maybe chmod 0644 'apt/apt.conf.d/00trustcdrom'
maybe chmod 0644 'apt/apt.conf.d/01-vendor-ubuntu'
maybe chmod 0644 'apt/apt.conf.d/01autoremove'
-maybe chmod 0444 'apt/apt.conf.d/01autoremove-kernels'
maybe chmod 0644 'apt/apt.conf.d/05etckeeper'
maybe chmod 0644 'apt/apt.conf.d/20apt-esm-hook.conf'
maybe chmod 0644 'apt/apt.conf.d/20apt-show-versions'
maybe chmod 0644 'kernel-img.conf'
maybe chmod 0755 'kernel/install.d'
maybe chmod 0755 'kernel/postinst.d'
-maybe chmod 0755 'kernel/postinst.d/apt-auto-removal'
maybe chmod 0755 'kernel/postinst.d/initramfs-tools'
maybe chmod 0755 'kernel/postinst.d/xx-update-initrd-links'
maybe chmod 0755 'kernel/postinst.d/zz-update-grub'
maybe chmod 0644 'ldap/schema/amavis.schema'
maybe chmod 0644 'legal'
maybe chmod 0755 'letsencrypt'
+maybe chmod 0600 'letsencrypt/.certbot.lock'
maybe chmod 0644 'letsencrypt/.updated-options-ssl-apache-conf-digest.txt'
maybe chmod 0700 'letsencrypt/accounts'
maybe chmod 0700 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org'
+++ /dev/null
-// DO NOT EDIT! File autogenerated by /etc/kernel/postinst.d/apt-auto-removal
-APT::NeverAutoRemove
-{
- "^linux-.*-5\.4\.0-81-generic$";
- "^linux-.*-5\.4\.0-94-generic$";
- "^kfreebsd-.*-5\.4\.0-81-generic$";
- "^kfreebsd-.*-5\.4\.0-94-generic$";
- "^gnumach-.*-5\.4\.0-81-generic$";
- "^gnumach-.*-5\.4\.0-94-generic$";
- "^.*-modules-5\.4\.0-81-generic$";
- "^.*-modules-5\.4\.0-94-generic$";
- "^.*-kernel-5\.4\.0-81-generic$";
- "^.*-kernel-5\.4\.0-94-generic$";
-};
-/* Debug information:
-# dpkg list:
-rc linux-image-4.15.0-109-generic 4.15.0-109.110 amd64 Signed kernel image generic
-rc linux-image-4.15.0-38-generic 4.15.0-38.41 amd64 Signed kernel image generic
-rc linux-image-4.15.0-64-generic 4.15.0-64.73 amd64 Signed kernel image generic
-rc linux-image-5.4.0-40-generic 5.4.0-40.44 amd64 Signed kernel image generic
-rc linux-image-5.4.0-48-generic 5.4.0-48.52 amd64 Signed kernel image generic
-ii linux-image-5.4.0-52-generic 5.4.0-52.57 amd64 Signed kernel image generic
-ii linux-image-5.4.0-81-generic 5.4.0-81.91 amd64 Signed kernel image generic
-iF linux-image-5.4.0-94-generic 5.4.0-94.106 amd64 Signed kernel image generic
-ii linux-image-generic 5.4.0.94.98 amd64 Generic Linux kernel image
-# list of installed kernel packages:
-5.4.0-52-generic 5.4.0-52.57
-5.4.0-81-generic 5.4.0-81.91
-5.4.0-94-generic 5.4.0-94.106
-# list of different kernel versions:
-5.4.0-94.106
-5.4.0-81.91
-5.4.0-52.57
-# Installing kernel: 5.4.0-94.106 (5.4.0-94-generic)
-# Running kernel: 5.4.0-81.91 (5.4.0-81-generic)
-# Last kernel: 5.4.0-94.106
-# Previous kernel: 5.4.0-81.91
-# Kernel versions list to keep:
-5.4.0-81.91
-5.4.0-94.106
-# Kernel packages (version part) to protect:
-5\.4\.0-81-generic
-5\.4\.0-94-generic
-*/
+++ /dev/null
-#!/bin/sh
-set -e
-# Mark as not-for-autoremoval those kernel packages that are:
-# - the currently booted version
-# - the kernel version we've been called for
-# - the latest kernel version (as determined by debian version number)
-# - the second-latest kernel version
-#
-# In the common case this results in two kernels saved (booted into the
-# second-latest kernel, we install the latest kernel in an upgrade), but
-# can save up to four. Kernel refers here to a distinct release, which can
-# potentially be installed in multiple flavours counting as one kernel.
-
-eval $(apt-config shell APT_CONF_D Dir::Etc::parts/d)
-test -n "${APT_CONF_D}" || APT_CONF_D="/etc/apt/apt.conf.d"
-config_file="${APT_CONF_D}/01autoremove-kernels"
-
-eval $(apt-config shell DPKG Dir::bin::dpkg/f)
-test -n "$DPKG" || DPKG="/usr/bin/dpkg"
-
-list="$("${DPKG}" -l | awk '/^[ih][^nc][ ]+(linux|kfreebsd|gnumach)-image-[0-9]+\./ && $2 !~ /-dbg(:.*)?$/ && $2 !~ /-dbgsym(:.*)?$/ { print $2,$3; }' \
- | sed -e 's#^\(linux\|kfreebsd\|gnumach\)-image-##' -e 's#:[^:]\+ # #')"
-debverlist="$(echo "$list" | cut -d' ' -f 2 | sort --unique --reverse --version-sort)"
-
-if [ -n "$1" ]; then
- installed_version="$(echo "$list" | awk "\$1 == \"$1\" { print \$2;exit; }")"
-fi
-unamer="$(uname -r | tr '[A-Z]' '[a-z]')"
-if [ -n "$unamer" ]; then
- running_version="$(echo "$list" | awk "\$1 == \"$unamer\" { print \$2;exit; }")"
-fi
-# ignore the currently running version if attempting a reproducible build
-if [ -n "${SOURCE_DATE_EPOCH}" ]; then
- unamer=""
- running_version=""
-fi
-latest_version="$(echo "$debverlist" | sed -n 1p)"
-previous_version="$(echo "$debverlist" | sed -n 2p)"
-
-debkernels="$(echo "$latest_version
-$installed_version
-$running_version
-$previous_version" | sort -u | sed -e '/^$/ d')"
-kernels="$( (echo "$1
-$unamer"; for deb in $debkernels; do echo "$list" | awk "\$2 == \"$deb\" { print \$1; }"; done; ) \
- | sed -e 's#\([\.\+]\)#\\\1#g' -e '/^$/ d' | sort -u)"
-
-generateconfig() {
- cat <<EOF
-// DO NOT EDIT! File autogenerated by $0
-APT::NeverAutoRemove
-{
-EOF
- for package in $(apt-config dump --no-empty --format '%v%n' 'APT::VersionedKernelPackages'); do
- for kernel in $kernels; do
- echo " \"^${package}-${kernel}$\";"
- done
- done
- echo '};'
- if [ "${APT_AUTO_REMOVAL_KERNELS_DEBUG:-true}" = 'true' ]; then
- cat <<EOF
-/* Debug information:
-# dpkg list:
-$(dpkg -l | grep '\(linux\|kfreebsd\|gnumach\)-image-')
-# list of installed kernel packages:
-$list
-# list of different kernel versions:
-$debverlist
-# Installing kernel: $installed_version ($1)
-# Running kernel: ${running_version:-ignored} (${unamer:-ignored})
-# Last kernel: $latest_version
-# Previous kernel: $previous_version
-# Kernel versions list to keep:
-$debkernels
-# Kernel packages (version part) to protect:
-$kernels
-*/
-EOF
- fi
-}
-generateconfig "$@" > "${config_file}.dpkg-new"
-mv -f "${config_file}.dpkg-new" "$config_file"
-chmod 444 "$config_file"
more about Ubuntu Kernel Livepatch service at
https://ubuntu.com/security/livepatch
+realtime-kernel:
+ help: |
+ The real-time kernel is a beta version of the 22.04 Ubuntu kernel with the
+ PREEMPT_RT patchset integrated for x86_64 and ARM64. It services extreme
+ latency-dependent use cases and provides deterministic response times to
+ service events. By meeting stringent preemption specifications, the
+ real-time kernel is suitable for telco applications and embedded devices
+ in industrial automation and robotics. To enroll in the beta program, visit
+ https://ubuntu.com/realtime-kernel
+
ros:
help: |
ros provides access to a private PPA which includes security-related
projects / vserver / commitdiff