Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1230

Timestamp:

01/17/12 22:10:47 (4 months ago)

Author:

tschmitt

Message:

linuxmuster-setup:
- Weiteren Rembo-Code entfernt.
- Postgresqls pg_hba.conf gefixt.
- Netzwerkkartenmangement überarbeitet.

Location:

main/linuxmuster-base/branches/testing

Files:

: 1 added
: 4 deleted
: 12 edited

debian/changelog (modified) (1 diff)
debian/postinst (modified) (1 diff)
debian/templates (modified) (1 diff)
etc/init.d/linuxmuster-nic-setup (deleted)
share/scripts/helperfunctions.sh (modified) (2 diffs)
share/scripts/linuxmuster-config (modified) (1 diff)
share/scripts/linuxmuster-patch (modified) (4 diffs, 1 prop)
share/scripts/nic_setup.sh (modified) (3 diffs, 1 prop)
var/config-dynamic/00_stop-services/prepatch (modified) (1 diff)
var/config-dynamic/01_network/interfaces (added)
var/config-dynamic/01_network/interfaces.dedicated (deleted)
var/config-dynamic/01_network/interfaces.integrated (deleted)
var/config-dynamic/01_network/postpatch (modified) (1 diff)
var/config-dynamic/01_network/prepatch (modified) (4 diffs)
var/config-dynamic/03_dhcp3-server/postpatch (modified) (1 diff)
var/config-static/etc/postgresql/9.1/main/pg_hba.conf (modified) (1 diff)
var/config-static/etc/udev (deleted)

Legend:

: Unmodified
: Added
: Removed

main/linuxmuster-base/branches/testing/debian/changelog

-                      r1227
+                      r1230
+linuxmuster-base (6.0.0-4ubuntu0) lenny; urgency=low
+  * changed to udev based nic management, nic name will now be used as is.
+  * reworked nic-setup scripts and functions in helperfunctions.sh.
+  * removed mac_* package templates, added iface_lan to templates.
+  * linuxmuster-setup: fixed postgresql's pg_hba.conf template.
+ -- Thomas Schmitt <schmitt@lmz-bw.de>  Tue, 17 Jan 2012 22:04:12 +0100
 linuxmuster-base (6.0.0-3ubuntu0) lenny; urgency=low
   * linuxmuster-setup:
     * service stop and start fixes.
-    * fix: move /var/run and /var/lock to /run and substitute old dirs with links to new dirs.
     * /etc/network/interfaces: removed dns entries for intern interface.
+ -- Thomas Schmitt <schmitt@lmz-bw.de>  Tue, 17 Jan 2012 08:53:42 +0100
+    * removed imaging choice, setting imaging per default to "linbo".
+ -- Thomas Schmitt <schmitt@lmz-bw.de>  Tue, 17 Jan 2012 08:59:13 +0100
 linuxmuster-base (6.0.0-2ubuntu0) lenny; urgency=low

main/linuxmuster-base/branches/testing/debian/postinst

r1206	r1230
75	75	# add startup scripts to runlevels
76	76	update-rc.d linuxmuster-base defaults
77		~~update-rc.d linuxmuster-nic-setup start 40 S .~~
78	77
79	78	# create and correct dirs and files

main/linuxmuster-base/branches/testing/debian/templates

-                      r1206
+                      r1230
 Type: select
 Choices: ${nic_choices}
 Description: Zuordnung der Netzwerkkarten
+Description: Zuordnung der Netzwerkkarte
  ${nic_desc}
+Template: linuxmuster-base/ifmenu
+Type: select
+Choices: ${if_choices}
+Description: ${if_desc}
+ Waehlen Sie die zutreffende Zuordnung fuer diese Netzwerkkarte mit den Pfeiltasten aus. Bestaetigen Sie die Auswahl wiederum mit ENTER.
+Template: linuxmuster-base/mac_extern
+Type: string
+Description: extern MAC
+ Keine Eingabe.
+Template: linuxmuster-base/mac_intern
+Type: string
+Description: intern MAC
+ Keine Eingabe.
+Template: linuxmuster-base/mac_wlan
+Type: string
+Description: wlan MAC
+ Keine Eingabe.
+Template: linuxmuster-base/mac_dmz
+Type: string
+Description: dmz MAC
+ Keine Eingabe.
+Template: linuxmuster-base/iface_lan
+Type: string
+Default: eth0
+Description: lan interface
+ Keine Eingabe.

