From f7e6795e440da4d30568e6eb1427d7b2ed4137da Mon Sep 17 00:00:00 2001 From: Kevin Mihelich Date: Sun, 10 Dec 2017 14:03:56 +0000 Subject: [PATCH] core/filesystem to 2017.10-2 --- core/filesystem/PKGBUILD | 226 ++++++++++++----------------- core/filesystem/archlinux.7.txt | 90 ------------ core/filesystem/crypttab | 11 +- core/filesystem/env-generator | 3 + core/filesystem/filesystem.install | 65 --------- core/filesystem/fstab | 8 +- core/filesystem/group | 39 ----- core/filesystem/gshadow | 39 ----- core/filesystem/host.conf | 8 +- core/filesystem/hosts | 11 +- core/filesystem/ld.so.conf | 7 +- core/filesystem/nsswitch.conf | 11 +- core/filesystem/passwd | 13 +- core/filesystem/profile | 19 ++- core/filesystem/resolv.conf | 10 +- core/filesystem/securetty | 7 +- core/filesystem/shadow | 11 -- core/filesystem/shells | 7 +- core/filesystem/sysusers | 28 ++++ core/filesystem/tmpfiles | 17 +++ 20 files changed, 184 insertions(+), 446 deletions(-) delete mode 100644 core/filesystem/archlinux.7.txt create mode 100755 core/filesystem/env-generator delete mode 100644 core/filesystem/filesystem.install create mode 100644 core/filesystem/sysusers create mode 100644 core/filesystem/tmpfiles diff --git a/core/filesystem/PKGBUILD b/core/filesystem/PKGBUILD index 6bf518c91..030885d89 100644 --- a/core/filesystem/PKGBUILD +++ b/core/filesystem/PKGBUILD @@ -6,157 +6,121 @@ # - modifed os-release pkgname=filesystem -pkgver=2017.03 +pkgver=2017.10 pkgrel=2 pkgdesc='Base Arch Linux files' arch=('i686' 'x86_64') license=('GPL') url='https://www.archlinux.org' groups=('base') -install='filesystem.install' -makedepends=('asciidoc') depends=('iana-etc') -backup=('etc/fstab' 'etc/crypttab' 'etc/group' 'etc/hosts' 'etc/ld.so.conf' 'etc/passwd' - 'etc/shadow' 'etc/gshadow' 'etc/resolv.conf' 'etc/motd' 'etc/nsswitch.conf' - 'etc/shells' 'etc/host.conf' 'etc/securetty' 'etc/profile' 'etc/issue') -source=('group' 'issue' 'nsswitch.conf' 'securetty' 'host.conf' 'ld.so.conf' - 'passwd' 'shadow' 'fstab' 'crypttab' 'hosts' 'motd' 'os-release' 'resolv.conf' - 'shells' 'gshadow' 'profile' 'archlinux.7.txt' 'locale.sh') -md5sums=('76c80215d8dd395d3be4b8a711d585b6' +backup=('etc/crypttab' 'etc/fstab' 'etc/group' 'etc/gshadow' 'etc/host.conf' + 'etc/hosts' 'etc/issue' 'etc/ld.so.conf' 'etc/motd' 'etc/nsswitch.conf' + 'etc/passwd' 'etc/profile' 'etc/resolv.conf' 'etc/securetty' + 'etc/shadow' 'etc/shells') +source=('crypttab' 'env-generator' 'fstab' 'group' 'gshadow' 'host.conf' 'hosts' + 'issue' 'ld.so.conf' 'locale.sh' 'motd' 'nsswitch.conf' 'os-release' + 'passwd' 'profile' 'resolv.conf' 'securetty' 'shadow' 'shells' + 'sysusers' 'tmpfiles') +md5sums=('5fa6674df7645d7f5895f2d12b4ef4e9' + '2b0344e9639f35f3c0d5637a23556089' + 'e33f6dfdd61978fcb3ddf1431286e05a' + '7fed1e1fb855e41a6d64d41f8521d69a' + '1c1e3b08acfa286f4b417c49de3e4366' + '7d119a9cce152aa182fb3392ddeecea7' + 'a1315ea3e2b64d197b6efaf9c14ff778' '7813c481156f6b280a3ba91fc6236368' - '7b21f0f97f048988908bf93778bba65f' - '4c4540eeb748bf1f71d631b8c1dcf0b3' - 'f28150d4c0b22a017be51b9f7f9977ed' - '6e488ffecc8ba142c0cf7e2d7aeb832e' - 'cb1a751b05541d8eebaace316de0e809' - 'c0c27476ee248355bf308c8502a8c860' - '693c97f2c9a519bb97a17008e92c2b74' - 