################################################################# # # cf.sun - for sdsc.edu # $Id: cf.sun,v 2.81 2000/07/19 00:17:51 cai Exp $ # # This file contains SunOS/Solaris specific data # ################################################################# ### # # BEGIN cf.sun # ### links: !foreign:: # Don's work area /etc/sys_work ->! /var/sys_work !foreign.!extra_security.!hobbes:: /usr/bin/passwd ->! /usr/sdsc/bin/passwd /usr/sdsc/lib/npasswd/npasswd.config ->! /sdsc/local/generic/npasswd/npasswd.config /usr/sdsc/lib/npasswd/bigdict ->! /sdsc/local/generic/npasswd/bigdict /usr/sdsc/lib/npasswd/bigdict.pwd ->! /sdsc/local/generic/npasswd/bigdict.pwd /usr/sdsc/lib/npasswd/bigdict.pwi ->! /sdsc/local/generic/npasswd/bigdict.pwi /usr/sdsc/lib/npasswd/bigdict.hwm ->! /sdsc/local/generic/npasswd/bigdict.hwm ################################################################## ################################################################## files: ############################################ ### Special cases of standard files ### ############################################ ############################################ ### Standard files for all/most machines ### ############################################ basics:: /etc/shells m=0644 o=$(owner) g=$(group2) act=fixplain /etc/skeykeys m=0644 o=$(owner) g=$(group2) act=fixplain !ghost:: /etc/defaultrouter m=0644 o=$(owner) g=$(group2) act=fixplain any:: /.profile m=0444 o=$(owner) g=$(group2) act=fixplain /.login m=0444 o=$(owner) g=$(group2) act=fixplain /var/adm/lpd-errs m=0644 o=$(owner) g=$(group2) act=touch /var/log/syslog m=0644 o=$(owner) g=$(group2) act=touch /var/log/authlog m=0644 o=$(owner) g=$(group2) act=touch /var/spool/cron/crontabs/root m=0640 o=$(owner) g=$(group) act=fixall /usr/sdsc/bin/passwd m=4755 o=$(owner) g=$(group) act=fixplain /usr/sdsc/bin/keysu m=4755 o=$(owner) g=$(group) act=fixplain # /usr/sdsc/lib/sendmail m=4755 o=$(owner) g=$(group) act=fixplain # Disable at(1) because of security exploit. # solaris is patched -> cf.sunos4.1.* # /usr/bin/at m=0500 action=fixall ################################################################## ################################################################## copy: ####################################### ### Machine specific files ### ####################################### installplatform:: $(base_images_arch)/usr/sdsc/bin/bown dest=/usr/sdsc/bin/bown m=4750 o=$(owner) g=install type=checksum ############################################ ### Special cases of standard files ### ############################################ postal:: # restart_daemon: syslogd /etc/syslog.conf HUP $(base_data_arch)/etc/syslog.conf.postal dest=/etc/syslog.conf m=0644 o=$(owner) g=$(group2) type=checksum loghost:: # restart_daemon: syslogd /etc/syslog.conf HUP $(base_data_arch)/etc/syslog.conf.loghost dest=/etc/syslog.conf m=0644 o=$(owner) g=$(group2) type=checksum news:: # restart_daemon: syslogd /etc/syslog.conf HUP $(base_data_arch)/etc/syslog.conf.news dest=/etc/syslog.conf m=0644 o=$(owner) g=$(group2) type=checksum !loghost.!news.!postal.!mead:: $(base_data_arch)/etc/syslog.conf dest=/etc/syslog.conf m=0644 o=$(owner) g=$(group2) type=checksum otp:: $(common)/etc/skey.access.otp dest=/etc/skey.access m=0644 o=$(owner) g=$(group2) type=checksum !otp:: $(common)/etc/skey.access dest=/etc/skey.access m=0644 o=$(owner) g=$(group2) type=checksum !time:: $(base_images_arch)/usr/sdsc/etc/ntpdate dest=/usr/sdsc/etc/ntpdate m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/tickadj dest=/usr/sdsc/etc/tickadj m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/xntpd dest=/usr/sdsc/etc/xntpd m=755 o=$(owner) g=$(group) type=checksum billthecat|postal:: $(base_data_arch)/etc/hosts.allow.popper dest=/etc/hosts.allow m=0644 o=$(owner) g=$(group2) type=checksum f5:: $(base_data_arch)/etc/hosts.allow.f5 dest=/etc/hosts.allow m=0644 o=$(owner) g=$(group2) type=checksum $(common)/etc/inet/hosts.extra.f5 dest=$(etcinet)/hosts.extra m=0644 o=$(owner) g=$(group2) type=checksum hpcmail:: $(base_data_arch)/etc/hosts.allow.