main/linuxmuster-base/branches/testing/share/scripts/helperfunctions.sh

-                      r1073
+                      r1230
 discover_nics() {
+        n=0
+        # fetch all interfaces and their macs from /sys
+        for i in /sys/class/net/bond* /sys/class/net/eth* /sys/class/net/wlan* /sys/class/net/intern /sys/class/net/extern /sys/class/net/dmz; do
+                [ -e $i/address ] || continue
+                address[$n]=`head -1 $i/address` || continue
+                if [ `expr length ${address[$n]}` -ne "17" ]; then
+                        continue
+                else
+                        toupper ${address[$n]}
+                        address[$n]=$RET
+                        id=`ls -1 -d $i/device/driver/0000:* 2> /dev/null`
+                        id=`echo $id | awk '{ print $1 }' -`
+                        id=${id#$i/device/driver/}
+                        id=${id#0000:}
+                        if [ -n "$id" ]; then
+                                tmodel=`lspci | grep $id | awk -F: '{ print $3 $4 }' -`
+                                tmodel=`expr "$tmodel" : '[[:space:]]*\(.*\)[[:space:]]*$'`
+                                tmodel=${tmodel// /_}
+                                model[$n]=${tmodel:0:38}
+                        else
+                                model[$n]="Unrecognized_Ethernet_Controller"
+                        fi
+                fi
+                let n+=1
+        done
+        nr_of_nics=$n
+ n=0
+ # fetch all interfaces and their macs from /sys
+ for i in /sys/class/net/bond* /sys/class/net/eth* /sys/class/net/wlan* /sys/class/net/intern /sys/class/net/extern /sys/class/net/dmz; do
+  [ -e $i/address ] || continue
+  iface[$n]="$(basename $i)"
+  [ -z "${iface[$n]}" ] && continue
+  address[$n]=`head -1 $i/address`
+  [ `expr length ${address[$n]}` -eq 17 ] || continue
+  toupper ${address[$n]}
+  address[$n]=$RET
+  id=`ls -1 -d $i/device/driver/0000:* 2> /dev/null`
+  id=`echo $id | awk '{ print $1 }' -`
+  id=${id#$i/device/driver/}
+  id=${id#0000:}
+  if [ -n "$id" ]; then
+   tmodel=`lspci | grep $id | awk -F: '{ print $3 $4 }' -`
+   tmodel=`expr "$tmodel" : '[[:space:]]*\(.*\)[[:space:]]*$'`
+   tmodel=${tmodel// /_}
+   model[$n]=${tmodel:0:38}
+  else
+   model[$n]="Unrecognized_Ethernet_Controller"
+  fi
+  n=$(( $n + 1 ))
+ done
+ nr_of_nics=$n
 } # discover_nics
 …
 create_nic_choices() {
+        n=0
+        unset NIC_CHOICES
+        while [ $n -lt $nr_of_nics ]; do
+                typ[$n]=""
+                if [ "${address[$n]}" = "$mac_extern" ]; then
+                        typ[$n]=extern
+                elif [ "${address[$n]}" = "$mac_intern" ]; then
+                        typ[$n]=intern
+                elif [ "${address[$n]}" = "$mac_wlan" ]; then
+                        typ[$n]=wlan
+                elif [ "${address[$n]}" = "$mac_dmz" ]; then
+                        typ[$n]=dmz
+                fi
+                if [ -n "${typ[$n]}" ]; then
+                        menu[$n]="${model[$n]} ${address[$n]} ${typ[$n]}"
+                else
+                        menu[$n]="${model[$n]} ${address[$n]}"
+                fi
+                if [ -n "$NIC_CHOICES" ]; then
+                        NIC_CHOICES="${NIC_CHOICES}, ${menu[$n]}"
+                else
+                        NIC_CHOICES="${menu[$n]}"
+                fi
+                let n+=1
+        done
+        NIC_DEFAULT="${menu[0]}"
+        NIC_CHOICES="$NIC_CHOICES, , Fertig, , Abbrechen"
+ n=0
+ unset NIC_CHOICES
+ while [ $n -lt $nr_of_nics ]; do
+  menu[$n]="${iface[$n]} ${model[$n]} ${address[$n]}"
+  if [ -n "$NIC_CHOICES" ]; then
+   NIC_CHOICES="${NIC_CHOICES}, ${menu[$n]}"
+  else
+   NIC_CHOICES="${menu[$n]}"
+  fi
+  let n+=1
+ done
+ NIC_DEFAULT="${menu[0]}"
+ NIC_CHOICES="$NIC_CHOICES, , Abbrechen"
 } # create_nic_choices
-create_if_choices() {
-        n=0
-        IF_CHOICES="extern,intern,wlan,dmz"
-        while [ $n -lt $nr_of_nics ]; do
-                if [[ -n "${typ[$n]}" && "$CURTYP" != "${typ[$n]}" ]]; then
-                        IF_CHOICES=${IF_CHOICES/${typ[$n]}/}
-                        IF_CHOICES=${IF_CHOICES%,}
-                        IF_CHOICES=${IF_CHOICES#,}