'f0a5071f50d8864d2810c44e23eb00cc' - '7bc65f234dfb6abf24e7c3b03e86f4ff' + '5deb9f890a4d08a245e9752ede77271e' + '71ed98c52e11ada1f936ac8cb14eecd9' 'd41d8cd98f00b204e9800998ecf8427e' + '44851ecc062ba34a4c024b6f3246c48f' '52db9503314f639b8f47bd9a251a6ea9' - '6f48288b6fcaf0065fcb7b0e525413e0' - '22518e922891f9359f971f4f5b4e793c' - 'c08581d4f982be8806d3afa912a65203' - 'cfa3345c485c59e681ab39a44dc7ece1' - '2e193c4a37245f2323ebe87f1a673563' - '71ed98c52e11ada1f936ac8cb14eecd9') - -lint() { - # ensure that passwd is sync'd to shadow and group is sync'd to gshadow. - local r=0 - - local passwd shadow group gshadow - - for f in passwd shadow group gshadow; do - mapfile -t "$f" < <(cut -d: -f1 "$f" | sort) - done - - # we can cheat and do simple string comparison only because we can make some - # assumptions about the data in these files - if [[ ${passwd[*]} != "${shadow[*]}" ]]; then - error 'passwd is not in sync with shadow!' - r=1 - fi - - if [[ ${group[*]} != "${gshadow[*]}" ]]; then - error 'group is not in sync with gshadow!' - r=1 - fi - - return $r -} - -build() { - cd "$srcdir" - - lint - - a2x -d manpage -f manpage archlinux.7.txt -} + '5182ac38a0de85da8ade93ef71975ca4' + '13feaea89d404729ad2f7cf0bcc41d85' + '0ee015fad07732676d9488ae498eed41' + 'f04bcb2803afc4dcb95670fe87343b4d' + 'f64466dd77c7bec37a8b47681468211a' + 'a78cd8d7f8240a8448edee82f503c34e' + 'af7832eabaac9804c22f1f2b53816a49' + '0267a3a463f35eec8a31f40a720dfd86') package() { - cd "$pkgdir" + cd "$pkgdir" - # - # setup root filesystem - # - for d in boot dev etc home mnt usr var opt srv/http run; do - install -d -m755 $d - done - install -d -m555 proc - install -d -m555 sys - install -d -m0750 root - install -d -m1777 tmp - # vsftpd won't run with write perms on /srv/ftp - install -d -m555 -g ftp srv/ftp + # setup root filesystem + for d in boot dev etc home mnt usr var opt srv/http run; do + install -d -m755 $d + done + install -d -m555 proc + install -d -m555 sys + install -d -m0750 root + install -d -m1777 tmp + # vsftpd won't run with write perms on /srv/ftp + # ftp (uid 14/gid 11) + install -d -m555 -g 11 srv/ftp - # setup /etc and /usr/share/factory/etc - install -d etc/{ld.so.conf.d,skel,profile.d} usr/share/factory/etc - for f in fstab group host.conf hosts issue ld.so.conf motd nsswitch.conf passwd resolv.conf securetty shells profile; do - install -m644 "$srcdir"/$f etc/ - install -m644 "$srcdir"/$f usr/share/factory/etc/ - done - ln -s ../proc/self/mounts etc/mtab - for f in gshadow shadow crypttab; do - install -m600 "$srcdir"/$f etc/ - install -m600 "$srcdir"/$f usr/share/factory/etc/ - done - touch etc/arch-release - install -m755 "$srcdir"/locale.sh etc/profile.d/locale.sh - install -Dm644 "$srcdir"/os-release "$pkgdir"/usr/lib/os-release + # setup /etc and /usr/share/factory/etc + install -d etc/{ld.so.conf.d,skel,profile.d} usr/share/factory/etc + for f in fstab group host.conf hosts issue ld.so.conf motd nsswitch.conf \ + passwd resolv.conf securetty shells profile; do + install -m644 "$srcdir"/$f etc/ + install -m644 "$srcdir"/$f usr/share/factory/etc/ + done + ln -s ../proc/self/mounts etc/mtab + for f in gshadow shadow crypttab; do + install -m600 "$srcdir"/$f etc/ + install -m600 "$srcdir"/$f usr/share/factory/etc/ + done + touch