From: root Date: Mon, 23 Sep 2019 07:36:58 +0000 (+0200) Subject: daily autocommit X-Git-Url: https://git.hoellein.online/?a=commitdiff_plain;h=bf191d833c45b16395237690b062153ef6328743;p=zenbook daily autocommit --- diff --git a/.etckeeper b/.etckeeper index 154b0ef..3fae96f 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1829,6 +1829,7 @@ maybe chmod 0755 'init.d/umountfs' maybe chmod 0755 'init.d/umountnfs.sh' maybe chmod 0755 'init.d/umountroot' maybe chmod 0755 'init.d/unattended-upgrades' +maybe chmod 0755 'init.d/unifi-video' maybe chmod 0755 'init.d/urandom' maybe chmod 0755 'init.d/uuidd' maybe chmod 0755 'init.d/whoopsie' @@ -2676,6 +2677,7 @@ maybe chmod 0755 'security' maybe chmod 0644 'security/access.conf' maybe chmod 0644 'security/group.conf' maybe chmod 0644 'security/limits.conf' +maybe chmod 0644 'security/limits.confe' maybe chmod 0755 'security/limits.d' maybe chmod 0644 'security/limits.d/uhd.conf' maybe chmod 0644 'security/namespace.conf' @@ -2778,6 +2780,7 @@ maybe chmod 0644 'subversion/servers' maybe chmod 0440 'sudoers' maybe chmod 0755 'sudoers.d' maybe chmod 0440 'sudoers.d/README' +maybe chmod 0440 'sudoers.d/unifi-video' maybe chmod 0644 'sysctl.conf' maybe chmod 0755 'sysctl.d' maybe chmod 0644 'sysctl.d/10-console-messages.conf' diff --git a/group b/group index dbe89c6..6bafb0c 100644 --- a/group +++ b/group @@ -87,3 +87,4 @@ nm-openvpn:x:143: mysql:x:144: gdm:x:129: systemd-coredump:x:997: +unifi-video:x:131: diff --git a/group- b/group- index 3e15810..dbe89c6 100644 --- a/group- +++ b/group- @@ -86,3 +86,4 @@ usrp:x:142: nm-openvpn:x:143: mysql:x:144: gdm:x:129: +systemd-coredump:x:997: diff --git a/gshadow b/gshadow index 6abd0eb..43bcecf 100644 --- a/gshadow +++ b/gshadow @@ -87,3 +87,4 @@ nm-openvpn:!:: mysql:!:: gdm:!:: systemd-coredump:!!:: +unifi-video:!:: diff --git a/gshadow- b/gshadow- index 4118c05..6abd0eb 100644 --- a/gshadow- +++ b/gshadow- @@ -86,3 +86,4 @@ usrp:!:: nm-openvpn:!:: mysql:!:: gdm:!:: +systemd-coredump:!!:: diff --git a/init.d/unifi-video b/init.d/unifi-video new file mode 100755 index 0000000..e084ced --- /dev/null +++ b/init.d/unifi-video @@ -0,0 +1,95 @@ +#!/bin/sh +# +# /etc/init.d/unifi-video -- startup script for Ubiquiti UniFi Video +# +# +### BEGIN INIT INFO +# Provides: unifi-video +# Required-Start: $local_fs $remote_fs $network +# Required-Stop: $local_fs $remote_fs $network +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Ubiquiti unifi-video +# Description: Ubiquiti UniFi Video +### END INIT INFO + + +NAME=unifi-video +DESC="Ubiquiti UniFi Video" + +PKGUSER=unifi-video + +PATH=/bin:/usr/bin:/sbin:/usr/sbin + +[ -f /etc/default/rcS ] && . /etc/default/rcS +. /lib/lsb/init-functions + +ENABLE_UNIFIVIDEO=yes +[ -f /etc/default/${NAME} ] && . /etc/default/${NAME} + +[ "x${ENABLE_UNIFIVIDEO}" != "xyes" ] && exit 0 + +PIDFILE="/var/run/${NAME}/${NAME}.pid" +CMD="/usr/sbin/${NAME}" + +CMD_START="${CMD} start" +CMD_STOP="${CMD} -D stop" +CMD_STATUS="${CMD} status" + + +is_running() { + local RC + RC=0 + ${CMD_STATUS} >/dev/null 2>&1 || RC=$? + return ${RC} +} + +case "$1" in + start) + log_daemon_msg "Starting ${DESC}" "${NAME}" + if is_running; then + log_progress_msg "(already running)" + log_end_msg 1 + else + ${CMD_START} + sleep 1 + if is_running; then + log_end_msg 0 + else + log_end_msg 1 + fi + fi + ;; + stop) + log_daemon_msg "Stopping ${DESC}" "${NAME}" + if is_running; then + ${CMD_STOP} + else + log_progress_msg "(not running)" + fi + log_end_msg 0 + ;; + status) + status_of_proc -p ${PIDFILE} ${NAME} ${NAME} && exit 0 || exit $? + ;; + restart|reload|force-reload) + if is_running ; then + if which invoke-rc.d >/dev/null 2>&1; then + invoke-rc.d ${NAME} stop + else + /etc/init.d/${NAME} stop + fi + fi + if which invoke-rc.d >/dev/null 2>&1; then + invoke-rc.d ${NAME} start + else + /etc/init.d/${NAME} start + fi + ;; + *) + log_success_msg "Usage: $0 {start|stop|restart|reload|force-reload}" + exit 1 + ;; +esac + +exit 0 diff --git a/pam.d/su b/pam.d/su index d5c6903..a06e8f7 100644 --- a/pam.d/su +++ b/pam.d/su @@ -49,7 +49,7 @@ session optional pam_mail.so nopen # Sets up user limits according to /etc/security/limits.conf # (Replaces the use of /etc/limits in old login) -session required pam_limits.so +session required pam_limits.so # The standard Unix authentication modules, used with # NIS (man nsswitch) as well as normal /etc/passwd and diff --git a/passwd b/passwd index cb250c3..ad2d096 100644 --- a/passwd +++ b/passwd @@ -54,3 +54,4 @@ mysql:x:131:144:MySQL Server,,,:/nonexistent:/bin/false gdm:x:121:129:Gnome Display Manager:/var/lib/gdm3:/bin/false gnome-initial-setup:x:123:65534::/run/gnome-initial-setup/:/bin/false systemd-coredump:x:997:997:systemd Core Dumper:/:/sbin/nologin +unifi-video:x:132:131::/usr/lib/unifi-video:/bin/sh diff --git a/passwd- b/passwd- index ad57870..ad2d096 100644 --- a/passwd- +++ b/passwd- @@ -53,3 +53,5 @@ nm-openvpn:x:130:143:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin mysql:x:131:144:MySQL Server,,,:/nonexistent:/bin/false gdm:x:121:129:Gnome Display Manager:/var/lib/gdm3:/bin/false gnome-initial-setup:x:123:65534::/run/gnome-initial-setup/:/bin/false +systemd-coredump:x:997:997:systemd Core Dumper:/:/sbin/nologin +unifi-video:x:132:131::/usr/lib/unifi-video:/bin/sh diff --git a/rc0.d/K01unifi-video b/rc0.d/K01unifi-video new file mode 120000 index 0000000..7c89321 --- /dev/null +++ b/rc0.d/K01unifi-video @@ -0,0 +1 @@ +../init.d/unifi-video \ No newline at end of file diff --git a/rc1.d/K01unifi-video b/rc1.d/K01unifi-video new file mode 120000 index 0000000..7c89321 --- /dev/null +++ b/rc1.d/K01unifi-video @@ -0,0 +1 @@ +../init.d/unifi-video \ No newline at end of file diff --git a/rc2.d/S02unifi-video b/rc2.d/S02unifi-video new file mode 120000 index 0000000..7c89321 --- /dev/null +++ b/rc2.d/S02unifi-video @@ -0,0 +1 @@ +../init.d/unifi-video \ No newline at end of file diff --git a/rc3.d/S02unifi-video b/rc3.d/S02unifi-video new file mode 120000 index 0000000..7c89321 --- /dev/null +++ b/rc3.d/S02unifi-video @@ -0,0 +1 @@ +../init.d/unifi-video \ No newline at end of file diff --git a/rc4.d/S02unifi-video b/rc4.d/S02unifi-video new file mode 120000 index 0000000..7c89321 --- /dev/null +++ b/rc4.d/S02unifi-video @@ -0,0 +1 @@ +../init.d/unifi-video \ No newline at end of file diff --git a/rc5.d/S02unifi-video b/rc5.d/S02unifi-video new file mode 120000 index 0000000..7c89321 --- /dev/null +++ b/rc5.d/S02unifi-video @@ -0,0 +1 @@ +../init.d/unifi-video \ No newline at end of file diff --git a/rc6.d/K01unifi-video b/rc6.d/K01unifi-video new file mode 120000 index 0000000..7c89321 --- /dev/null +++ b/rc6.d/K01unifi-video @@ -0,0 +1 @@ +../init.d/unifi-video \ No newline at end of file diff --git