-                        IF_CHOICES=${IF_CHOICES//,,/,}
-                fi
-                let n+=1
-        done
-        IF_CHOICES=${IF_CHOICES/extern/extern (ROT)}
-        IF_CHOICES=${IF_CHOICES/intern/intern (GRUEN)}
-        IF_CHOICES=${IF_CHOICES/wlan/wlan (BLAU)}
-        IF_CHOICES=${IF_CHOICES/dmz/dmz (ORANGE)}
-        IF_CHOICES=${IF_CHOICES//,/, }
-        IF_CHOICES="$IF_CHOICES, , keine Zuordnung"
-        IF_DEFAULT=`echo $IF_CHOICES | cut -f1 -d,`
-} # create_if_choices
-delete_mac() {
-        if [ "$CURMAC" = "$mac_extern" ]; then
-                unset mac_extern
-                db_set linuxmuster-base/mac_extern "" || true
-        elif [ "$CURMAC" = "$mac_intern" ]; then
-                unset mac_intern
-                db_set linuxmuster-base/mac_intern "" || true
-        elif [ "$CURMAC" = "$mac_wlan" ]; then
-                unset mac_wlan
-                db_set linuxmuster-base/mac_wlan "" || true
-        elif [ "$CURMAC" = "$mac_dmz" ]; then
-                unset mac_dmz
-                db_set linuxmuster-base/mac_dmz "" || true
-        fi
-} # delete_mac
-save_macs() {
-        db_set linuxmuster-base/mac_extern $mac_extern || true
-        db_set linuxmuster-base/mac_intern $mac_intern || true
-        db_set linuxmuster-base/mac_wlan $mac_wlan || true
-        db_set linuxmuster-base/mac_dmz $mac_dmz || true
-} # write_settings
 assign_nics() {
+        # first fetch all nics and macs from the system
+        nr_of_nics=0
+        discover_nics
+        # no nic no fun
+        if [ $nr_of_nics -lt 1 ]; then
+                echo " Sorry, no NIC found! Aborting!"
+                exit 1
+        fi
+        # at least two nics required for integrated firewall
+        if [[ "$fwconfig" = "integrated" && $nr_of_nics -lt 2 ]]; then
+                echo "Only one NIC found! You need at least 2!"
+                echo "Aborting installation!"
+                exit 1
+        fi
+        # internal interface is needed in both cases
+        db_get linuxmuster-base/mac_intern || true
+        mac_intern=$RET
+        # there is only one internal interface in case of dedicated firewall
+        if [ "$fwconfig" = "dedicated" ]; then
+                db_set linuxmuster-base/mac_extern "" || true
+                mac_extern=""
+                db_set linuxmuster-base/mac_wlan "" || true
+                mac_wlan=""
+                db_set linuxmuster-base/mac_dmz "" || true
+                mac_dmz=""
+                # no questions necessary in this case
+                if [ $nr_of_nics -eq 1 ]; then
+                        mac_intern=${address[0]}
+                        NIC_DESC="Es wurde eine Netzwerkkarte gefunden und dem internen Interface zugeordnet. \
+                                  Waehlen Sie nun mit den Pfeiltasten den Menuepunkt <Fertig> an und starten Sie die \
+                                  Serverkonfiguration mit ENTER."
+                else
+                        NIC_DESC="Welche Netzwerkkarte ist mit dem internen Netz verbunden? \
+                                  Waehlen Sie die entsprechende Karte mit den Pfeiltasten aus \
+                                  Waehlen Sie anschlieÃend mit den Pfeiltasten den Menuepunkt <Fertig> aus und \
+                                  starten Sie die Serverkonfiguration mit ENTER."
+                fi
+        else # all interface types to handle in case of integrated firewall
+                db_get linuxmuster-base/mac_extern || true
+                mac_extern=$RET
+                db_get linuxmuster-base/mac_wlan || true
+                mac_wlan=$RET
+                db_get linuxmuster-base/mac_dmz || true
+                mac_dmz=$RET
+                NIC_DESC="Ordnen Sie die Netzwerkkarten den Interfaces extern, intern und ggf. wlan und dmz zu. \
+                          Es muessen mindestens ein externes und ein internes Interface zugeordnet sein. \
+                          Waehlen Sie mit den Pfeiltasten eine Netzwerkkarte fuer die Zuordnung aus. \
+                          Bestaetigen Sie die Auswahl mit ENTER um ins naechste Menue zu gelangen. \
+                          Beenden Sie die Zuordnung mit ueber den Menuepunkt <Fertig>."