etc/arch-release + install -m755 "$srcdir"/locale.sh etc/profile.d/locale.sh + install -Dm644 "$srcdir"/os-release usr/lib/os-release - # setup /var - for d in cache local opt log/old lib/misc empty; do - install -d -m755 var/$d - done - install -d -m1777 var/{tmp,spool/mail} + # setup /var + for d in cache local opt log/old lib/misc empty; do + install -d -m755 var/$d + done + install -d -m1777 var/{tmp,spool/mail} - # allow setgid games to write scores - install -d -m775 -g games var/games - ln -s spool/mail var/mail - ln -s ../run var/run - ln -s ../run/lock var/lock + # allow setgid games (gid 50) to write scores + install -d -m775 -g 50 var/games + ln -s spool/mail var/mail + ln -s ../run var/run + ln -s ../run/lock var/lock - # - # setup /usr hierarchy - # - for d in bin include lib share/misc src; do - install -d -m755 usr/$d - done - for d in $(seq 8); do - install -d -m755 usr/share/man/man$d - done + # setup /usr hierarchy + for d in bin include lib share/misc src; do + install -d -m755 usr/$d + done + for d in {1..8}; do + install -d -m755 usr/share/man/man$d + done - # - # add lib symlinks - # - ln -s usr/lib "$pkgdir"/lib - [[ $CARCH = 'x86_64' ]] && ( - ln -s usr/lib "$pkgdir"/lib64 - ln -s lib "$pkgdir"/usr/lib64 - ) + # add lib symlinks + ln -s usr/lib lib + [[ $CARCH = 'x86_64' ]] && { + ln -s usr/lib lib64 + ln -s lib usr/lib64 + } - # - # add bin symlinks - # - ln -s usr/bin "$pkgdir"/bin - ln -s usr/bin "$pkgdir"/sbin - ln -s bin "$pkgdir"/usr/sbin + # add bin symlinks + ln -s usr/bin bin + ln -s usr/bin sbin + ln -s bin usr/sbin - # - # install archlinux(7) manpage - # - install -D -m644 "$srcdir"/archlinux.7 usr/share/man/man7/archlinux.7 + # setup /usr/local hierarchy + for d in bin etc games include lib man sbin share src; do + install -d -m755 usr/local/$d + done + ln -s ../man usr/local/share/man - # - # setup /usr/local hierarchy - # - for d in bin etc games include lib man sbin share src; do - install -d -m755 usr/local/$d - done - ln -s ../man usr/local/share/man + # setup systemd-sysusers + install -D -m644 "$srcdir"/sysusers usr/lib/sysusers.d/arch.conf - # remove conflict with systemd - rm usr/share/factory/etc/nsswitch.conf + # setup systemd-tmpfiles + install -D -m644 "$srcdir"/tmpfiles usr/lib/tmpfiles.d/arch.conf + + # setup systemd.environment-generator + install -D -m755 "$srcdir"/env-generator usr/lib/systemd/system-environment-generators/10-arch } + +# vim:set ts=2 sw=2 et: diff --git a/core/filesystem/archlinux.7.txt b/core/filesystem/archlinux.7.txt deleted file mode 100644 index b46ab058c..000000000 --- a/core/filesystem/archlinux.7.txt +++ /dev/null @@ -1,90 +0,0 @@ -///// -vim:set ts=4 sw=4 syntax=asciidoc noet: -///// -archlinux(7) -============ - -NAME ----- -archlinux - basic configuration - -SYNOPSIS --------- -Overview of the basic configuration of Arch Linux. - -DESCRIPTION ------------ -Arch Linux exposes the user to the system without hiding any details. -This man page gives a brief overview of the configuration files that should be set up on a fresh install. - -SYSTEM SERVICES[[S]] --------------------- -System services to be started at boot can be enabled using 'systemctl enable '. -To view available services, use 'systemctl