a/security/limits.conf b/security/limits.conf index 1aec652..eb5ba47 100644 --- a/security/limits.conf +++ b/security/limits.conf @@ -53,4 +53,6 @@ #ftp - chroot /ftp #@student - maxlogins 4 +* hard nofile 65534 +* soft nofile 65534 # End of file diff --git a/security/limits.confe b/security/limits.confe new file mode 100644 index 0000000..f63454d --- /dev/null +++ b/security/limits.confe @@ -0,0 +1,57 @@ +# /etc/security/limits.conf +# +#Each line describes a limit for a user in the form: +# +# +# +#Where: +# can be: +# - a user name +# - a group name, with @group syntax +# - the wildcard *, for default entry +# - the wildcard %, can be also used with %group syntax, +# for maxlogin limit +# - NOTE: group and wildcard limits are not applied to root. +# To apply a limit to the root user, must be +# the literal username root. +# +# can have the two values: +# - "soft" for enforcing the soft limits +# - "hard" for enforcing hard limits +# +# can be one of the following: +# - core - limits the core file size (KB) +# - data - max data size (KB) +# - fsize - maximum filesize (KB) +# - memlock - max locked-in-memory address space (KB) +# - nofile - max number of open file descriptors +# - rss - max resident set size (KB) +# - stack - max stack size (KB) +# - cpu - max CPU time (MIN) +# - nproc - max number of processes +# - as - address space limit (KB) +# - maxlogins - max number of logins for this user +# - maxsyslogins - max number of logins on the system +# - priority - the priority to run user process with +# - locks - max number of file locks the user can hold +# - sigpending - max number of pending signals +# - msgqueue - max memory used by POSIX message queues (bytes) +# - nice - max nice priority allowed to raise to values: [-20, 19] +# - rtprio - max realtime priority +# - chroot - change root to directory (Debian-specific) +# +# +# + +#* soft core 0 +#root hard core 100000 +#* hard rss 10000 +#@student hard nproc 20 +#@faculty soft nproc 20 +#@faculty hard nproc 50 +#ftp hard nproc 0 +#ftp - chroot /ftp +#@student - maxlogins 4 + +* hard nofile 65534 +# End of file diff --git a/shadow b/shadow index 8d4aa9c..10a242e 100644 --- a/shadow +++ b/shadow @@ -54,3 +54,4 @@ mysql:!:18060:0:99999:7::: gdm:*:18107:0:99999:7::: gnome-initial-setup:*:18107:0:99999:7::: systemd-coredump:!!:18107:::::: +unifi-video:*:18158:0:99999:7::: diff --git a/shadow- b/shadow- index ca48004..10a242e 100644 --- a/shadow- +++ b/shadow- @@ -43,7 +43,7 @@ postfix:*:17326:0:99999:7::: davfs2:*:17416:0:99999:7::: mongodb:*:17457:0:99999:7::: trezord:!:17738:::::: -susi:$6$Fcb59jpZ$88N57qIZj1cwxBeklmMoGkFkCmnSpNxC.eWkAVzDAtmgdCiEDdWDXz4XvOdl.VThcynXtWeonUNCKUvLfku2J0:17751:0:99999:7::: +susi:$6$.IwGferMLJcbHcWe$MQbS1FTQt2G/o/Vmv.mA.HAJJT1nyo2ufeCLfeTeOz0K3VUhBZrszhnthqqPjxSc2ko4CUpWjwzPLUvNkEjgl/:18135:0:99999:7::: bitcoin:*:17765:0:99999:7::: cups-pk-helper:*:17767:0:99999:7::: ntp:*:17771:0:99999:7::: @@ -53,3 +53,5 @@ nm-openvpn:*:18022:0:99999:7::: mysql:!:18060:0:99999:7::: gdm:*:18107:0:99999:7::: gnome-initial-setup:*:18107:0:99999:7::: +systemd-coredump:!!:18107:::::: +unifi-video:*:18158:0:99999:7::: diff --git a/sudoers.d/unifi-video b/sudoers.d/unifi-video new file mode 100644 index 0000000..0d29ab1 --- /dev/null +++ b/sudoers.d/unifi-video @@ -0,0 +1 @@ +unifi-video ALL=SETENV: NOPASSWD:/usr/bin/dpkg, /usr/bin/apt-get, /bin/rm, /usr/bin/tee