+        fi
+        db_subst linuxmuster-base/nicmenu nic_desc $NIC_DESC
+        while true; do
+                create_nic_choices
+                db_fset linuxmuster-base/nicmenu seen false
+                db_subst linuxmuster-base/nicmenu nic_choices $NIC_CHOICES
+                unset choice
+                while [ -z "$choice" ]; do
+                        db_set linuxmuster-base/nicmenu $NIC_DEFAULT || true
+                        db_input $PRIORITY linuxmuster-base/nicmenu || true
+                        db_go
+                        db_get linuxmuster-base/nicmenu || true
+                        choice="$RET"
+                done
+                [ "$choice" = "Abbrechen" ] && exit 1
+                if [ "$choice" = "Fertig" ]; then
+                        [[ "$fwconfig" = "dedicated" &&  -n "$mac_intern" ]] && break
+                        [[ -n "$mac_extern" && -n "$mac_intern" ]] && break
+                        continue
+                fi
+                CURMAC=`echo "$choice" | cut -f2 -d" "`
+                CURTYP=`echo "$choice" | cut -f3 -d" "`
+                if [ "$fwconfig" = "integrated" ]; then
+                        create_if_choices
+                        db_fset linuxmuster-base/ifmenu seen false
+                        db_subst linuxmuster-base/ifmenu if_choices $IF_CHOICES
+                        db_subst linuxmuster-base/ifmenu if_desc $choice
+                        unset iftype
+                        while [ -z "$iftype" ]; do
+                                db_set linuxmuster-base/ifmenu $IF_DEFAULT || true
+                                db_input $PRIORITY linuxmuster-base/ifmenu || true
+                                db_go
+                                db_get linuxmuster-base/ifmenu || true
+                                iftype=`echo "$RET" | cut -f1 -d" "`
+                        done
+                else
+                        iftype=intern
+                fi
+                delete_mac
+                case $iftype in
+                        extern)
+                                mac_extern=$CURMAC
+                                ;;
+                        intern)
+                                mac_intern=$CURMAC
+                                ;;
+                        wlan)
+                                mac_wlan=$CURMAC
+                                ;;
+                        dmz)
+                                mac_dmz=$CURMAC
+                                ;;
+                        *)
+                                ;;
+                esac
+        done
+        # unset not assigned interfaces
+        OIFS=$IFS
+        IFS=,
+        ifaces=`for i in $NIC_CHOICES; do echo $i | awk '{ print $3 }'; done`
+        IFS=$OIFS
+        stringinstring extern "$ifaces" || mac_extern=""
+        stringinstring wlan "$ifaces" || mac_wlan=""
+        stringinstring dmz "$ifaces" || mac_dmz=""
+        save_macs
+ # first fetch all nics and macs from the system
+ nr_of_nics=0
+ discover_nics
+ # no nic no fun
+ if [ $nr_of_nics -lt 1 ]; then
+  echo " Sorry, no NIC found! Aborting!"
+  exit 1
+ fi
+ # substitute nicmenu descritpion
+ NIC_DESC="Welche Netzwerkkarte ist mit dem internen Netz verbunden? \
+           Waehlen Sie die entsprechende Karte mit den Pfeiltasten aus \
+           und starten Sie dann die Serverkonfiguration mit ENTER."
+ db_subst linuxmuster-base/nicmenu nic_desc $NIC_DESC
+ # compute menu entries
+ create_nic_choices
+ # build menu
+ db_fset linuxmuster-base/nicmenu seen false
+ db_subst linuxmuster-base/nicmenu nic_choices $NIC_CHOICES
+ # menu input
+ db_set linuxmuster-base/nicmenu $NIC_DEFAULT || true
+ db_input $PRIORITY linuxmuster-base/nicmenu || true
+ db_go
+ db_get linuxmuster-base/nicmenu || true
+ iface_lan="$(echo "$RET" | awk '{ print $1 }')"
+ [ "$iface_lan" = "Abbrechen" ] && exit 1
+ db_set linuxmuster-base/iface_lan $iface_lan || true
+ db_go
+ # write iface to network.settings
+ if grep -q ^iface_lan $NETWORKSETTINGS; then
+  sed -e "s|^iface_lan=.*|iface_lan=$iface_lan|" -i $NETWORKSETTINGS
+ else
+  echo "iface_lan=$iface_lan" >> $NETWORKSETTINGS
+ fi
 } # assign_nics