list-unit-files'. - -HOSTNAME[[H]] -------------- -The hostname of the machine can be set using 'hostnamectl set-hostname '. -It will then be written to /etc/hostname. - -LOCALIZATION[[L]] ------------------ -Various locales may be enabled in /etc/locale.gen and are generated by 'locale-gen'. -The system-wide locale to be used can be configured in /etc/locale.conf. -These settings can be overridden on a per-user basis by keeping a user-specific locale.conf in $HOME/.config/locale.conf. -The user-specific file will take precedence if it exists. - -VIRTUAL CONSOLE[[V]] --------------------- -The virtual console is configured in /etc/vconsole.conf. -It allows you to set a font and a keyboard layout, among other things. -Note that these settings only apply to the console and do not apply if you use X. - -TIME[[T]] ---------- -The local time zone is configured by calling 'timedatectl set-timezone '. -A relative *symlink* is then created from /etc/localtime to the correct zoneinfo file under /usr/share/zoneinfo/. For example, - - /etc/localtime -> ../usr/share/zoneinfo/Europe/Paris - -The real-time clock, which keeps track of time when the computer is off, can be configured to either -be in UTC or in local time by calling 'timedatectl set-local-rtc '. -The default is UTC. - -FILE SYSTEMS[[F]] ------------------ -File systems are configured in /etc/fstab, and encryption mappings are configured in /etc/crypttab. - -INITRAMFS[[R]] --------------- -The initramfs is generated by 'mkinitcpio -p '. -The default preset is "linux". -The initramfs can be configured in /etc/mkinitcpio.conf and must be regenerated after making configuration changes. - -PACKAGE MANAGER[[P]] --------------------- -The package manager, pacman, is configured in /etc/pacman.conf. - -BOOT LOADER[[B]] ----------------- -GRUB's configuration is generated from /etc/default/grub by 'grub-mkconfig -o /boot/grub/grub.cfg'. -Syslinux is configured in /boot/syslinux/syslinux.cfg. - -MODULES[[M]] ------------- -Most modules should be loaded on-demand. -Modules to be unconditionally loaded at boot can be specified in /etc/modules-load.d/, -and modules to be blacklisted from automatically loading can be configured in /etc/modprobe.d/. - -SEE ALSO --------- - -*systemctl*(1), *hostnamectl*(1), *hostname*(5), *locale.conf*(5), -*vconsole.conf*(5), *timedatectl*(1), *timezone*(3), *hwclock*(8), -*fstab*(5), *crypttab*(5), *mkinitcpio*(8), *pacman*(8), *pacman.conf*(5), -*grub-mkconfig*(8), *syslinux*(1), *modules-load.d*(5), *modprobe.d*(5), -*systemd*(1) - -AUTHORS -------- -Written by Tom Gundersen. diff --git a/core/filesystem/crypttab b/core/filesystem/crypttab index 087d09eee..3dbc8a46c 100644 --- a/core/filesystem/crypttab +++ b/core/filesystem/crypttab @@ -1,11 +1,6 @@ -# crypttab: mappings for encrypted partitions -# -# Each mapped device will be created in /dev/mapper, so your /etc/fstab -# should use the /dev/mapper/ paths for encrypted devices. -# -# The Arch specific syntax has been deprecated, see crypttab(5) for the -# new supported syntax. -# +# Configuration for encrypted block devices. +# See crypttab(5) for details. + # NOTE: Do not list your root (/) partition here, it must be set up # beforehand by the initramfs (/etc/mkinitcpio.conf). diff --git a/core/filesystem/env-generator b/core/filesystem/env-generator new file mode 100755 index 000000000..5f6391407 --- /dev/null +++ b/core/filesystem/env-generator @@ -0,0 +1,3 @@ +#!