# ################################################################# # cf.site - for sdsc.edu # $Id: cf.site,v 2.113 2000/06/20 22:30:06 dayv Exp $ # # This file contains site specific data # ################################################################# ### # # BEGIN cf.site # ### links: any:: /usr/sdsc/bin/ssh-add ->! ./ssh-add1 /usr/sdsc/bin/ssh-keygen ->! ./ssh-keygen1 /usr/sdsc/bin/ssh-agent ->! ./ssh-agent1 /usr/sdsc/bin/ssh ->! ./ssh1 /usr/sdsc/bin/scp ->! ./scp1 /usr/sdsc/bin/slogin ->! ./ssh /usr/sdsc/bin/make-ssh-known-hosts ->! ./make-ssh-known-hosts1 /usr/sdsc/bin/ssh-askpass ->! ./ssh-askpass1 /usr/sdsc/etc/sshd ->! ./sshd1 !extra_security.!foreign:: # the file systems are not mounted /import/local/generic1 ->! /sdsc/local/generic /import/proj-chem ->! /projects/chem /import/proj-sys-unitree ->! /projects/sys/unitree /import/proj-us-bio1 ->! /projects/us/bio1 /import/proj-us-indus1 ->! /projects/us/indus1 /import/proj-us-indus2 ->! /projects/us/indus2 /import/proj-us-indus3 ->! /projects/us/indus3 /projects/PET ->! ./paci/PET /scratch/nqe ->! /projects/paci/scratch !linux:: /usr/bin/tcsh ->! /usr/sdsc/bin/tcsh directories: any:: /usr/sdsc m=2755 o=0 g=0 /usr/sdsc/bin m=2755 o=0 g=0 /usr/sdsc/etc m=2755 o=0 g=0 /usr/sdsc/man m=2755 o=0 g=0 /usr/sdsc/man/man1 m=2755 o=0 g=0 /usr/sdsc/man/man3 m=2755 o=0 g=0 /usr/sdsc/man/man5 m=2755 o=0 g=0 /usr/sdsc/man/man8 m=2755 o=0 g=0 /usr/sdsc/lib m=2755 o=0 g=0 /usr/sdsc/include m=2755 o=0 g=0 /usr/sdsc/include/gssapi m=2755 o=0 g=0 /usr/sdsc/include/kerberosIV m=2755 o=0 g=0 /etc/banners m=2755 o=0 g=0 files: ############################################ ### Special cases of standard files ### ############################################ solaris:: /etc/vfstab m=0644 o=$(owner) g=$(group2) act=fixplain !solaris:: /etc/fstab m=0644 o=$(owner) g=$(group2) act=fixplain ############################################ ### Standard files for all/most machines ### ############################################ !irix:: # group 34 is "backup" /etc/dumpdates m=0664 o=$(owner) g=34 act=touch !linux:: /etc/identd.key m=0440 o=$(owner) g=$(group) act=fixplain linux:: # identd runs as user bin rather than root /etc/identd.key m=0440 o=bin g=$(group) act=fixplain any:: /etc/aliases m=0444 o=$(owner) g=$(group2) act=fixplain /etc/group m=0444 o=$(owner) g=$(group2) act=fixplain /etc/hosts.allow m=0644 o=$(owner) g=$(group2) act=fixplain /etc/krb5.keytab m=0600 o=$(owner) g=$(group2) act=fixplain /etc/ntp.drift m=0644 o=$(owner) g=$(group2) act=fixplain /etc/passwd m=0444 o=$(owner) g=$(group2) act=fixplain /etc/resolv.conf m=0644 o=$(owner) g=$(group2) act=fixplain /etc/ssh_host_key m=0600 o=$(owner) g=$(group2) act=fixplain /etc/ssh_host_key.pub m=0644 o=$(owner) g=$(group2) act=fixplain /etc/ssh_random_seed m=0600 o=$(owner) g=$(group2) act=fixplain /usr/sdsc/etc/tcpd m=0755 o=$(owner) g=$(group2) act=fixplain /tmp m=1777 o=$(owner) g=$(group2) act=fixdirs /var/tmp m=1777 o=$(owner) g=$(group2) act=fixdirs ################################################################## ################################################################## copy: solaris:: $(common)/etc/printers.conf dest=/etc/printers.conf m=0644 o=$(owner) g=$(group2) type=byte !solaris.!hubble:: $(common)/etc/printcap dest=/etc/printcap m=0644 o=$(owner) g=$(group2) type=byte hubble:: $(common)/etc/printcap.$(host) dest=/etc/printcap m=0644 o=$(owner) g=$(group2) type=byte !mailhub.!foreign:: $(common)/etc/aliases dest=/etc/aliases m=0444 o=$(owner) g=$(group2) type=byte !irix.!mailhub.!foreign:: $(common)/etc/sendmail.cf dest=/etc/sendmail.cf m=0644 o=$(owner) g=$(group2) type=byte irix.!mailhub.!foreign:: $(common)/etc/sendmail.cf.$(class) dest=/etc/sendmail.cf m=0644 o=$(owner) g=$(group2) type=byte mailhub:: $(common)/etc/sendmail.cf.