main/linuxmuster-base/branches/testing/share/scripts/linuxmuster-config

-                      r1210
+                      r1230
-# check whether rembo is available
-rembo=`aptitude search myshn`
-[ "$1" = "--first" ] && rembo=""
 # imaging system
 imaging="linbo"
+if [ -n "$rembo" ]; then
+        IMG_CHOICES="linbo, rembo"
+        IMG_DESC="LINBO [linbo] und Rembo/mySHN (tm) [rembo]."
+fi
+if [ -n "$IMG_CHOICES" ]; then
+        db_fset linuxmuster-base/imaging seen false
+        db_subst linuxmuster-base/imaging img_choices $IMG_CHOICES
+        db_subst linuxmuster-base/imaging img_desc $IMG_DESC
+        db_input $PRIORITY linuxmuster-base/imaging || true
+        db_go
+        db_get linuxmuster-base/imaging || true
+        imaging=$RET
+else
+        db_set linuxmuster-base/imaging "$imaging" || true
+fi
+db_set linuxmuster-base/imaging "$imaging" || true

main/linuxmuster-base/branches/testing/share/scripts/linuxmuster-patch

Property svn:keywords changed from Id to Id Revision

-                      r1207
+                      r1230
 # config script for Linux-Musterloesung
+#
 # Thomas Schmitt <schmitt@lmz-bw.de>
+# $Id$
 # GPL-2
 …
          internmask internmask_short internsubrange fwconfig externtype externip externmask \
          gatewayip dnsforwarders smtprelay sambasid adminpw pgmadminpw wwwadminpw \
          ipcoppw workgroup mac_extern mac_intern mac_wlan mac_dmz imaging; do
+         ipcoppw workgroup iface_lan imaging; do
   RET=`echo get linuxmuster-base/$i | debconf-communicate`
   RET=${RET#[0-9] }
 …
 echo "basedn=\"$basedn\"" >> $NETWORKSETTINGS
 echo "smtprelay=\"$smtprelay\"" >> $NETWORKSETTINGS
+echo "mac_extern=$mac_extern" >> $NETWORKSETTINGS
+echo "mac_intern=$mac_intern" >> $NETWORKSETTINGS
+echo "mac_wlan=$mac_wlan" >> $NETWORKSETTINGS
+echo "mac_dmz=$mac_dmz" >> $NETWORKSETTINGS
+echo "iface_lan=$iface_lan" >> $NETWORKSETTINGS
 echo "imaging=$imaging" >> $NETWORKSETTINGS
 chmod 755 $NETWORKSETTINGS
-# define intern device
-if [ "$fwconfig" = "integrated" ]; then
-  intern=br_intern
-  # activate password patch for integrated ipcop
-  ipcopintpw=$ipcoppw
-else
-  intern=intern
-fi
 # compute server's amount of ram
 …
               s/@@cyradmpw@@/${cyradmpw}/g
               s/@@ipcoppw@@/${ipcopintpw}/g
-              s/@@adminmac@@/${mac_intern}/g
               s/@@sambasid@@/${sambasid}/g
               s/@@pgmadmin@@/${PGMADMIN}/g