/bin/sh + +echo 'PATH=/usr/local/sbin:/usr/local/bin:/usr/bin' diff --git a/core/filesystem/filesystem.install b/core/filesystem/filesystem.install deleted file mode 100644 index 478c049e7..000000000 --- a/core/filesystem/filesystem.install +++ /dev/null @@ -1,65 +0,0 @@ -# args: [options] -_addgroup() { - if ! getent group "$1" >/dev/null && groupadd "$@" >/dev/null; then - need_group_update=1 - fi -} - -# args: [options] -_adduser() { - if ! getent passwd "$1" >/dev/null && useradd "$@" >/dev/null; then - need_passwd_update=1 - fi -} - -post_upgrade() { - _addgroup optical -g 93 - _addgroup audio -g 92 - _addgroup video -g 91 - _addgroup floppy -g 94 - _addgroup storage -g 95 - _addgroup log -g 19 - _addgroup utmp -g 20 - _addgroup power -g 98 - _addgroup network -g 90 - _addgroup games -g 50 - _addgroup uucp -g 14 - _addgroup proc -g 26 - _addgroup http -g 33 - _adduser http -u 33 -d /srv/http -g http -s /usr/bin/nologin - _addgroup scanner -g 96 - _addgroup rfkill -g 24 - _addgroup lock -g 54 - _addgroup input -g 97 - _addgroup systemd-journal -g 190 - _addgroup systemd-journal-gateway -g 191 - _adduser systemd-journal-gateway -u 191 -g 191 -d / -s /usr/bin/nologin - _addgroup systemd-timesync -g 192 - _adduser systemd-timesync -u 192 -g 192 -d / -s /usr/bin/nologin - _addgroup systemd-network -g 193 - _adduser systemd-network -u 193 -g 193 -d / -s /usr/bin/nologin - _addgroup systemd-bus-proxy -g 194 - _adduser systemd-bus-proxy -u 194 -g 194 -d / -s /usr/bin/nologin - _addgroup systemd-resolve -g 195 - _adduser systemd-resolve -u 195 -g 195 -d / -s /usr/bin/nologin - - # update shadow files if needed - if (( need_group_update )); then - grpconv >/dev/null - fi - - if (( need_passwd_update )); then - pwconv >/dev/null - fi - - if ! grep -q '^include /etc/ld.so.conf.d/\*.conf$' etc/ld.so.conf; then - echo 'include /etc/ld.so.conf.d/*.conf' >> etc/ld.so.conf - fi - - # set "Last password change" > 0; otherwise su $user wont work - for user in bin daemon mail ftp http nobody; do - if LANG=C chage -l ${user} | grep -q 'password must be changed'; then - chage -d 14871 ${user} - fi - done -} diff --git a/core/filesystem/fstab b/core/filesystem/fstab index b6716c14a..903906d27 100644 --- a/core/filesystem/fstab +++ b/core/filesystem/fstab @@ -1,4 +1,4 @@ -# -# /etc/fstab: static file system information -# -# +# Static information about the filesystems. +# See fstab(5) for details. + +# diff --git a/core/filesystem/group b/core/filesystem/group index 2e6dcef93..18acc30a0 100644 --- a/core/filesystem/group +++ b/core/filesystem/group @@ -1,40 +1 @@ root:x:0:root -bin:x:1:root,bin,daemon -daemon:x:2:root,bin,daemon -sys:x:3:root,bin -adm:x:4:root,daemon -tty:x:5: -disk:x:6:root -lp:x:7:daemon -mem:x:8: -kmem:x:9: -wheel:x:10:root -ftp:x:11: -mail:x:12: -uucp:x:14: -log:x:19:root -utmp:x:20: -locate:x:21: -rfkill:x:24: -smmsp:x:25: -proc:x:26: -http:x:33: -games:x:50: -lock:x:54: -network:x:90: -video:x:91: -audio:x:92: -optical:x:93: -floppy:x:94: -storage:x:95: -scanner:x:96: -input:x:97: -power:x:98: -nobody:x:99: -users:x:100: -systemd-journal:x:190: -systemd-journal-gateway:x:191: -systemd-timesync:x:192: -systemd-network:x:193: -systemd-bus-proxy:x:194: -systemd-resolve:x:195: diff --git a/core/filesystem/gshadow b/core/filesystem/gshadow index ac5396ee0..3d5d11168 100644 --- a/core/filesystem/gshadow +++ b/core/filesystem/gshadow @@ -1,40 +1 @@ root:::root -bin:::root,bin,daemon -daemon:::root,bin,daemon -sys:::root,bin -adm:::root,daemon -tty::: -disk:::root -lp:::daemon -mem::: -kmem::: -wheel:::root -ftp::: -mail::: -uucp::: -log:::root -utmp:x:: -locate::: -rfkill:x:: -smmsp::: -proc::: -http::: -games::: -lock::: -network:x:: -video:x:: -audio::: -optical::: -floppy:x:: -storage:x:: -scanner:x:: -input:x:: -power:x:: -nobody::: -users::: -systemd-journal::: -systemd-journal-gateway::: -systemd-timesync::: -systemd-network::: -systemd-bus-proxy::: -systemd-resolve::: diff --git a/core/filesystem/host.conf b/core/filesystem/host.conf index cf52fe561..f6df15f6b 100644 --- a/core/filesystem/host.conf +++ b/core/filesystem/host.conf @@ -1,8 +1,4 @@ -# -# /etc/host.conf -# +# Resolver configuration file. +# See host.conf(5) for details. -order hosts,bind multi on - -# End of file diff --git a/core/filesystem/hosts b/core/filesystem/hosts index 1747f9196..37a930617 100644 --- a/core/filesystem/hosts +++ b/core/filesystem/hosts @@ -1,9 +1,2 @@ -# -# /etc/hosts: static lookup table for host names -# - -# -127.0.0.1 localhost.localdomain localhost -::1 localhost.localdomain localhost - -# End of file +# Static table lookup for hostnames. +# See hosts(5) for details. diff --git a/core/filesystem/ld.so.conf b/core/filesystem/ld.so.conf index dfac45683..1f620fa67 100644 --- a/core/filesystem/ld.so.conf +++ b/core/filesystem/ld.so.conf @@ -1,7 +1,4 @@ -# -# /etc/ld.so.conf -# +# Dynamic linker/loader configuration. +# See ld.so(8) and ldconfig(8) for details. include /etc/ld.so.conf.d/*.conf - -# End of file diff --git a/core/filesystem/nsswitch.conf b/core/filesystem/nsswitch.conf index aeb95d44c..39f365655 100644 --- a/core/filesystem/nsswitch.conf +++ b/core/filesystem/nsswitch.conf @@ -1,8 +1,9 @@ -# Begin /etc/nsswitch.conf +# Name Service Switch configuration file. +# See nsswitch.conf(5) for details. -passwd: compat mymachines systemd -group: compat mymachines systemd -shadow: compat +passwd: files mymachines systemd +group: files mymachines systemd +shadow: files publickey: files @@ -15,5 +16,3 @@ ethers: files rpc: files netgroup: files - -# End /etc/nsswitch.conf diff --git a/core/filesystem/passwd b/core/filesystem/passwd index c0987cef1..909d89bca 100644 --- a/core/filesystem/passwd +++ b/core/filesystem/passwd @@ -1,12 +1 @@ -root:x:0:0:root:/root:/bin/bash -bin:x:1:1:bin:/bin:/usr/bin/nologin -daemon:x:2:2:daemon:/:/usr/bin/nologin -mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin -ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin -http:x:33:33:http:/srv/http:/usr/bin/nologin -nobody:x:99:99:nobody:/:/usr/bin/nologin -systemd-journal-gateway:x:191:191:systemd-journal-gateway:/:/usr/bin/nologin -systemd-timesync:x:192:192:systemd-timesync:/:/usr/bin/nologin -systemd-network:x:193:193:systemd-network:/:/usr/bin/nologin -systemd-bus-proxy:x:194:194:systemd-bus-proxy:/:/usr/bin/nologin -systemd-resolve:x:195:195:systemd-resolve:/:/usr/bin/nologin +root:x:0:0::/root:/bin/bash diff --git a/core/filesystem/profile b/core/filesystem/profile index 60c1821dd..f92cf3f74 100644 --- a/core/filesystem/profile +++ b/core/filesystem/profile @@ -1,10 +1,23 @@ # /etc/profile -#Set our umask +# Set our umask umask 022 -# Set our default path -PATH="/usr/local/sbin:/usr/local/bin:/usr/bin" +# Append our default paths +appendpath () { + case ":$PATH:" in + *:"$1":*) + ;; + *) + PATH="$PATH:$1" + esac +} + +appendpath '/usr/local/sbin' +appendpath '/usr/local/bin' +appendpath '/usr/bin' +unset appendpath + export PATH # Load profiles from /etc/profile.d diff --git a/core/filesystem/resolv.conf b/core/filesystem/resolv.conf index cecafba03..7a7d4293c 100644 --- a/core/filesystem/resolv.conf +++ b/core/filesystem/resolv.conf @@ -1,8 +1,2 @@ -# -# /etc/resolv.conf -# - -#search -#nameserver - -# End of file +# Resolver configuration file. +# See resolv.conf(5) for details. diff --git a/core/filesystem/securetty b/core/filesystem/securetty index 5a2235ce7..67fb10cff 100644 --- a/core/filesystem/securetty +++ b/core/filesystem/securetty @@ -1,6 +1,5 @@ -# -# /etc/securetty -# +# File which lists terminals from which root can log in. +# See securetty(5) for details. console tty1 @@ -11,5 +10,3 @@ tty5 tty6 ttyS0 hvc0 - -# End of file diff --git a/core/filesystem/shadow b/core/filesystem/shadow index 9c99a6c34..7edfd69be 100644 --- a/core/filesystem/shadow +++ b/core/filesystem/shadow @@ -1,12 +1 @@ root::14871:::::: -bin:x:14871:::::: -daemon:x:14871:::::: -mail:x:14871:::::: -ftp:x:14871:::::: -http:x:14871:::::: -nobody:x:14871:::::: -systemd-journal-gateway:x:14871:::::: -systemd-timesync:x:14871:::::: -systemd-network:x:14871:::::: -systemd-bus-proxy:x:14871:::::: -systemd-resolve:x:14871:::::: diff --git a/core/filesystem/shells b/core/filesystem/shells index 18c1aeffa..19324ea83 100644 --- a/core/filesystem/shells +++ b/core/filesystem/shells @@ -1,8 +1,5 @@ -# -# /etc/shells -# +# Pathnames of valid login shells. +# See shells(5) for details. /bin/sh /bin/bash - -# End of file diff --git a/core/filesystem/sysusers b/core/filesystem/sysusers new file mode 100644 index 000000000..000917158 --- /dev/null +++ b/core/filesystem/sysusers @@ -0,0 +1,28 @@ +# default arch groups +# groups first, because we have user/group id mismatch on ftp and mail +g sys 3 - - +g mem 8 - - +g ftp 11 - - +g mail 12 - - +g log 19 - - +g smmsp 25 - - +g proc 26 - - +g games 50 - - +g lock 54 - - +g network 90 - - +g floppy 94 - - +g scanner 96 - - +g power 98 - - + +# default arch users +u bin 1 - - +u daemon 2 - - +u mail 8 - /var/spool/mail +u ftp 14 - /srv/ftp +u http 33 - /srv/http + +# default membership +m bin daemon +m bin sys +m daemon adm +m daemon bin diff --git a/core/filesystem/tmpfiles b/core/filesystem/tmpfiles new file mode 100644 index 000000000..8fc77b57f --- /dev/null +++ b/core/filesystem/tmpfiles @@ -0,0 +1,17 @@ +# copy from factory when missing + +C /etc/crypttab +C /etc/fstab +C /etc/group +C /etc/gshadow +C /etc/host.conf +C /etc/hosts +C /etc/issue +C /etc/ld.so.conf +C /etc/motd +C /etc/nsswitch.conf +C /etc/passwd +C /etc/profile +C /etc/securetty +C /etc/shadow +C /etc/shells