$(host) dest=/etc/sendmail.cf m=0644 o=$(owner) g=$(group2) type=byte solaris|irix:: $(common)/etc/sshd_config.nomotd dest=/etc/sshd_config m=0644 o=$(owner) g=$(group2) type=byte !solaris.!irix:: $(common)/etc/sshd_config dest=/etc/sshd_config m=0644 o=$(owner) g=$(group2) type=byte # The new tcpd makes rosebud crash. !rosebud:: $(base_images_arch)/usr/sdsc/etc/tcpd dest=/usr/sdsc/etc/tcpd m=0755 o=$(owner) g=$(group2) type=byte # install the tcp_wrappers BANNER files. These are all copied from a # common area, but into variant names, depending on the OS solaris:: $(common)/in.ftpd.BANNER dest=/etc/banners/ftpd.logd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.telnetd.BANNER dest=/etc/banners/telnetd.logd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.rlogind.BANNER dest=/etc/banners/rlogind.logd mode=0644 o=$(owner) g=$(group2) type=byte sunos_4_1_3|sunos_4_1_3C|sunos_4_1_3_U1|sunos_4_1_4:: $(common)/in.ftpd.BANNER dest=/etc/banners/in.ftpd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.telnetd.BANNER dest=/etc/banners/in.telnetd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.rlogind.BANNER dest=/etc/banners/in.rlogind mode=0644 o=$(owner) g=$(group2) type=byte linux:: $(common)/in.ftpd.BANNER dest=/etc/banners/ftpd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.telnetd.BANNER dest=/etc/banners/telnetd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.rlogind.BANNER dest=/etc/banners/in.rlogind mode=0644 o=$(owner) g=$(group2) type=byte irix|osf:: $(common)/in.ftpd.BANNER dest=/etc/banners/ftpd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.telnetd.BANNER dest=/etc/banners/telnetd mode=0644 o=$(owner) g=$(group2) type=byte $(common)/in.rlogind.BANNER dest=/etc/banners/rlogind mode=0644 o=$(owner) g=$(group2) type=byte # Careful testing or recompiling could make this special case unnecessary. sunos_4_1_3|sunos_4_1_3C|sunos_4_1_3_U1:: $(base_images_arch)/usr/sdsc/etc/safe_finger-4.1.3 dest=/usr/sdsc/etc/safe_finger m=0755 o=$(owner) g=$(group2) type=byte !sunos_4_1_3.!sunos_4_1_3C.!sunos_4_1_3_U1:: $(base_images_arch)/usr/sdsc/etc/safe_finger dest=/usr/sdsc/etc/safe_finger m=0755 o=$(owner) g=$(group2) type=byte billthecat|ns0|ns1|time:: $(common)/etc/ntp.conf.$(host) dest=/etc/ntp.conf m=0644 o=$(owner) g=$(group2) type=byte !billthecat.!ns0.!ns1.!time:: $(common)/etc/ntp.conf dest=/etc/ntp.conf m=0644 o=$(owner) g=$(group2) type=byte linux_2_2_16_sdsc_rh62|linux_2_2_16_sdsc_rh62smp:: $(base_images_arch)/usr/sdsc/etc/identd.62 dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte linux_2_2_16_sdsc_rh60|linux_2_2_16_sdsc_rh60smp:: $(base_images_arch)/usr/sdsc/etc/identd dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte irix_6_2.irix_ip20|irix_6_2.irix_ip22:: $(base_images_arch)/usr/sdsc/etc/identd.32 dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte irix_6_2.irix_ip19|irix_6_2.irix_ip25|irix_6_2.irix_ip28:: $(base_images_arch)/usr/sdsc/etc/identd.64 dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte sunos_5_7.64bit:: $(base_images_arch)/usr/sdsc/etc/identd_64bit dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte sunos_5_7.!64bit:: $(base_images_arch)/usr/sdsc/etc/identd dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte linux_2_2_16_sdsc_rh62|linux_2_2_16_sdsc_rh62smp:: $(base_images_arch)/usr/sdsc/etc/identd.62 dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte linux_2_2_16_sdsc_rh60|linux_2_2_16_sdsc_rh60smp:: $(base_images_arch)/usr/sdsc/etc/identd dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte !irix_6_2.!sunos_5_7.!linux:: $(base_images_arch)/usr/sdsc/etc/identd dest=/usr/sdsc/etc/identd m=0755 o=$(owner) g=$(group2) type=byte !linux:: $(base_images_arch)/usr/sdsc/bin/tcsh dest=/usr/sdsc/bin/tcsh m=0755 o=$(owner) g=$(group2) type=byte ############################################ ### Standard files for all/most machines ### ############################################ e10k|e10k_ssp|f5:: $(common)/etc/hosts