main/linuxmuster-base/branches/testing/share/scripts/nic_setup.sh

Property svn:keywords changed from Id to Id Revision

-                      r666
+                      r1230
+#!/bin/sh
+#!/bin/bash
+# assign specific nic to lan
+# $Id$
 # Source debconf library.
 …
 db_title "$(getdistname) $DISTFULLVERSION"
-# read fwconfig from debconf
-db_get linuxmuster-base/fwconfig || true
-fwconfig=$RET
-if [ -z "$fwconfig" ]; then
-        echo "Cannot determine firewall type. Aborting!"
-        exit 1
-fi
-# assign nics with extern, intern, wlan, dmz interfaces
 assign_nics
 …
 db_stop
-# write macs to network.settings
-grep -v ^mac_ $NETWORKSETTINGS > $NETWORKSETTINGS.tmp
-mv $NETWORKSETTINGS.tmp $NETWORKSETTINGS
-echo "mac_extern=$mac_extern" >> $NETWORKSETTINGS
-echo "mac_intern=$mac_intern" >> $NETWORKSETTINGS
-echo "mac_wlan=$mac_wlan" >> $NETWORKSETTINGS
-echo "mac_dmz=$mac_dmz" >> $NETWORKSETTINGS
-chmod 755 $NETWORKSETTINGS

main/linuxmuster-base/branches/testing/var/config-dynamic/00_stop-services/prepatch

-                      r1227
+                      r1230
 done
-# fix run directory
-if [ ! -d /run/lock ]; then
- echo "fix run directory"
- ls -l /var/run >> $logfile
- ls -l /var/lock >> $logfile
- mkdir -p /run/lock
- rm -rf /var/run
- rm -rf /var/lock
- ln -s /run /var/run
- ln -s /run/lock /var/lock
-fi

main/linuxmuster-base/branches/testing/var/config-dynamic/01_network/postpatch

-                      r1223
+                      r1230
 echo "### 01_network postpatch"
-# delete interfaces template after patching
-[ -e interfaces ] && rm interfaces
 # start networking
-/etc/init.d/linuxmuster-nic-setup assign
 start networking
-ifconfig intern up
-route add default gw $ipcopip
 # set host and domain name

main/linuxmuster-base/branches/testing/var/config-dynamic/01_network/prepatch

-                      r1223
+                      r1230
 # stop networking at all
+/etc/rcS.d/S40networking stop 1>> $LOGDIR/setup.log 2>> $LOGDIR/setup.log
+# kill network devices if they are not down already
+# first shutdown the interfaces
+for i in `ifconfig -a | grep -i ethernet | sort -r | awk '{ print $1 }' -`; do
+        ifconfig $i down 1>> $LOGDIR/setup.log 2>> $LOGDIR/setup.log
+done
+# then delete the bridges
+for i in `brctl show | grep ^br | grep -v ^bridge | awk '{ print $1 }' -`; do
+        brctl delbr $i 1>> $LOGDIR/setup.log 2>> $LOGDIR/setup.log
+done
+# wait for the devices to come down
+sleep 3
+# we don't need this
+[ -e /etc/network/if-pre-up.d/uml-utilities ] && chmod 644 /etc/network/if-pre-up.d/uml-utilities
+stop networking
 # write servername to /etc/hostname
 …
 # patch linuxmuster-base defaults
 backup_file /etc/default/linuxmuster-base
 sed -e "s/^IFACE=.*/IFACE=$intern/" -i /etc/default/linuxmuster-base
+sed -e "s/^IFACE=.*/IFACE=$iface_lan/" -i /etc/default/linuxmuster-base
 if [[ "$1" = "--first" || "$update_fw" = "yes" ]]; then
 …
         # start internal firewall on boot
         [ "$1" = "--first" ] && sed -e "s/^START_LINUXMUSTER=.*/START_LINUXMUSTER=yes/" -i /etc/default/linuxmuster-base
-        # copy interfaces template according to fwconfig
-        cp -f interfaces.$fwconfig interfaces
 else
 …
                 s/broadcast ${broadcast_old}.*/broadcast $broadcast/g
                 s/gateway ${ipcopip_old}.*/gateway $ipcopip/g
-                s/dns-nameservers ${serverip_old}.*/dns-nameservers $serverip/g
-                s/dns-search ${domainname_old}.*/dns-search $domainname/g" -i /etc/network/interfaces
         # prevent /etc/hosts from being patched

main/linuxmuster-base/branches/testing/var/config-dynamic/03_dhcp3-server/postpatch

r1223	r1230
5	5	# patch internal interface
6	6	[ "$1" = "--modfify" ] && backup_file /etc/isc-dhcp-server
7		sed -e "s/^INTERFACES=.*/INTERFACES=\"$i~~nter~~n\"/" -i /etc/default/isc-dhcp-server
	7	sed -e "s/^INTERFACES=.*/INTERFACES=\"$iface_lan\"/" -i /etc/default/isc-dhcp-server
8	8
9	9	# simply start the service

main/linuxmuster-base/branches/testing/var/config-static/etc/postgresql/9.1/main/pg_hba.conf

