ recordfail_broken=1
+ fi
cat <<EOF
}
fi
fi
EOF
+if [ "$recordfail_broken" = 1 ]; then
+ cat << EOF
+if [ \$grub_platform = efi ]; then
+ set timeout=${GRUB_RECORDFAIL_TIMEOUT:-30}
+ if [ x\$feature_timeout_style = xy ] ; then
+ set timeout_style=menu
+ fi
+fi
+EOF
+fi
}
if [ "x$GRUB_BUTTON_CMOS_ADDRESS" != "x" ]; then
-Ubuntu 18.04.1 LTS \n \l
+Ubuntu 18.04.2 LTS \n \l
-Ubuntu 18.04.1 LTS
+Ubuntu 18.04.2 LTS
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
-DISTRIB_DESCRIPTION="Ubuntu 18.04.1 LTS"
+DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"
# Conflicts with dvb driver (which is better for handling this device)
blacklist snd_aw2
+# Causes trackpads to stop working on Lenovo 11e 2nd gen (Ubuntu: #1802135)
+# and Lenovo x240 to hang on boot (Ubuntu: #1802689)
+blacklist i2c_i801
+
# replaced by p54pci
blacklist prism54
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file.
+; Note: disables the realpath cache
; http://php.net/open-basedir
;open_basedir =
; Determines the size of the realpath cache to be used by PHP. This value should
; be increased on systems where PHP opens many files to reflect the quantity of
; the file operations performed.
+; Note: if open_basedir is set, the cache is disabled
; http://php.net/realpath-cache-size
;realpath_cache_size = 4096k
; For example:
;
; extension=mysqli
-;
+;
; When the extension library to load is not located in the default extension
; directory, You may specify an absolute path to the library file:
;
; otherwise output encoding conversion cannot be performed.
;iconv.output_encoding =
+[imap]
+; rsh/ssh logins are disabled by default. Use this INI entry if you want to
+; enable them. Note that the IMAP library does not filter mailbox names before
+; passing them to rsh/ssh command, thus passing untrusted data to this function
+; with rsh/ssh enabled is insecure.
+;imap.enable_insecure_rsh=0
+
[intl]
;intl.default_locale =
; This directive allows you to produce PHP errors when some error
[DEFAULT]
# Default prompting behavior, valid options:
#
-# never - Never check for a new release.
+# never - Never check for, or allow upgrading to, a new release.
# normal - Check to see if a new release is available. If more than one new
# release is found, the release upgrader will attempt to upgrade to
-# the release that immediately succeeds the currently-running
-# release.
+# the supported release that immediately succeeds the
+# currently-running release.
# lts - Check to see if a new LTS release is available. The upgrader
# will attempt to upgrade to the first LTS release available after
-# the currently-running one. Note that this option should not be
-# used if the currently-running release is not itself an LTS
-# release, since in that case the upgrader won't be able to
-# determine if a newer release is available.
+# the currently-running one. Note that if this option is used and
+# the currently-running release is not itself an LTS release the
+# upgrader will assume prompt was meant to be normal.
Prompt=lts
projects / vserver / commitdiff