dest=$(etcinet)/hosts.master m=0644 o=$(owner) g=$(group2) type=byte !f5.!keni.!miki.!foreign.!e10k.!e10k_ssp:: $(common)/etc/hosts dest=$(etcinet)/hosts m=0644 o=$(owner) g=$(group2) type=byte !extra_security.!foreign:: $(common)/rhosts dest=/.rhosts m=0440 o=$(owner) g=$(group) type=byte $(common)/etc/hosts.equiv dest=/etc/hosts.equiv m=0644 o=$(owner) g=$(group2) type=byte $(common)/etc/serverhost dest=/etc/serverhost m=0644 o=$(owner) g=$(group2) type=byte any:: $(base_data_arch)/Cshrc dest=/.cshrc m=0644 o=$(owner) g=$(group2) type=byte $(common)/etc/ftpusers dest=/etc/ftpusers m=0644 o=$(owner) g=$(group2) type=byte $(base_data_arch)/etc/hosts.deny dest=/etc/hosts.deny m=0444 o=$(owner) g=$(group2) type=byte $(common)/etc/identd.key dest=/etc/identd.key m=0440 o=$(owner) g=$(group) type=byte $(common)/etc/networks dest=$(etcinet)/networks m=0644 o=$(owner) g=$(group2) type=byte $(common)/etc/services dest=$(etcinet)/services m=0644 o=$(owner) g=$(group2) type=byte $(common)/etc/ssh_config dest=/etc/ssh_config m=0644 o=$(owner) g=$(group2) type=byte $(common)/etc/motd.master dest=/etc/motd.master m=0644 o=$(owner) g=$(group2) type=byte $(common)/etc/lpd.conf dest=/etc/lpd.conf m=0644 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/cfengine dest=/usr/sdsc/bin/cfengine m=0755 o=$(owner) g=$(group2) type=byte $(common)/usr/sdsc/bin/cfengine_delayed_start dest=/usr/sdsc/bin/cfengine_delayed_start m=0755 o=$(owner) g=$(group2) type=byte $(common)/usr/sdsc/bin/cfbg dest=/usr/sdsc/bin/cfbg m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/make-ssh-known-hosts1 dest=/usr/sdsc/bin/make-ssh-known-hosts1 m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/scp1 dest=/usr/sdsc/bin/scp1 m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/ssh1 dest=/usr/sdsc/bin/ssh1 m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/ssh-add1 dest=/usr/sdsc/bin/ssh-add1 m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/ssh-agent1 dest=/usr/sdsc/bin/ssh-agent1 m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/ssh-askpass1 dest=/usr/sdsc/bin/ssh-askpass1 m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/ssh-keygen1 dest=/usr/sdsc/bin/ssh-keygen1 m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/bin/sudo dest=/usr/sdsc/bin/sudo m=$(setuid) o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/etc/idecrypt dest=/usr/sdsc/etc/idecrypt m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/etc/loginlog dest=/usr/sdsc/etc/loginlog m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/etc/sshd1 dest=/usr/sdsc/etc/sshd1 m=0755 o=$(owner) g=$(group2) type=byte $(common)/usr/sdsc/etc/daily_admin dest=/usr/sdsc/etc/daily_admin m=0754 o=$(owner) g=$(group2) type=byte $(common)/usr/sdsc/etc/thumbd dest=/usr/sdsc/etc/thumbd m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/etc/visudo dest=/usr/sdsc/etc/visudo m=0755 o=$(owner) g=$(group2) type=byte $(base_images_arch)/usr/sdsc/etc/verify dest=/usr/sdsc/etc/verify m=0755 o=$(owner) g=$(group2) type=byte $(common)/usr/sdsc/etc/webd dest=/usr/sdsc/etc/webd m=0755 o=$(owner) g=$(group2) type=byte ###################################################################### ###################################################################### tidy: / pat=core r=1 A=0 / pat=.Xauthority r=0 A=0 /etc pat=core r=1 A=0 /usr/sdsc/bin pat=sudo.cfsaved r=0 A=0 /etc pat=dumpates r=0 A=0 /etc pat=dumdates r=0 A=0 shellcommands: basics:: "/sdsc/local/generic/sdscbin/nfs/domake fstab" "/sdsc/admin/refsys/Data/cfengine/scripts/make_mount_points" exitcommands:: #concatenate the master and local motd files "/sdsc/admin/refsys/Data/cfengine/scripts/concatenate_motds" #this is temporary #the e10k systems need a few non-dns entries for now "/sdsc/admin/refsys/Data/cfengine/scripts/concatenate_hosts" #pwhosts:: # "$(pwmenu)/extract_rsh.pl $(pwmenu)" ### # # END cf.site # ###