-                      r1212
+                      r1230
+# installed by linuxmuster-setup
+# 17.10.2008
+# $Id$
+#
 # PostgreSQL Client Authentication Configuration File
 # ===================================================
+#
 # Refer to the PostgreSQL Administrator's Guide, chapter "Client
 # Authentication" for a complete description.  A short synopsis
 # follows.
+# Refer to the "Client Authentication" section in the PostgreSQL
+# documentation for a complete description of this file.  A short
+# synopsis follows.
+#
 # This file controls: which hosts are allowed to connect, how clients
 # are authenticated, which PostgreSQL user names they can use, which
 # databases they can access.  Records take one of seven forms:
+# databases they can access.  Records take one of these forms:
+#
+# local      DATABASE  USER  METHOD  [OPTION]
+# host       DATABASE  USER  IP-ADDRESS  IP-MASK   METHOD  [OPTION]
+# hostssl    DATABASE  USER  IP-ADDRESS  IP-MASK   METHOD  [OPTION]
+# hostnossl  DATABASE  USER  IP-ADDRESS  IP-MASK   METHOD  [OPTION]
+# host       DATABASE  USER  IP-ADDRESS/CIDR-MASK  METHOD  [OPTION]
+# hostssl    DATABASE  USER  IP-ADDRESS/CIDR-MASK  METHOD  [OPTION]
+# hostnossl  DATABASE  USER  IP-ADDRESS/CIDR-MASK  METHOD  [OPTION]
+# local      DATABASE  USER  METHOD  [OPTIONS]
+# host       DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+# hostssl    DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+# hostnossl  DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+#
+# (The uppercase quantities should be replaced by actual values.)
+# The first field is the connection type: "local" is a Unix-domain socket,
+# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
+# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
+# DATABASE can be "all", "sameuser", "samegroup", a database name (or
+# a comma-separated list thereof), or a file name prefixed with "@".
+# USER can be "all", an actual user name or a group name prefixed with
+# "+", an include file prefixed with "@" or a list containing either.
+# IP-ADDRESS and IP-MASK specify the set of hosts the record matches.
+# CIDR-MASK is an integer between 0 and 32 (IPv6) or 128(IPv6)
+# inclusive, that specifies the number of significant bits in the
+# mask, so an IPv4 CIDR-MASK of 8 is equivalent to an IP-MASK of
+# 255.0.0.0, and an IPv6 CIDR-MASK of 64 is equivalent to an IP-MASK
+# of ffff:ffff:ffff:ffff::. METHOD can be "trust", "reject", "md5",
+# "crypt", "password", "krb5", "ident", or "pam".  Note that
+# "password" uses clear-text passwords; "md5" is preferred for
+# encrypted passwords.  OPTION is the ident map or the name of the PAM
+# service.
+# (The uppercase items must be replaced by actual values.)
+#
+# INCLUDE FILES:
+# If you use include files for users and/or databases (see PostgreSQL
+# documentation, section 19.1), these files must be placed in the
+# database directory. Usually this is /var/lib/postgres/data/, but
+# that can be changed in /etc/postgresql/postmaster.conf with the
+# POSTGRES_DATA variable. Putting them in /etc/postgresql/ will NOT
+# work since the configuration files are only symlinked from
+# POSTGRES_DATA.
+# The first field is the connection type: "local" is a Unix-domain
+# socket, "host" is either a plain or SSL-encrypted TCP/IP socket,
+# "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a
+# plain TCP/IP socket.
+#
+# DATABASE can be "all", "sameuser", "samerole", "replication", a
+# database name, or a comma-separated list thereof. The "all"
+# keyword does not match "replication". Access to replication
+# must be enabled in a separate record (see example below).
+#
+# USER can be "all", a user name, a group name prefixed with "+", or a
+# comma-separated list thereof.  In both the DATABASE and USER fields
+# you can also write a file name prefixed with "@" to include names
+# from a separate file.
+#
+# ADDRESS specifies the set of hosts the record matches.  It can be a
+# host name, or it is made up of an IP address and a CIDR mask that is
+# an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that
+# specifies the number of significant bits in the mask.  A host name
+# that starts with a dot (.) matches a suffix of the actual host name.
+# Alternatively, you can write an IP address and netmask in separate
+# columns to specify the set of hosts.  Instead of a CIDR-address, you
+# can write "samehost" to match any of the server's own IP addresses,
+# or "samenet" to match any address in any subnet that the server is
+# directly connected to.
+#
+# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
+# "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert".  Note that
+# "password" sends passwords in clear text; "md5" is preferred since
+# it sends encrypted passwords.
+#
+# OPTIONS are a set of options for the authentication in the format
+# NAME=VALUE.  The available options depend on the different
+# authentication methods -- refer to the "Client Authentication"