$(host) dest=/etc/hosts.allow m=0644 o=$(owner) g=$(group2) type=checksum !billthecat.!postal.!hpcmail.!f5:: $(base_data_arch)/etc/hosts.allow dest=/etc/hosts.allow m=0644 o=$(owner) g=$(group2) type=checksum e10k_ssp:: $(common)/etc/netmasks.ssp dest=$(etcinet)/netmasks m=0644 o=$(owner) g=$(group2) type=checksum samba1:: $(common)/etc/netmasks.samba1 dest=$(etcinet)/netmasks m=0644 o=$(owner) g=$(group2) type=checksum !e10k_ssp.!samba1:: $(common)/etc/netmasks dest=$(etcinet)/netmasks m=0644 o=$(owner) g=$(group2) type=checksum !sunos_5_7.!sunos_5_8:: # Solaris 7 & 8 come with their own traceroute program $(base_images_arch)/usr/sdsc/etc/traceroute dest=/usr/sdsc/etc/traceroute m=4755 o=$(owner) g=$(group) type=checksum ############################################ ### Standard files for all/most machines ### ############################################ any:: # give root some sane startup files $(base_data_arch)/Login dest=/.login m=0444 o=$(owner) g=$(group2) type=checksum $(base_data_arch)/Profile dest=/.profile m=0444 o=$(owner) g=$(group2) type=checksum # basic SunOS/Solaris information $(common)/etc/defaultdomain dest=/etc/defaultdomain m=0644 o=$(owner) g=$(group2) type=checksum $(base_data_arch)/etc/format.dat dest=/etc/format.dat m=0644 o=$(owner) g=$(group2) type=checksum $(common)/etc/shells dest=/etc/shells m=0644 o=$(owner) g=$(group2) type=checksum # # Copy the /usr/sdsc hierarchy # $(base_images_arch)/usr/sdsc/bin/key dest=/usr/sdsc/bin/key m=755 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/bin/keyinfo dest=/usr/sdsc/bin/keyinfo m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/keyinit dest=/usr/sdsc/bin/keyinit m=4755 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/bin/keyprint dest=/usr/sdsc/bin/keyprint m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/keysu dest=/usr/sdsc/bin/keysu m=4755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/login.logd dest=/usr/sdsc/bin/login.logd m=0755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/ntpq dest=/usr/sdsc/bin/ntpq m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/ntptrace dest=/usr/sdsc/bin/ntptrace m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/passwd dest=/usr/sdsc/bin/passwd m=4755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/siggen dest=/usr/sdsc/bin/siggen m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/skeyaccess dest=/usr/sdsc/bin/skeyaccess m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/xhost dest=/usr/sdsc/bin/xhost m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/bin/xntpdc dest=/usr/sdsc/bin/xntpdc m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/ftpd.logd dest=/usr/sdsc/etc/ftpd.logd m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/rexecd.logd dest=/usr/sdsc/etc/rexecd.logd m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/rlogind.logd dest=/usr/sdsc/etc/rlogind.logd m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/rshd.logd dest=/usr/sdsc/etc/rshd.logd m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/telnetd.logd dest=/usr/sdsc/etc/telnetd.logd m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/tripwire dest=/usr/sdsc/etc/tripwire m=755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/try-from dest=/usr/sdsc/etc/try-from m=755 o=$(owner) g=$(group) type=checksum # $(base_images_arch)/usr/sdsc/lib/sendmail # dest=/usr/sdsc/lib/sendmail # m=4755 o=$(owner) g=$(group) type=checksum # $(base_images_arch)/usr/sdsc/lib/sendmail.hf # dest=/usr/sdsc/lib/sendmail.hf # m=644 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/lib/cfengine/bin/cfbackup dest=/usr/sdsc/lib/cfengine/bin/cfbackup m=755 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/lib/cfengine/bin/cfdaily dest=/usr/sdsc/lib/cfengine/bin/cfdaily m=755 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/lib/cfengine/bin/cfmail dest=/usr/sdsc/lib/cfengine/bin/cfmail m=755 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/lib/cfengine/bin/cfrestore dest=/usr/sdsc/lib/cfengine/bin/cfrestore m=755 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/lib/cfengine/bin/cfwrap dest=/usr/sdsc/lib/cfengine/bin/cfwrap m=755 o=$(owner) g=$(group) type=checksum $(base_data_arch)/usr/sdsc/lib/cfengine/bin/noseyparker dest=/usr/sdsc/lib/cfengine/bin/noseyparker m=755 o=$(owner) g=$(group) type=checksum # gnufinger (sun/solaris only for now) $(base_images_arch)/usr/sdsc/etc/cfingerd dest=/usr/sdsc/etc/cfingerd m=0755 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/gnufingerd dest=/usr/sdsc/etc/gnufingerd m=0755 o=$(owner) g=$(group) type=checksum # probesys (a.k.a sysinfo) $(base_images_arch)/usr/sdsc/bin/probesys dest=/usr/sdsc/bin/probesys m=4555 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/probesys/sunos.cf dest=/usr/sdsc/etc/probesys/sunos.cf m=444 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/probesys/sunos_5.cf dest=/usr/sdsc/etc/probesys/sunos_5.cf m=444 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/probesys/sunos_5.ddb dest=/usr/sdsc/etc/probesys/sunos_5.ddb m=444 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/man/man8/probesys.8 dest=/usr/sdsc/man/man8/probesys.8 m=444 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/probesys/sunos_4.cf dest=/usr/sdsc/etc/probesys/sunos_4.cf m=444 o=$(owner) g=$(group) type=checksum $(base_images_arch)/usr/sdsc/etc/spin dest=/usr/sdsc/etc/spin m=744 o=$(owner) g=$(group) type=checksum ################################################################# ################################################################## shellcommands: "/sdsc/admin/refsys/Data/cfengine/scripts/restart_daemons sun $(class)" !ghost.!f5:: # build a defaultrouter file "/sdsc/admin/refsys/Data/cfengine/scripts/select_default_router" basics:: # SDSC keeps the real aliases file in /etc instead of /etc/mail "/bin/test -h /etc/aliases && /bin/rm -f /etc/aliases" exitcommands.!postal.!hpcmail:: # make sure alias database files are correct "/usr/lib/sendmail -bi" # exitcommands:: # # restart any daemons that have had config files modified # "/sdsc/admin/refsys/Data/cfengine/scripts/restart_daemons sun $(class)" ################################################################# ################################################################## directories: # cfengine won't let us use $(root) and $(group) in directories:, # so we're force to enumerate all OS versions here until this # bug gets fixed. - henry any:: /usr/sdsc/include m=2755 o=0 g=0 /usr/sdsc/lib m=2755 o=0 g=0 /usr/sdsc/lib/cfengine m=2755 o=0 g=0 /usr/sdsc/lib/cfengine/bin m=2755 o=0 g=0 /usr/sdsc/etc/probesys m=2755 o=0 g=0 /var/spool/calendar m=3777 o=daemon g=daemon !foreign:: # Don's work area /var/sys_work m=2770 o=root g=staff # Mountpoint parents /misc m=2755 o=0 g=0 /misc/www m=2755 o=0 g=0 /projects m=2755 o=0 g=0 /users m=2755 o=0 g=0 ################################################################## ################################################################## tidy: sunos_5_7:: /usr/sdsc/etc pat=traceroute a=0 ### # # END cf.sun # ###