+# section in the documentation for a list of which options are
+# available for which authentication methods.
+#
+# Database and user names containing spaces, commas, quotes and other
+# special characters must be quoted.  Quoting one of the keywords
+# "all", "sameuser", "samerole" or "replication" makes the name lose
+# its special character, and just match a database or username with
+# that name.
+#
 # This file is read on server startup and when the postmaster receives
 # a SIGHUP signal.  If you edit the file on a running system, you have
+# to SIGHUP the postmaster for the changes to take effect, or use
+# "pg_ctl reload".
+#
+# Upstream default configuration
+#
+# The following configuration is the upstream default, which allows
+# unrestricted access to amy database by any user on the local machine.
+#
+# TYPE  DATABASE    USER        IP-ADDRESS        IP-MASK           METHOD
+#
+#local   all         all                                             trust
+# IPv4-style local connections:
+#host    all         all         127.0.0.1         255.255.255.255   trust
+# IPv6-style local connections:
+#
+# to SIGHUP the postmaster for the changes to take effect.  You can
+# use "pg_ctl reload" to do that.
 # Put your actual configuration here
 # ----------------------------------
+#
+# This default configuration allows any local user to connect as himself
+# without a password, either through a Unix socket or through TCP/IP; users
+# on other machines are denied access.
+# If you want to allow non-local connections, you need to add more
+# "host" records.  In that case you will also need to make PostgreSQL
+# listen on a non-local interface via the listen_addresses
+# configuration parameter, or via the -i or -h command line switches.
+# DO NOT DISABLE!
+# If you change this first entry you will need to make sure that the
+# database superuser can access the database using some other method.
+# Noninteractive access to all databases is required during automatic
+# maintenance (custom daily cronjobs, replication, and similar tasks).
+#
-# If you want to allow non-local connections, you need to add more
-# "host" records before the final line that rejects all TCP/IP connections.
-# Also, remember TCP/IP connections are only enabled if you enable
-# "tcpip_socket" in /etc/postgresql/postgresql.conf.
+#
-# DO NOT DISABLE!
-# If you change this first entry you will need to make sure the postgres user
-# can access the database using some other method.  The postgres user needs
-# non-interactive access to all databases during automatic maintenance
-# (see the vacuum command and the /usr/lib/postgresql/bin/do.maintenance
-# script).
+#
-# TYPE  DATABASE    USER        IP-ADDRESS        IP-MASK           METHOD
-# Database administrative login by UNIX sockets
-local   all        postgres         ident
-local   all        ldap             ident
-local   all        postgres         ident
+#
-# All other connections by UNIX sockets
-local   template1        ldap         password
-local   ldap             ldap         password
-local   template1        moodle       password
-local   moodle           moodle       password
+#
-# All IPv4 connections from localhost
-host   template1        ldap         127.0.0.1      255.255.255.255      password
-host   template1        moodle       127.0.0.1      255.255.255.255      password
-host   ldap             ldap         127.0.0.1      255.255.255.255      password
-host   moodle           moodle       127.0.0.1      255.255.255.255      password
+#
-# All IPv6 localhost connections
-host    all         all         ::1               ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        ident
-host    all         all         ::ffff:127.0.0.1/128                ident
+#
-# reject all other connection attempts
-host    all         all         0.0.0.0           0.0.0.0           reject
+# paedml
+local   ldap            postgres        ident                   map=postgres
+local   template1       postgres        ident                   map=postgres
+# Database administrative login by Unix domain socket
+local   all             postgres                                peer
+# TYPE  DATABASE        USER            ADDRESS                 METHOD
+# paedml
+local   ldap            ldap            ident                   map=ldap
+# "local" is for Unix domain socket connections only
+local   all             all                                     peer
+# IPv4 local connections:
+host    all             all             127.0.0.1/32            md5
+# IPv6 local connections:
+#host    all             all             ::1/128                 md5
+# Allow replication connections from localhost, by a user with the
+# replication privilege.
+#local   replication     postgres                                peer
+#host    replication     postgres        127.0.0.1/32            md5
+#host    replication     postgres        ::1/128                 md5

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: