mirror of https://github.com/tLDP/LDP
2251 lines
106 KiB
XML
2251 lines
106 KiB
XML
<sect1 id="etc">
|
|
<title>/etc</title>
|
|
|
|
<para>This is the nerve center of your system, it contains all system
|
|
related configuration files in here or in it's sub-directories. For this
|
|
reason, it's a good idea to backup this directory regularly. It will
|
|
definitely save you a lot of re-configuration later if you re-install or
|
|
lose your current installation. Normally, no binaries should be or are
|
|
located here.</para>
|
|
|
|
<para><variablelist><varlistentry><term>/etc/X11/</term><listitem><para>This
|
|
directory tree contains all the configuration files for the X Window System.
|
|
Users should note that many of the files located in this directory are
|
|
actually symbollic links to the /usr/X11R6 directory tree. Thus, the
|
|
presence of these files in these locations can not be certain.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/XF86Config,
|
|
/etc/X11/XF86Config-4</term><listitem><para>The 'X' configuration
|
|
file. Most modern distributions possess hardware autodetection systems that
|
|
enable automatic creation of a valid file. Should autodetection fail a
|
|
configuration file can also be created manually provided that you have
|
|
sufficient knowledge about your system. It would be considered prudent not
|
|
to attempt to type out a file from beginning to end. Rather, use common
|
|
configuration utilities such as xf86config, XF86Setup and xf86cfg to create
|
|
a workeable template. Then, using suitable documentation commence
|
|
optimization through intuition and/or trial and error. Options that can be
|
|
configured via this file include X modules to be loaded on startup,
|
|
keyboard, mouse, monitor and graphic chipset type. Often, commercial
|
|
distributions will include their own X configuration utilities such as
|
|
XDrake on Mandrake and also Xconfiguration on Redhat. Below is a sample X
|
|
configuration file from the reference system</para>
|
|
|
|
<para><screen>
|
|
### BEGIN DEBCONF SECTION
|
|
# XF86Config-4 (XFree86 server configuration file) generated by dexconf, the
|
|
# Debian X Configuration tool, using values from the debconf database.
|
|
#
|
|
# Edit this file with caution, and see the XF86Config-4 manual page.
|
|
# (Type "man XF86Config-4" at the shell prompt.)
|
|
#
|
|
# If you want your changes to this file preserved by dexconf, only
|
|
# make changes
|
|
# before the "### BEGIN DEBCONF SECTION" line above, and/or after the
|
|
# "### END DEBCONF SECTION" line below.
|
|
#
|
|
# To change things within the debconf section, run the command:
|
|
# dpkg-reconfigure xserver-xfree86
|
|
# as root. Also see "How do I add custom sections to a dexconf-
|
|
# generated
|
|
# XF86Config or XF86Config-4 file?" in /usr/share/doc/xfree86-
|
|
# common/FAQ.gz.
|
|
|
|
Section "Files"
|
|
FontPath "unix/:7100"
|
|
# local font server
|
|
# if the local font server has problems,
|
|
# we can fall back on these
|
|
FontPath "/usr/lib/X11/fonts/misc"
|
|
FontPath "/usr/lib/X11/fonts/cyrillic"
|
|
FontPath "/usr/lib/X11/fonts/100dpi/:unscaled"
|
|
FontPath "/usr/lib/X11/fonts/75dpi/:unscaled"
|
|
FontPath "/usr/lib/X11/fonts/Type1"
|
|
FontPath "/usr/lib/X11/fonts/Speedo"
|
|
FontPath "/usr/lib/X11/fonts/100dpi"
|
|
FontPath "/usr/lib/X11/fonts/75dpi"
|
|
EndSection
|
|
|
|
Section "Module"
|
|
Load "GLcore"
|
|
Load "bitmap"
|
|
Load "dbe"
|
|
Load "ddc"
|
|
Load "dri"
|
|
Load "extmod"
|
|
Load "freetype"
|
|
Load "glx"
|
|
Load "int10"
|
|
Load "pex5"
|
|
Load "record"
|
|
Load "speedo"
|
|
Load "type1"
|
|
Load "vbe"
|
|
Load "xie"
|
|
EndSection
|
|
|
|
Section "InputDevice"
|
|
Identifier "Generic Keyboard"
|
|
Driver "keyboard"
|
|
Option "CoreKeyboard"
|
|
Option "XkbRules" "xfree86"
|
|
Option "XkbModel" "pc104"
|
|
Option "XkbLayout" "us"
|
|
EndSection
|
|
|
|
Section "InputDevice"
|
|
Identifier "Configured Mouse"
|
|
Driver "mouse"
|
|
Option "CorePointer"
|
|
Option "Device" "/dev/psaux"
|
|
Option "Protocol" "NetMousePS/2"
|
|
Option "Emulate3Buttons" "true"
|
|
Option "ZAxisMapping" "4 5"
|
|
EndSection
|
|
|
|
Section "InputDevice"
|
|
Identifier "Generic Mouse"
|
|
Driver "mouse"
|
|
Option "SendCoreEvents" "true"
|
|
Option "Device" "/dev/input/mice"
|
|
Option "Protocol" "ImPS/2"
|
|
Option "Emulate3Buttons" "true"
|
|
Option "ZAxisMapping" "4 5"
|
|
EndSection
|
|
|
|
Section "Device"
|
|
Identifier "Generic Video Card"
|
|
Driver "nv"
|
|
# Option "UseFBDev" "true"
|
|
Option "UseFBDev" "false"
|
|
EndSection
|
|
|
|
Section "Monitor"
|
|
Identifier "Generic Monitor"
|
|
HorizSync 30-38
|
|
VertRefresh 43-95
|
|
Option "DPMS"
|
|
EndSection
|
|
|
|
Section "Screen"
|
|
Identifier "Default Screen"
|
|
Device "Generic Video Card"
|
|
Monitor "Generic Monitor"
|
|
DefaultDepth 16
|
|
SubSection "Display"
|
|
Depth 1
|
|
Modes "800x600" "640x480"
|
|
EndSubSection
|
|
SubSection "Display"
|
|
Depth 4
|
|
Modes "800x600" "640x480"
|
|
EndSubSection
|
|
SubSection "Display"
|
|
Depth 8
|
|
Modes "800x600" "640x480"
|
|
EndSubSection
|
|
SubSection "Display"
|
|
Depth 15
|
|
Modes "800x600" "640x480"
|
|
EndSubSection
|
|
SubSection "Display"
|
|
Depth 16
|
|
Modes "800x600" "640x480"
|
|
EndSubSection
|
|
SubSection "Display"
|
|
Depth 24
|
|
Modes "800x600" "640x480"
|
|
EndSubSection
|
|
EndSection
|
|
|
|
Section "ServerLayout"
|
|
Identifier "Default Layout"
|
|
Screen "Default Screen"
|
|
InputDevice "Generic Keyboard"
|
|
InputDevice "Configured Mouse"
|
|
InputDevice "Generic Mouse"
|
|
EndSection
|
|
|
|
Section "DRI"
|
|
Mode 0666
|
|
EndSection
|
|
|
|
### END DEBCONF SECTION
|
|
</screen></para>
|
|
|
|
<para>As you can see, the layout of the file is quite simple
|
|
and tends to be quite standard across most distributions. At the top are the
|
|
locations of the various font files for X (note - X will not start if you do
|
|
not specify a valid font), next is the "Modules" section. It details
|
|
what modules are to be loaded upon startup. The most well known extensions
|
|
are probably GLX (required for 3D redering of graphics and games) and
|
|
Xinerama which allows users to expand their desktop over several monitors.
|
|
Next are the various "Device" sections which describe the type of
|
|
hardware you have. Improper configuration of these subsections can lead to
|
|
heartache and trauma with seemingly misplaced keys, bewitched mice and also
|
|
constant flashing as X attempts to restart in a sometimes never ending loop.
|
|
In most cases when all else fails the vesa driver seems to be able to
|
|
initialise most modern video cards. In the "Screen" section it is
|
|
possible to alter the default startup resolution and depth. Quite often it
|
|
is possible to alter these attributes on the fly by using the alt-ctrl-+ or
|
|
alt-ctrl- set of keystrokes. Lastly are the "ServerLayout" and
|
|
"DRI" sections. Users will almost never touch the "DRI"
|
|
section and only those who wish to utilise the Xinerama extensions of X will
|
|
require having to change any of the ServerLayout options.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/Xmodmap</term><listitem><para>In
|
|
general your default keyboard mapping comes from your X server setup. If
|
|
this setup is insufficient and you are unwilling to go through the process
|
|
of reconfiguration and/or you are not the superuser you'll need to use
|
|
the xmodmap program. This is the utlitiy's global configuration file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/xkb/</term><listitem><para>The
|
|
various symbols, types, geometries of keymaps that the X server supports can
|
|
be found in this directory tree.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/lbxproxy/</term><listitem><para>Low
|
|
Bandwidth X (LBX) proxy server configuration files. Applications that would
|
|
like to take advantage of the Low Bandwidth extension to X (LBX) must make
|
|
their connections to an lbxproxy. These applications need know nothing about
|
|
LBX, they simply connect to the lbxproxy as if it were a regular X server.
|
|
The lbxproxy accepts client connections, multiplexes them over a single
|
|
connection to the X server, and performs various optimizations on the X
|
|
protocol to make it faster over low bandwidth and/or high latency
|
|
connections. It should be noted that such compression will not increase the
|
|
pace of rendering all that much. Its primary purpose is to reduce network
|
|
load and thus increase overall network latency. A competing project called
|
|
DXPC (Differential X Protocol Compression) has been found to be more
|
|
efficient at this task. Studies have shown though that in almost all cases
|
|
ssh tunnneling of X will produce far better results than through any of
|
|
these specialised pieces of software.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/proxymngr/</term><listitem><para>X
|
|
proxy services manager initialisation files. proxymngr is responsible for
|
|
resolving requests from xfindproxy (in the xbase-clients package) and other
|
|
similar clients, starting new proxies when appropriate, and keeping track of
|
|
all the available proxy services.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/xdm/</term><listitem><para>X
|
|
display manager configuration files. xdm manages a collection of X servers,
|
|
which may be on the local host or remote machines. It provides services
|
|
similar to those provided by init, getty, and login on character-based
|
|
terminals: prompting for login name and password, authenticating the user,
|
|
and running a session. xdm supports XDMCP (X Display Manager Control
|
|
Protocol) and can also be used to run a chooser process which presents the
|
|
user with a menu of possible hosts that offer XDMCP display management. If
|
|
the xutils package is installed, xdm can use the sessreg utility to register
|
|
login sessions to the system utmp file; this, however, is not necessary for
|
|
xdm to function.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/xdm/xdm-config</term><listitem><para>This
|
|
is the master 'xdm' configuration file. It determines where all
|
|
other 'xdm' configuration files will be located. It is almost
|
|
certain to be left undisturbed.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/gdm/</term><listitem><para>GNOME
|
|
Display Manager configuration files. gdm provides the equivalent of a
|
|
"login:" prompt for X displays- it pops up a login window and starts
|
|
an X session. It provides all the functionality of xdm, including XDMCP
|
|
support for managing remote displays. The greeting window is written using
|
|
the GNOME libraries and hence looks like a GNOME application- even to the
|
|
extent of supporting themes! By default, the greeter is run as an
|
|
unprivileged user for security.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/gdm/gdm.conf</term><listitem><para>This
|
|
is the primary configuration file for GDM. Through it, users can specify
|
|
whether they would like their system to automatically login as a certain
|
|
user, background startup image and also if they would like to run their
|
|
machine as somewhat of a terminal server tby using the XDMCP protocol.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/fonts</term><listitem><para>Home
|
|
of xfs fonts.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/fs/</term><listitem><para>X
|
|
font server configuration files. xfs is a daemon that listens on a network
|
|
port and serves X fonts to X servers (and thus to X clients). All X servers
|
|
have the ability to serve locally installed fonts for themselves, but xfs
|
|
makes it possible to offload that job from the X server, and/or have a
|
|
central repository of fonts on a networked machine running xfs so that all
|
|
the machines running X servers on a network do not require their own set of
|
|
fonts. xfs may also be invoked by users to, for instance, make available X
|
|
fonts in user accounts that are not available to the X server or to an
|
|
already running system xfs.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/fs/config</term><listitem><para>This
|
|
is the 'xfs' initialisation file. It specifies the number of clients
|
|
that are allowed to connect to the 'xfs' server at any one time, the
|
|
location of log files, default resolution, the location of the fonts, etc.</para>
|
|
|
|
<para><screen>
|
|
# font server configuration file
|
|
# $Xorg: config.cpp,v 1.3 2000/08/17 19:54:19 cpqbld Exp $
|
|
|
|
# allow a maximum of 10 clients to connect to this font server
|
|
client-limit = 10
|
|
# when a font server reaches its limit, start up a new one
|
|
clone-self = on
|
|
# log messages to /var/log/xfs.log (if syslog is not used)
|
|
error-file = /var/log/xfs.log
|
|
# log errors using syslog
|
|
use-syslog = on
|
|
# turn off TCP port listening (Unix domain connections are still permitted)
|
|
no-listen = tcp
|
|
# paths to search for fonts
|
|
catalogue = /usr/lib/X11/fonts/misc/,/usr/lib/X11/fonts/cyrillic/,
|
|
/usr/lib/X11/fonts/100dpi/:unscaled,/usr/lib/X11/fonts/75dpi/:unscaled,
|
|
/usr/lib/X11/fonts/Type1/,/usr/lib/X11/fonts/CID,
|
|
/usr/lib/X11/fonts/Speedo/,/usr/lib/X11/fonts/100dpi/,
|
|
/usr/lib/X11/fonts/75dpi/
|
|
# in decipoints
|
|
default-point-size = 120
|
|
# x1,y1,x2,y2,...
|
|
default-resolutions = 100,100,75,75
|
|
|
|
# font cache control, specified in kB
|
|
cache-hi-mark = 2048
|
|
cache-low-mark = 1433
|
|
cache-balance = 70
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/twm</term><listitem><para>Home
|
|
of configuration files for twm. The original Tabbed Window Manager.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/xinit/</term><listitem><para>xinit
|
|
configuration files. 'xinit' is a configuration method os starting
|
|
up an X session that is designed to used as part of a script. Normally, this
|
|
is used at larger sites as part of a tailored login process.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/X11/xinit/xinitrc</term><listitem><para>Global
|
|
xinitrc file, used by all X sessions started by xinit (startx). It's
|
|
usage is of course overidden by a .xinitrc file located in the home
|
|
directory of a user.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/adduser.conf</term><listitem><para>'adduser'
|
|
configuration. The adduser command can create new users, groups and add
|
|
existing users to existing groups. Adding users with adduser is much easier
|
|
than adding them by hand. Adduser will choose appropriate UID and GID
|
|
values, create a home directory, copy skeletal user configuration from
|
|
/etc/skel, allow you to set an initial password and the GECOS field.
|
|
Optionally a custom script can be executed after this commands. See
|
|
adduser(8) and adduser.conf(5) for full documentation.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/adjtime</term><listitem><para>Has
|
|
parameters to help adjust the software (kernel) time so that it matches the
|
|
RTC.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/aliases</term><listitem><para>This
|
|
is the aliases file - it says who gets mail for whom. It was originally
|
|
generated by `eximconfig', part of the exim package distributed with
|
|
Debian, but it may edited by the mail system administrator. See exim info
|
|
section for details of the things that can be configured here. An aliases
|
|
database file (aliases.db) is built from the entries in the aliases files by
|
|
the newaliases utility.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/alternatives</term><listitem><para>It
|
|
is possible for several programs fulfilling the same or similar functions to
|
|
be installed on a single system at the same time. For example, many systems
|
|
have several text editors installed at once. This gives choice to the users
|
|
of a system, allowing each to use a different editor, if desired, but makes
|
|
it difficult for a program to make a good choice of editor to invoke if the
|
|
user has not specified a particular preference.</para><para>The alternatives
|
|
system aims to solve this problem. A generic name in the filesystem is
|
|
shared by all files providing interchangeable functionality. The
|
|
alternatives system and the system administrator together determine which
|
|
actual file is referenced by this generic name. For example, if the text
|
|
editors ed(1) and nvi(1) are both installed on the system, the alternatives
|
|
system will cause the generic name /usr/bin/editor to refer to /usr/bin/nvi
|
|
by default. The system administrator can override this and cause it to refer
|
|
to /usr/bin/ed instead, and the alternatives system will not alter this
|
|
setting until explicitly requested to do so.</para><para>The generic name is
|
|
not a direct symbolic link to the selected alternative. Instead, it is a
|
|
symbolic link to a name in the alternatives directory, which in turn is a
|
|
symbolic link to the actual file referenced. This is done so that the system
|
|
administrator's changes can be confined within the /etc directory.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/apt</term><listitem><para>
|
|
This is Debian's next generation front-end for the dpkg package manager. It provides the apt-get utility and APT dselect method that provides a simpler, safer way to install and upgrade packages. APT features complete installation ordering, multiple source capability and several other unique features, see the Users Guide in /usr/share/doc/apt/guide.text.gz
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/apt/sources.list</term><listitem><para><screen>
|
|
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-7 (20020718)]/
|
|
unstable contrib main non-US/contrib non-US/main
|
|
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-6 (20020718)]/
|
|
unstable contrib main non-US/contrib non-US/main
|
|
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-5 (20020718)]/
|
|
unstable contrib main non-US/contrib non-US/main
|
|
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-4 (20020718)]/
|
|
unstable contrib main non-US/contrib non-US/main
|
|
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-3 (20020718)]/
|
|
unstable contrib main non-US/contrib non-US/main
|
|
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-2 (20020718)]/
|
|
unstable contrib main non-US/contrib non-US/main
|
|
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-1 (20020718)]/
|
|
unstable contrib main non-US/contrib non-US/main
|
|
|
|
# deb http://security.debian.org/ stable/updates main
|
|
</screen></para>
|
|
|
|
<para>
|
|
Contains a list of apt-sources from which packages may be installed via APT.
|
|
</para>
|
|
|
|
</listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/asound.conf</term><listitem><para>ALSA
|
|
(Advanced Linux Sound Architecture) configuration file. It is normally
|
|
created via alsactl or other third-party sound configuration utilities that
|
|
may be specific to a distribution such as sndconfig from Redhat.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/at.deny</term><listitem><para>Users
|
|
denied access to the at daemon. The 'at' command allows user to
|
|
execute programs at an arbitrary time.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/autoconf</term><listitem><para>Configuration
|
|
files for autoconf. 'autoconf' creates scripts to configure source
|
|
code packages using templates. To create configure from configure.in, run
|
|
the autoconf program with no arguments. autoconf processes configure.ac with
|
|
the m4 macro processor, using the Autoconf macros. If you give autoconf an
|
|
argument, it reads that file instead of configure.ac and writes the
|
|
configuration script to the standard output instead of to configure. If you
|
|
give autoconf the argument -, it reads the standard input instead of
|
|
configure.ac and writes the configuration script on the standard output.</para><para>The
|
|
Autoconf macros are defined in several files. Some of the files are
|
|
distributed with Autoconf; autoconf reads them first. Then it looks for the
|
|
optional file acsite.m4 in the directory that contains the distributed
|
|
Autoconf macro files, and for the optional file aclocal.m4 in the current
|
|
directory. Those files can contain your site's or the package's own
|
|
Autoconf macro definitions. If a macro is defined in more than one of the
|
|
files that autoconf reads, the last definition it reads overrides the
|
|
earlier ones.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/bash.bashrc</term><listitem><para>System
|
|
wide functions and aliases' file for interactive bash shells.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/bash_completion</term><listitem><para>Programmable
|
|
completion functions for bash 2.05a.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/chatscripts/provider</term><listitem><para>This
|
|
is the chat script used to dial out to your default service provider.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/cron.d,
|
|
/etc/cron.daily, /etc/cron.weekly, /etc/cron.monthly</term><listitem><para>These
|
|
directories contain scripts to be executed on a regular basis by the cron
|
|
daemon.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/crontab</term><listitem><para>'cron'
|
|
configuration file. This file is for the cron table to setup the automatic
|
|
running of system routines. A cron table can also be established for
|
|
individual users. The location of these user cron table files will be
|
|
explained later on.</para>
|
|
<para><screen>
|
|
# /etc/crontab: system-wide crontab
|
|
# Unlike any other crontab you don't have to run the `crontab'
|
|
# command to install the new version when you edit this file.
|
|
# This file also has a username field, that none of the other crontabs do.
|
|
|
|
SHELL=/bin/sh
|
|
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
|
|
|
# m h dom mon dow user command
|
|
25 6 * * * root test -e /usr/sbin/anacron || run-parts --report /etc/cron.daily
|
|
47 6 * * 7 root test -e /usr/sbin/anacron || run-parts --report /etc/cron.weekly
|
|
52 6 1 * * root test -e /usr/sbin/anacron || run-parts --report /etc/cron.monthly
|
|
#
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/csh.login</term><listitem><para>System-wide
|
|
.login file for csh(1). This file is sourced on all invocations of the
|
|
shell. It contains commands that are to be executed upon login and sometimes
|
|
aliases also.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/csh.logout</term><listitem><para>System-wide
|
|
.logout file for csh(1). This file is sourced on all invocations of the
|
|
shell. It contains commands that are to be executed upon logout.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/csh.cshrc</term><listitem><para>System-wide
|
|
.cshrc file for csh(1). This file is sourced on all invocations of the
|
|
shell. This file should contain commands to set the command search path,
|
|
plus other important environment variables. This file should not contain
|
|
commands that produce output or assume the shell is attached to a tty.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/cups</term><listitem><para>Configuration
|
|
files for the Common UNIX Printing System (CUPS). Files here are used to
|
|
define client-specific parameters, such as the default server or default
|
|
encryption settings.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/deluser.conf</term><listitem><para>'deluser'
|
|
configuration files. The deluser command can remove users and groups and
|
|
remove users from a given group. Deluser can optionally remove and backup
|
|
the user's home directory and mail spool or all files on the system
|
|
owned by him. Optionally a custom script can also be executed after each of
|
|
the commands.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/devfs</term><listitem><para>
|
|
This daemon sets up the /dev filesystem for use. It creates required
|
|
symbolic links in /dev and also creates (if so configured, as is the
|
|
default) symbolic links to the "old" names for devices.
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/devfs/conf.d/</term><listitem><para>'devfsd'
|
|
configuration files. This daemon sets up the /dev filesystem for use. It
|
|
creates required symbolic links in /dev and also creates (if so configured,
|
|
as is the default) symbolic links to the "old" names for devices.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/dhclient.conf,
|
|
/etc/dhclient-script</term><listitem><para>'dhclient' configuration
|
|
file and 'dhclient' script files respectively. It configures your
|
|
system so that it may act as a client on a DHCP based network. It is
|
|
essential to connect to the Internet nowadays.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/dict.conf</term><listitem><para><screen>
|
|
# /etc/dict.conf Written by Bob Hilliard <hilliard@debian.org>
|
|
# 1998/03/20. Last revised Sun, 22 Nov 1998 18:10:04 -0500 This is
|
|
# the configuration file for /usr/bin/dict. In most cases only the
|
|
# server keyword need be specified.
|
|
|
|
# This default configuration will try to access a dictd server on
|
|
# the local host, failing that, it will try the public server. In
|
|
# many cases this will be slow, so you should comment out the line
|
|
# for the server that you don't want to use. To use any other
|
|
# server, enter its IP address in place of "dict.org".
|
|
|
|
# Refer to the dict manpage (man dict) for other options that could
|
|
# be inserted in here.
|
|
|
|
server localhost
|
|
server dict.org
|
|
</screen></para>
|
|
<para>
|
|
dict is a client for the Dictionary Server Protocol (DICT), a TCP transaction based
|
|
query/response protocol that provides access to dictionary definitions from a set of natural
|
|
language dictionary databases.
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/dosemu.conf</term><listitem><para>Configuration
|
|
file for the Linux DOS Emulator. DOSEMU is a PC Emulator application that
|
|
allows Linux to run a DOS operating system in a virtual x86 machine. This
|
|
allows you to run many DOS applications. It includes the FreeDOS kernel,
|
|
color text and full keyboard emulation (via hotkeys) via terminal,
|
|
built-in X support, IBM character set font, graphics capability
|
|
at the console with most compatible video cards, DPMI support so you can
|
|
run DOOM, CDROM support, builtin IPX and pktdrvr support. Note -
|
|
'dosemu' is simply a ported version of Corel's own PC-DOS.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/email-addresses</term><listitem><para>Part
|
|
of the exim package. This file contains email addresses to use for outgoing
|
|
mail. Any local part not in here will be qualified by the system domain as
|
|
normal. It should contain lines of the form:
|
|
|
|
<variablelist>
|
|
<varlistentry><term></term><listitem>
|
|
|
|
<para><screen>
|
|
user: someone@isp.com
|
|
otheruser: someoneelse@anotherisp.com
|
|
</screen></para>
|
|
|
|
</listitem></varlistentry>
|
|
</variablelist>
|
|
|
|
Exim is an MTA that is considered to be rather easier to configure than smail or
|
|
sendmail. It is a drop-in replacement for sendmail, mailq and rsmtp.
|
|
Advanced features include the ability to reject connections from known spam
|
|
sites, and an extremely efficient queue processing algorithm.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/esound.conf</term><listitem><para>ESD
|
|
configuration files. The Enlightened sound daemon is designed to mix
|
|
together several digitized audio streams for playback by a single device.
|
|
Like nasd, artsd and rplay it also has the capability to play sounds
|
|
remotely.</para></listitem></varlistentry><varlistentry><term>/etc/exports</term><listitem><para>The
|
|
control list of systems who want to access the system via NFS, a the list of
|
|
directories that you would like to share and the permissions allocated on
|
|
each share.</para>
|
|
<para><screen>
|
|
# /etc/exports: the access control list for filesystems which may be
|
|
# exported to NFS clients. See exports(5).
|
|
## LTS-begin ##
|
|
|
|
#
|
|
# The lines between the 'LTS-begin' and the 'LTS-end' were added
|
|
# on: Sun Feb 23 05:54:17 EST 2003 by the ltsp installation script.
|
|
# For more information, visit the ltsp homepage
|
|
# at http://www.ltsp.org
|
|
#
|
|
|
|
/opt/ltsp/i386 192.168.0.0/255.255.255.0(ro,no_root_squash)
|
|
/var/opt/ltsp/swapfiles 192.168.0.0/255.255.255.0(rw,no_root_squash)
|
|
|
|
#
|
|
# The following entries need to be uncommented if you want
|
|
# Local App support in ltsp
|
|
#
|
|
#/home 192.168.0.0/255.255.255.0(rw,no_root_squash)
|
|
|
|
## LTS-end ##
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/fdprm</term><listitem><para>Floppy
|
|
disk parameter table. Describes what different floppy disk formats look
|
|
like. Used by setfdprm.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/fstab</term><listitem><para>The
|
|
configuration file for 'mount' and now 'supermount'. It
|
|
lists the filesystems mounted automatically at startup by the mount -a
|
|
command (in /etc/rc or equivalent startup file). Under Linux, also contains
|
|
information about swap areas used automatically by swapon -a.</para>
|
|
|
|
<variablelist><varlistentry><term></term><listitem>
|
|
<para>
|
|
<screen>
|
|
# /etc/fstab: static file system information.
|
|
#
|
|
# The following is an example. Please see fstab(5) for further details.
|
|
# Please refer to mount(1) for a complete description of mount options.
|
|
#
|
|
# Format:
|
|
# <file system> <mount point> <type> <options> <dump> <pass>
|
|
#
|
|
# dump(8) uses the <dump> field to determine which file systems need
|
|
# to be dumped. fsck(8) uses the <pass> column to determine which file
|
|
# systems need to be checked--the root file system should have a 1 in
|
|
# this field, other file systems a 2, and any file systems that should
|
|
# not be checked (such as MS-DOS or NFS file systems) a 0.
|
|
#
|
|
# The `sw' option indicates that the swap partition is to be activated
|
|
# with `swapon -a'.
|
|
/dev/hda2 none swap sw 0 0
|
|
# The `bsdgroups' option indicates that the file system is to be mounted
|
|
# with BSD semantics (files inherit the group ownership of the directory
|
|
# in which they live). `ro' can be used to mount a file system read-only.
|
|
/dev/hda3 / ext2 defaults 0 1
|
|
/dev/hda5 /home ext2 defaults 0 2
|
|
/dev/hda6 /var ext2 defaults 0 2
|
|
/dev/hda7 /usr ext2 defaults,ro 0 2
|
|
/dev/hda8 /usr/local ext2 defaults,bsdgroups 0 2
|
|
# The `noauto' option indicates that the file system should not be mounted
|
|
# with `mount -a'. `user' indicates that normal users are allowed to mount
|
|
# the file system.
|
|
/dev/cdrom /cdrom iso9660 defaults,noauto,ro,user 0 0
|
|
/dev/fd0 /floppy minix defaults,noauto,user 0 0
|
|
/dev/fd1 /floppy minix defaults,noauto,user 0 0
|
|
# NFS file systems: server:
|
|
/export/usr /usr nfs defaults 0 0
|
|
# proc file system:
|
|
proc /proc proc defaults 0 0
|
|
</screen></para>
|
|
</listitem></varlistentry></variablelist>
|
|
|
|
</listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/ftpaccess</term><listitem><para>Determines
|
|
who might get ftp-access to your machine.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/ftpchroot</term><listitem><para>List
|
|
of ftp users that need to be chrooted.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/ftpuser</term><listitem><para>List
|
|
of dissallowed ftp users.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/gateways</term><listitem><para>Lists
|
|
gateways for 'routed'.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/gettydefs</term><listitem><para>Configures
|
|
console-logins.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/gnome-vfs-mime-magic</term><listitem><para>MIME
|
|
magic patterns as used by the Gnome VFS library.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/group</term><listitem><para>Similar
|
|
to /etc/passwd. It lists the configured user groups and who belongs to them.
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/group-</term><listitem><para>Old
|
|
/etc/group file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/gshadow</term><listitem><para>Contains
|
|
encrypted forms of group passwords.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/gshadow-</term><listitem><para>Old
|
|
/etc/gshadow file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/hostname</term><listitem><para>Contains
|
|
the hostname of your machine (can be fully qualified or not).</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/host.conf</term><listitem><para>Determines
|
|
the search order for look-ups (usually hosts bind, i.e. "check
|
|
/etc/hosts first and then look for a DNS").</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/hosts</term><listitem><para>This
|
|
file is used to define a system name and domain combination with a specific
|
|
IP address. This file needs to always contain an entry for an IP address, if
|
|
the machine is connected to the network.</para>
|
|
|
|
<para><screen>
|
|
### etherconf DEBCONF AREA. DO NOT EDIT THIS AREA OR INSERT TEXT BEFORE IT.
|
|
127.0.0.1 localhost ::1 localhost
|
|
ip6-localhost ip6-loopback
|
|
fe00::0 ip6-localnet
|
|
ff00::0 ip6-mcastprefix
|
|
ff02::1 ip6-allnodes
|
|
ff02::2 ip6-allrouters
|
|
ff02::3 ip6-allhosts
|
|
192.168.0.99 debian.localdomain.com debian
|
|
### END OF DEBCONF AREA. PLACE YOUR EDITS BELOW; THEY WILL BE PRESERVED.
|
|
192.168.0.1 ws001
|
|
</screen></para>
|
|
|
|
</listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/hosts.allow</term><listitem><para>Part
|
|
of the tcp-wrappers system to control access to your machine's services.
|
|
It lists hosts that are allowed to access the system and specfic daemons.</para>
|
|
<para><screen>
|
|
# /etc/hosts.allow: list of hosts that are allowed to access the
|
|
# system.
|
|
# See the manual pages hosts_access(5), hosts_options(5)
|
|
# and /usr/doc/netbase/portmapper.txt.gz
|
|
#
|
|
# Example: ALL: LOCAL @some_netgroup
|
|
# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
|
|
#
|
|
# If you're going to protect the portmapper use the name "portmap"
|
|
# for the daemon name. Remember that you can only use the keyword
|
|
# "ALL" and IP addresses (NOT host or domain names) for the
|
|
# portmapper. See portmap(8) and /usr/doc/portmap/portmapper.txt.gz
|
|
# for further information.
|
|
bootpd: 0.0.0.0 in.tftpd: 192.168.0.
|
|
portmap: 192.168.0.
|
|
rpc.mountd: 192.168.0.
|
|
rpc.nfsd: 192.168.0.
|
|
gdm: 192.168.0.
|
|
nasd: 192.168.0.
|
|
</screen></para>
|
|
</listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/hosts.deny</term><listitem><para>part
|
|
of the tcp-wrappers system to control access to your machine's services.
|
|
It lists hosts that are not allowed to access the system.</para>
|
|
<para><screen>
|
|
# Example: ALL: some.host.name, .some.domain
|
|
# ALL EXCEPT in.fingerd: other.host.name, .other.domain
|
|
#
|
|
# If you're going to protect the portmapper use the name "portmap"
|
|
# for the daemon name. Remember that you can only use the keyword
|
|
# "ALL" and IP addresses (NOT host or domain names) for the
|
|
# portmapper. See portmap(8) and /usr/doc/portmap/portmapper.txt.gz
|
|
# for further information.
|
|
#
|
|
# The PARANOID wildcard matches any host whose name does not match
|
|
# its address. You may wish to enable this to ensure any programs
|
|
# that don't validate looked up hostnames still leave understandable
|
|
# logs. In past versions of Debian this has been the default.
|
|
# ALL: PARANOID
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/httpd</term><listitem><para>Apache
|
|
configuration files. Apache is a versatile, high-performance HTTP server.
|
|
The most popular server in the world, Apache features a modular design and
|
|
supports dynamic selection of extension modules at runtime. Its strong
|
|
points are its range of possible customization, dynamic adjustment of the
|
|
number of server processes, and a whole range of available modules including
|
|
many authentication mechanisms, server-parsed HTML, server-side includes,
|
|
access control, CERN httpd metafiles emulation, proxy caching, etc. Apache
|
|
also supports multiple virtual homing.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/identd.conf</term><listitem><para>TCP/IP
|
|
IDENT protocol server. It implements the TCP/IP proposed standard IDENT user
|
|
identification protocol (RFC 1413). identd operates by looking up specific
|
|
TCP/IP connections and returning the username of the process owning the
|
|
connection. It can also return other information besides the username.</para>
|
|
|
|
<para><screen>
|
|
# /etc/identd.conf - an example configuration file
|
|
|
|
|
|
#-- The syslog facility for error messages
|
|
# syslog:facility = daemon
|
|
|
|
|
|
#-- User and group (from passwd database) to run as
|
|
server:user = nobody
|
|
|
|
#-- Override the group id
|
|
# server:group = kmem
|
|
|
|
#-- What port to listen on when started as a daemon or from /etc/inittab
|
|
# server:port = 113
|
|
|
|
#-- The socket backlog limit
|
|
# server:backlog = 256
|
|
|
|
#-- Where to write the file containing our process id
|
|
# server:pid-file = "/var/run/identd/identd.pid"
|
|
|
|
#-- Maximum number of concurrent requests allowed (0 = unlimited)
|
|
# server:max-requests = 0
|
|
|
|
#-- Enable some protocol extensions like "VERSION" or "QUIT"
|
|
protocol:extensions = enabled
|
|
|
|
#-- Allow multiple queries per connection
|
|
protocol:multiquery = enabled
|
|
|
|
#-- Timeout in seconds since connection or last query. Zero = disable
|
|
# protocol:timeout = 120
|
|
|
|
#-- Maximum number of threads doing kernel lookups
|
|
# kernel:threads = 8
|
|
|
|
#-- Maximum number of queued kernel lookup requests
|
|
# kernel:buffers = 32
|
|
|
|
#-- Maximum number of time to retry a kernel lookup in case of failure
|
|
# kernel:attempts = 5
|
|
|
|
|
|
|
|
#-- Disable username lookups (only return uid numbers)
|
|
# result:uid-only = no
|
|
|
|
#-- Enable the ".noident" file
|
|
# result:noident = enabled
|
|
|
|
#-- Charset token to return in replies
|
|
# result:charset = "US-ASCII"
|
|
|
|
#-- Opsys token to return in replies
|
|
# result:opsys = "UNIX"
|
|
|
|
#-- Log all request replies to syslog (none == don't)
|
|
# result:syslog-level = none
|
|
|
|
|
|
#-- Enable encryption (only available if linked with a DES library)
|
|
# result:encrypt = no
|
|
|
|
#-- Path to the DES key file (only available if linked with a DES library)
|
|
# encrypt:key-file = "/usr/local/etc/identd.key"
|
|
|
|
|
|
#-- Include a machine local configuration file
|
|
# include = /etc/identd.conf
|
|
</screen></para>
|
|
</listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/inetd.conf</term><listitem><para>Configuration
|
|
of services that are started by the INETD TCP/IP super server.
|
|
'inetd' is now deprecated. 'xinetd' has taken its place. See
|
|
/etc/xinet.conf for further details.</para>
|
|
|
|
<para><screen>
|
|
# /etc/inetd.conf: see inetd(8) for further informations.
|
|
#
|
|
# Internet server configuration database
|
|
#
|
|
#
|
|
# Lines starting with "#:LABEL:" or "#<off>#" should not
|
|
# be changed unless you know what you are doing!
|
|
#
|
|
# If you want to disable an entry so it isn't touched during
|
|
# package updates just comment it out with a single '#' character.
|
|
#
|
|
# Packages should modify this file by using update-inetd(8)
|
|
#
|
|
# <service_name> <sock_type> <proto>
|
|
# <flags> <user> <server_path>
|
|
# <args>
|
|
#
|
|
#:INTERNAL: Internal services
|
|
#echo stream tcp nowait root internal
|
|
#echo dgram udp wait root internal
|
|
#chargen stream tcp nowait root internal
|
|
#chargen dgram udp wait root internal
|
|
discard stream tcp nowait root internal
|
|
discard dgram udp wait root internal
|
|
daytime stream tcp nowait root internal
|
|
#daytime dgram udp wait root internal
|
|
time stream tcp nowait root internal
|
|
#time dgram udp wait root internal
|
|
|
|
#:STANDARD: These are standard services.
|
|
ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd
|
|
telnet stream tcp nowait telnetd.telnetd /usr/sbin/tcpd
|
|
/usr/sbin/in.telnetd
|
|
|
|
#:MAIL: Mail, news and uucp services.
|
|
smtp stream tcp nowait mail /usr/sbin/exim exim -bs
|
|
imap2 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/imapd
|
|
imap3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/imapd
|
|
|
|
#:INFO: Info services
|
|
ident stream tcp wait identd /usr/sbin/identd identd
|
|
finger stream tcp nowait nobody /usr/sbin/tcpd
|
|
/usr/sbin/in.fingerd
|
|
|
|
#:BOOT: Tftp service is provided primarily for booting.
|
|
#Most sites run this only on machines acting as "boot servers."
|
|
tftp dgram udp wait nobody /usr/sbin/tcpd
|
|
/usr/sbin/in.tftpd -s /tftpboot
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/init.d</term><listitem><para><screen>
|
|
|
|
Order of scripts run in /etc/rc?.d
|
|
==================================
|
|
|
|
0. Overview.
|
|
|
|
All scripts executed by the init system are located in /etc/init.d.
|
|
The directories /etc/rc?.d (? = S, 0 .. 6) contain relative links to
|
|
those scripts. These links are named S<2-digit-number><
|
|
original-name> or K<2-digit-number><original-name>.
|
|
|
|
If a scripts has the ".sh" suffix it is a bourne shell script and
|
|
MAY be handled in an optimized manner. The behaviour of executing the
|
|
script in an optimized way will not differ in any way from it being
|
|
forked and executed in the regular way.
|
|
|
|
The following runlevels are defined:
|
|
|
|
N System bootup (NONE).
|
|
S Single user mode (not to be switched to directly)
|
|
0 halt
|
|
1 single user mode
|
|
2 .. 5 multi user mode
|
|
6 reboot
|
|
|
|
1. Boot.
|
|
|
|
When the systems boots, the /etc/init.d/rcS script is executed. It
|
|
in turn executes all the S* scripts in /etc/rcS.d in alphabetical
|
|
(and thus numerical) order. The first argument passed to the
|
|
executed scripts is "start". The runlevel at this point is
|
|
"N" (none).
|
|
|
|
Only things that need to be run once to get the system in a consistent
|
|
state are to be run. The rcS.d directory is NOT meant to replace rc.local.
|
|
One should not start daemons in this runlevel unless absolutely
|
|
necessary. Eg, NFS might need the portmapper, so it is OK to start it
|
|
early in the bootprocess. But this is not the time to start the
|
|
squid proxy server.
|
|
|
|
2. Going multiuser.
|
|
|
|
After the rcS.d scripts have been executed, init switches to the
|
|
default runlevel as specified in /etc/inittab, usually "2".
|
|
|
|
Init then executes the /etc/init.d/rc script which takes care of
|
|
starting the services in /etc/rc2.d.
|
|
|
|
Because the previous runlevel is "N" (none) the /etc/rc2.d/KXXxxxx
|
|
scripts will NOT be executed - there is nothing to stop yet,
|
|
the system is busy coming up.
|
|
|
|
If for example there is a service that wants to run in runlevel 4
|
|
and ONLY in that level, it will place a KXXxxxx script in
|
|
/etc/rc{2,3,5}.d to stop the service when switching out of runlevel 4.
|
|
We do not need to run that script at this point.
|
|
|
|
The /etc.rc2.d/SXXxxxx scripts will be executed in alphabetical
|
|
order, with the first argument set to "start".
|
|
|
|
3. Switching runlevels.
|
|
|
|
When one switches from (for example) runlevel 2 to runlevel 3,
|
|
/etc/init.d/rc will first execute in alphabetical order all K
|
|
scripts for runlevel 3 (/etc/rc3.d/KXXxxxx) with as first argument
|
|
"stop" and then all S scripts for runlevel 3 (/etc/rc3.d/SXXxxxx)
|
|
with as first argument "start".
|
|
|
|
As an optimization, a check is made for each "service" to see if
|
|
it was already running in the previous runlevel. If it was, and there
|
|
is no K (stop) script present for it in the new runlevel, there is
|
|
no need to start it a second time so that will not be done.
|
|
|
|
On the other hand, if there was a K script present, it is assumed the
|
|
service was stopped on purpose first and so needs to be restarted.
|
|
|
|
We MIGHT make the same optimization for stop scripts as well-
|
|
if no S script was present in the previous runlevel, we can assume
|
|
that service was not running and we don't need to stop it either.
|
|
In that case we can remove the "coming from level N" special case
|
|
mentioned above in 2). But right now that has not been implemented.
|
|
|
|
4. Single user mode.
|
|
|
|
Switching to single user mode is done by switching to runlevel 1.
|
|
That will cause all services to be stopped (assuming they all have
|
|
a K script in /etc/rc1.d). The runlevel 1 scripts will then switch
|
|
to runlevel "S" which has no scripts - all it does is spawn
|
|
a shell directly on /dev/console for maintenance.
|
|
|
|
5. Halt/reboot
|
|
|
|
Going to runlevel 0 or 6 will cause the system to be halted or rebooted,
|
|
respectively. For example, if we go to runlevel 6 (reboot) first
|
|
all /etc/rc6.d/KXXxxxx scripts will be executed alphabetically with
|
|
"stop" as the first argument.
|
|
|
|
Then the /etc/rc6.d/SXXxxxx scripts will be executed alphabetically
|
|
with "stop" as the first argument as well. The reason is that there
|
|
is nothing to start anymore at this point - all scripts that are
|
|
run are meant to bring the system down.
|
|
|
|
In the future, the /etc/rc6.d/SXXxxxx scripts MIGHT be moved to
|
|
/etc/rc6.d/K1XXxxxx for clarity.
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/inittab</term><listitem><para>Boot-time
|
|
system configuration/initialization script. Tells init how to handle
|
|
runlevels. It sets the default runlevel. This is run first except when
|
|
booting in emergency (-b) mode. It also enables a user to startup a getty
|
|
session on an external device such as the serial ports. To add terminals or
|
|
dial-in modem lines to a system, just add more lines to /etc/inittab, one
|
|
for each terminal or dial-in line. For more details, see the manual pages
|
|
init, inittab, and getty. If a command fails when it starts, and init is
|
|
configured to restart it, it will use a lot of system resources: init starts
|
|
it, it fails, init starts it, it fails, and so on. To prevent this, init
|
|
will keep track of how often it restarts a command, and if the frequency
|
|
grows to high, it will delay for five minutes before restarting again.
|
|
/etc/inittab also has some special features that allow init to react to
|
|
special circumstances. powerwait Allows init to shut the system down, when
|
|
the power fails. This assumes the use of a UPS, and software that watches
|
|
the UPS and informs init that the power is off. ctrlaltdel Allows init to
|
|
reboot the system, when the user presses ctrl-alt-del on the console
|
|
keyboard. Note that the system administrator can configure the reaction to
|
|
ctrl-alt-del to be something else instead, e.g., to be ignored, if the
|
|
system is in a public location. sysinit Command to be run when the system is
|
|
booted. This command usually cleans up /tmp, for example. The list above is
|
|
not exhaustive. See your inittab manual page for all possibilities, and for
|
|
details on how to use the ones above. To set (or reset) initial terminal
|
|
colours. The following shell script should work for VGA consoles: for n in 1
|
|
2 4 5 6 7 8; do setterm -fore yellow -bold on -back blue -store >
|
|
/dev/tty$n done Substitute your favorite colors, and use /dev/ttyS$n for
|
|
serial terminals. To make sure they are reset when people log out (if
|
|
they've been changed) replace the references to getty (or mingetty or
|
|
uugetty or whatever) in /etc/inittab with references to /sbin/mygetty.
|
|
#!/bin/sh setterm -fore yellow -bold on -back blue -store > $1 exec
|
|
/sbin/mingetty $@ An example /etc/inittab is provided below.</para>
|
|
|
|
<para><screen>
|
|
# /etc/inittab: init(8) configuration.
|
|
# $Id$
|
|
# The default runlevel. id:2:initdefault:
|
|
# Boot-time system configuration/initialization script.
|
|
# This is run first except when booting in emergency (-b) mode.
|
|
si::sysinit:/etc/init.d/rcS
|
|
# What to do in single-user mode.
|
|
~~:S:wait:/sbin/sulogin
|
|
# /etc/init.d executes the S and K scripts upon change
|
|
# of runlevel.
|
|
#
|
|
# Runlevel 0 is halt.
|
|
# Runlevel 1 is single-user.
|
|
# Runlevels 2-5 are multi-user.
|
|
# Runlevel 6 is reboot.
|
|
l0:0:wait:/etc/init.d/rc 0 l1:1:wait:/etc/init.d/rc 1
|
|
l2:2:wait:/etc/init.d/rc 2 l3:3:wait:/etc/init.d/rc 3
|
|
l4:4:wait:/etc/init.d/rc 4 l5:5:wait:/etc/init.d/rc 5
|
|
l6:6:wait:/etc/init.d/rc 6
|
|
# Normally not reached, but fallthrough in case of emergency.
|
|
z6:6:respawn:/sbin/sulogin
|
|
# What to do when CTRL-ALT-DEL is pressed.
|
|
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
|
|
# Action on special keypress (ALT-UpArrow).
|
|
#kb::kbrequest:/bin/echo "Keyboard Request
|
|
#--edit /etc/inittab to let this work."
|
|
# What to do when the power fails/returns.
|
|
pf::powerwait:/etc/init.d/powerfail start
|
|
pn::powerfailnow:/etc/init.d/powerfail now
|
|
po::powerokwait:/etc/init.d/powerfail stop
|
|
# /sbin/getty invocations for the runlevels.
|
|
#
|
|
# The "id" field MUST be the same as the last
|
|
# characters of the device (after "tty").
|
|
#
|
|
# Format:
|
|
# <id>:<runlevels>:<action>:<process>
|
|
#
|
|
# Note that on most Debian systems tty7 is used by the X Window System,
|
|
# so if you want to add more getty's go ahead but skip tty7 if you run X.
|
|
#
|
|
1:2345:respawn:/sbin/getty 38400 tty1 2:23:respawn:/sbin/getty 38400 tty2
|
|
3:23:respawn:/sbin/getty 38400 tty3 4:23:respawn:/sbin/getty 38400 tty4
|
|
5:23:respawn:/sbin/getty 38400 tty5 6:23:respawn:/sbin/getty 38400 tty6
|
|
# Example how to put a getty on a serial line (for a terminal)
|
|
#
|
|
#T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
|
|
#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
|
|
# Example how to put a getty on a modem line.
|
|
#
|
|
#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
|
|
|
|
Undocumented features
|
|
|
|
The letters A-C can be used to spawn a daemon listed in /etc/inittab. For
|
|
example, assuming you want to start getty on a port to receive a call, but
|
|
only after receiving a voice call first (and not all the time). Furthermore,
|
|
you want to be able to receive a data or a fax call and that when you get
|
|
the voice message you'll know which you want. You insert two new lines
|
|
in /etc/inittab, each with its own ID, and each with a runlevel such as A
|
|
for data and B for fax. When you know which you need, you simply spawn the
|
|
appropriate daemon by calling 'telinit A' or 'telinit B'.
|
|
The appropriate getty is put on the line until the first call is received.
|
|
When the caller terminates the connection, the getty drops because, by
|
|
definition, on demand will not respawn. The other two letters, S and Q, are
|
|
special. S brings you sytem to maintenance mode and is the same as changing
|
|
state to runlevel 1. The Q is used to tell init to reread inittab. The
|
|
/etc/inittab file can be changed as often as required, but will only be read
|
|
under certain circumstances: -One of its processes dies (do you need to
|
|
respawn another?) -On a powerful signal from a power daemon (or a command
|
|
line) -When told to change state by telinit The Q argument tells init to
|
|
reread the /etc/inittab file. Even though it is called the System V runlevel
|
|
system runlevels 7-9 are legitimate runlevels that can be used if necessary.
|
|
The administrator must remember to alter the inittab file though and also to
|
|
create the required rc?.d files.</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/inputrc</term><listitem><para>Global
|
|
inputrc for libreadline. Readline is a function that gets a line from a user
|
|
and automatically edits it.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/isapnp.conf</term><listitem><para>Configuration
|
|
file for ISA based cards. This standard is virtually redundant in new
|
|
systems. The 'isapnptools' suite of ISA Plug-And-Play configuration
|
|
utilities is used to configure such devices. These programs are suitable for
|
|
all systems, whether or not they include a PnP BIOS. In fact, PnP BIOS adds
|
|
some complications because it may already activate some cards so that the
|
|
drivers can find them, and these tools can unconfigure them, or change their
|
|
settings causing all sorts of nasty effects.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/isdn</term><listitem><para>ISDN
|
|
configuration files.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/issue</term><listitem><para>Output
|
|
by getty before the login prompt. Usually contains a short description or
|
|
welcoming message to the system. The contents are up to the system
|
|
administrator. Debian GNU/\s 3.0 \n \l</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/issue.net</term><listitem><para>Presents
|
|
the welcome screen to users who login remotely to your machine (whereas
|
|
/etc/issue determines what a local user sees on login). Debian GNU/%s 3.0 %h</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/kde</term><listitem><para>KDE
|
|
initialization scripts and KDM configuration.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/kde/kdm</term><listitem><para>Location
|
|
for the K Desktop Manager files. kdm manages a collection of X servers,
|
|
which may be on the local host or remote machines. It provides services
|
|
similar to those provided by init, getty, and login on character-based
|
|
terminals: prompting for login name and password, authenticating the user,
|
|
and running a session. kdm supports XDMCP (X Display Manager Control
|
|
Protocol) and can also be used to run a chooser process which presents the
|
|
user with a menu of possible hosts that offer XDMCP display management.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/kderc</term><listitem><para>System
|
|
wide KDE initialization script. Commands here executed every time the KDE
|
|
environment is loaded. It's a link to /etc/kde2/system.kdeglobals
|
|
|
|
<variablelist>
|
|
<varlistentry><term></term><listitem>
|
|
<para> <screen>
|
|
[Directories]
|
|
dir_config=/etc/kde2
|
|
dir_html=/usr/share/doc/kde/HTML
|
|
dir_cgi=/usr/lib/cgi-bin
|
|
dir_apps=/usr/share/applnk
|
|
dir_mime=/usr/share/mimelnk
|
|
dir_services=/usr/share/services
|
|
dir_servicetypes=/usr/share/servicetypes
|
|
[General]
|
|
TerminalApplication=x-terminal-emulator
|
|
</screen> </para>
|
|
</listitem></varlistentry>
|
|
</variablelist>
|
|
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/ld.so.conf, /etc/ld.so.cache</term><listitem><para>
|
|
|
|
<variablelist>
|
|
|
|
<varlistentry><term></term><listitem>
|
|
<para>/etc/ld.so.conf is a file
|
|
containing a list of colon, space, tab, newline, or comma spearated
|
|
directories in which to search for libraries. /etc/ld.so.cache containing an
|
|
ordered list of libraries found in the directories specified in
|
|
/etc/ld.so.conf. This file is not in human readable format, and is not
|
|
intended to be edited.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term></term><listitem>
|
|
<para>'ldconfig' creates the necessary
|
|
links and cache (for use by the run-time linker, ld.so) to the most recent
|
|
shared libraries found in the directories specified on the command line, in
|
|
the file /etc/ld.so.conf, and in the trusted directories (/usr/lib and
|
|
/lib). 'ldconfig' checks the header and file names of the libraries
|
|
it encounters when determining which versions should have their links
|
|
updated. ldconfig ignores symbolic links when scanning for libraries.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term></term><listitem>
|
|
<para>'ldconfig' will attempt to deduce the type of ELF libs (ie.
|
|
libc5 or libc6/glibc) based on what C libs if any the library was linked
|
|
against, therefore when making dynamic libraries, it is wise to explicitly
|
|
link against libc (use -lc).</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term></term><listitem>
|
|
<para>Some existing libs do not contain
|
|
enough information to allow the deduction of their type, therefore the
|
|
/etc/ld.so.conf file format allows the specification of an expected type.
|
|
This is only used for those ELF libs which we can not work out. The format
|
|
is like this "dirname=TYPE", where type can be libc4, libc5 or
|
|
libc6. (This syntax also works on the command line). Spaces are not allowed.
|
|
Also see the -p option.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term></term><listitem>
|
|
<para>Directory names containing an = are no
|
|
longer legal unless they also have an expected type specifier.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term></term><listitem>
|
|
<para>'ldconfig' should normally be run by the super-user as it may
|
|
require write permission on some root owned directories and files. It is
|
|
normally run automatically at bootup or manually whenever new shared
|
|
libraries are installed.</para></listitem></varlistentry>
|
|
|
|
</variablelist>
|
|
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/usr/X11R6/lib</term><listitem><para>X libraries.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/usr/local/lib</term><listitem><para>Local libraries.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/lilo.conf</term><listitem><para>Configuration
|
|
file for the Linux boot loader 'lilo'. 'lilo' is the
|
|
original OS loader and can load Linux and others. The 'lilo' package
|
|
normally contains lilo (the installer) and boot-record-images to install
|
|
Linux, OS/2, DOS and generic Boot Sectors of other Oses. You can use Lilo to
|
|
manage your Master Boot Record (with a simple text screen, text menu or
|
|
colorful splash graphics) or call 'lilo' from other boot-loaders to
|
|
jump-start the Linux kernel.
|
|
|
|
<variablelist>
|
|
<varlistentry><term></term><listitem>
|
|
<para> <screen>
|
|
Prompt #Prompt user to select
|
|
OS choice at boot timeout=300 # Amount of time to wait before default OS
|
|
# started (in ms)
|
|
default=Debian4 #Default OS to be loaded
|
|
vga=normal #VGA mode
|
|
boot=/dev/had #location of MBR
|
|
map=/boot/map #location of kernel
|
|
install=/boot/boot-bmp.b #File to be installed as boot sector
|
|
bitmap=/boot/debian.bmp #LILO boot image
|
|
bmp-table=30p,100p,1,10 #Colours
|
|
selectable bmp-colors=13,,0,1,,0 #Colours chosen
|
|
lba32 #Required on most new systems to overcome
|
|
#1024 cylinder problem
|
|
image=/vmlinuz #name of kernel
|
|
image label=Debian #a label
|
|
read-only #file system to be mounted read only
|
|
root=/dev/hda6 #location of root filesystem
|
|
|
|
image=/boot/bzImage
|
|
label=Debian4
|
|
read-only
|
|
root=/dev/hda6
|
|
|
|
image=/mnt/redhat/boot/vmlinuz
|
|
label=Redhat
|
|
initrd=/mnt/redhat/boot/initrd-2.4.18-14.img
|
|
read-only
|
|
root=/dev/hda5
|
|
vga=788
|
|
append=" hdc=ide-scsi hdd=ide-scsi"
|
|
|
|
image=/mnt/mandrake/boot/vmlinuz
|
|
label="Mandrake"
|
|
root=/dev/hda7
|
|
initrd=/mnt/mandrake/boot/initrd.img
|
|
append="devfs=mount hdc=ide-scsi
|
|
acpi=off quiet"
|
|
vga=788
|
|
read-only
|
|
|
|
other=/dev/hda2
|
|
table=/dev/hda
|
|
loader=/boot/chain.b
|
|
label=FBSD
|
|
other=/dev/hda1
|
|
label=Windows
|
|
table=/dev/hda
|
|
|
|
other=/dev/fd0
|
|
label=floppy unsafe
|
|
</screen></para>
|
|
</listitem></varlistentry>
|
|
</variablelist>
|
|
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/local.gen</term><listitem><para>This
|
|
file lists locales that you wish to have built. You can find a list of valid
|
|
supported locales at /usr/share/i18n/SUPPORTED. Other combinations are
|
|
possible, but may not be well tested. If you change this file, you need to
|
|
re-run locale-gen.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/locale.alias</term><listitem><para>Locale
|
|
name alias data base.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/login.defs</term><listitem><para>Configuration
|
|
control definitions for the login package. An inordinate number of
|
|
attributes can be altered via this single file such as the location of mail,
|
|
delay in seconds after a failed login, enabling display of fail log
|
|
information, display of unknown username login failures, shell environment
|
|
variables, etc....</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/logrotate.conf</term><listitem><para>The
|
|
logrotate utility is designed to simplify the administration of log files on
|
|
a system which generates a lot of log files. Logrotate allows for the
|
|
automatic rotation compression, removal and mailing of log files. Logrotate
|
|
can be set to handle a log file daily, weekly, monthly or when the log file
|
|
gets to a certain size. Normally, logrotate runs as a daily cron job.</para>
|
|
|
|
<para><screen>
|
|
# see "man logrotate" for details
|
|
# rotate log files weekly
|
|
weekly
|
|
|
|
# keep 4 weeks worth of backlogs
|
|
rotate 4
|
|
|
|
# create new (empty) log files after rotating old ones
|
|
create
|
|
|
|
# uncomment this if you want your log files compressed
|
|
#compress
|
|
|
|
# packages drop log rotation information into this directory
|
|
include /etc/logrotate.d
|
|
|
|
# no packages own wtmp, or btmp -- we'll rotate them here
|
|
/var/log/wtmp {
|
|
monthly
|
|
create 0664 root utmp
|
|
rotate 1
|
|
}
|
|
|
|
/var/log/btmp {
|
|
missingok
|
|
monthly
|
|
create 0664 root utmp
|
|
rotate 1
|
|
}
|
|
|
|
# system-specific logs may be configured here
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/ltrace.conf</term><listitem><para>Configuration
|
|
file for ltrace (Library Call Tracer). It tracks runtime library calls in
|
|
dynamically linked programs. 'ltrace' is a debugging program which
|
|
runs a specified command until it exits. While the command is executing,
|
|
ltrace intercepts and records the dynamic library calls which are called by
|
|
the executed process and the signals received by that process. It can also
|
|
intercept and print the system calls executed by the program. The program to
|
|
be traced need not be recompiled for this, so you can use it on binaries for
|
|
which you don't have the source handy. You should install ltrace if you
|
|
need a sysadmin tool for tracking the execution of processes.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/magic</term><listitem><para>Magic
|
|
local data and configuration file for the file(1) command. Contains the
|
|
descriptions of various file formats based on which file guesses the type of
|
|
the file. Insert here your local magic data. Format is described in
|
|
magic(5).</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mail.rc</term><listitem><para>Initialization
|
|
file for 'mail'. 'mail' is an intelligent mail processing
|
|
system which has a command syntax reminiscent of ed with lines replaced by
|
|
messages. Its basically a command line version of Microsoft Outlook.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mailcap</term><listitem><para>'metamail'
|
|
capabilities file. The mailcap file is read by the metamail program to
|
|
determine how to display non-text at the local site. The syntax of a mailcap
|
|
file is quite simple, at least compared to termcap files. Any line that
|
|
starts with "#" is a comment. Blank lines are ignored. Otherwise,
|
|
each line defines a single mailcap entry for a single content type. Long
|
|
lines may be continued by ending them with a backslash character, \. Each
|
|
individual mailcap entry consists of a content-type specification, a command
|
|
to execute, and (possibly) a set of optional "flag" values.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mailcap.order</term><listitem><para>The
|
|
mailcap ordering specifications. The order of entries in the /etc/mailcap
|
|
file can be altered by editing the /etc/mailcap.order file. Each line of
|
|
that file specifies a package and an optional mime type. Mailcap entries
|
|
that match will be placed in the order of this file. Entries that don't
|
|
match will be placed later.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mailname</term><listitem><para>Mail
|
|
server hostname. Normally the same as the hostname.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/menu,
|
|
/etc/menu-methods</term><listitem><para>The menu package was inspired by the
|
|
install-fvwm2-menu program from the old fvwm2 package. However, menu tries
|
|
to provide a more general interface for menu building. With the update-menus
|
|
command from this package, no package needs to be modified for every X
|
|
window manager again, and it provides a unified interface for both text-and
|
|
X-oriented programs.</para><para>When a package that wants to add something
|
|
to the menu tree gets installed, it will run update-menus in its postinstall
|
|
script. Update-menus then reads in all menu files in /etc/menu/
|
|
/usr/lib/menu and /usr/lib/menu/default, and stores the menu entries of all
|
|
installed packages in memory. Once that has been done, it will run the
|
|
menu-methods in /etc/menu-methods/*, and pipe the information about the menu
|
|
entries to the menu-methods on stdout, so that the menu-methods can read
|
|
this. Each Window Manager or other program that wants to have the debian
|
|
menu tree, will supply a menu-method script in /etc/menu-methods/. This
|
|
menu-method then knows how to generate the startup-file for that window
|
|
manager. To facilitate this task for the window-manager maintainers, menu
|
|
provides a install-menu program. This program can generate the startupfiles
|
|
for just about every window manager.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mgetty+sendfax</term><listitem><para>Configuration
|
|
files for use of mgetty as the interface on the serial port. The mgetty
|
|
routine special routine has special features for handling things such as
|
|
dial up connections and fax connections.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mime.types</term><listitem><para>MIME-TYPES
|
|
and the extensions that represent them. This file is part of the
|
|
"mime-support" package. Note: Compression schemes like
|
|
"gzip", "bzip", and "compress" are not actually
|
|
"mime-types". They are "encodings" and hence must _not_ have
|
|
entries in this file to map their extensions. The "mime-type" of an
|
|
encoded file refers to the type of data that has been encoded, not the type
|
|
of the encoding.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/minicom</term><listitem><para>'minicom'
|
|
configuration files. 'minicom' is a communication program which
|
|
somewhat resembles the shareware program TELIX but is free with source code
|
|
and runs under most unices. Features include dialing directory with
|
|
auto-redial, support for UUCP-style lock files on serial devices, a seperate
|
|
script language interpreter, capture to file, multiple users with individual
|
|
configurations, and more.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/modules</term><listitem><para>List
|
|
of modules to be loaded at startup.</para>
|
|
|
|
<para><screen>
|
|
# /etc/modules: kernel modules to load at boot time.
|
|
#
|
|
# This file should contain the names of kernel modules that are
|
|
# to be loaded at boot time, one per line. Comments begin with
|
|
# a "#", and everything on the line after them are ignored.
|
|
unix
|
|
af_packet
|
|
via-rhine
|
|
cmpci
|
|
ne2k-pci
|
|
nvidia
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/modules.conf</term><listitem><para><screen>
|
|
### This file is automatically generated by update-modules"
|
|
#
|
|
# Please do not edit this file directly. If you want to change or add
|
|
# anything please take a look at the files in /etc/modutils and read
|
|
# the manpage for update-modules.
|
|
#
|
|
### update-modules: start processing /etc/modutils/0keep
|
|
# DO NOT MODIFY THIS FILE!
|
|
# This file is not marked as conffile to make sure if you upgrade modutils
|
|
# it will be restored in case some modifications have been made.
|
|
#
|
|
# The keep command is necessary to prevent insmod and friends from ignoring
|
|
# the builtin defaults of a path-statement is encountered. Until all other
|
|
# packages use the new `add path'-statement this keep-statement is essential
|
|
# to keep your system working
|
|
keep
|
|
|
|
### update-modules: end processing /etc/modutils/0keep
|
|
|
|
### update-modules: start processing /etc/modutils/actions
|
|
# Special actions that are needed for some modules
|
|
|
|
# The BTTV module does not load the tuner module automatically,
|
|
# so do that in here
|
|
post-install bttv insmod tuner
|
|
post-remove bttv rmmod tuner
|
|
|
|
|
|
### update-modules: end processing /etc/modutils/actions
|
|
|
|
### update-modules: start processing /etc/modutils/aliases
|
|
# Aliases to tell insmod/modprobe which modules to use
|
|
|
|
# Uncomment the network protocols you don't want loaded:
|
|
# alias net-pf-1 off # Unix
|
|
# alias net-pf-2 off # IPv4
|
|
# alias net-pf-3 off # Amateur Radio AX.25
|
|
# alias net-pf-4 off # IPX
|
|
# alias net-pf-5 off # DDP / appletalk
|
|
# alias net-pf-6 off # Amateur Radio NET/ROM
|
|
# alias net-pf-9 off # X.25
|
|
# alias net-pf-10 off # IPv6
|
|
# alias net-pf-11 off # ROSE / Amateur Radio X.25 PLP
|
|
# alias net-pf-19 off # Acorn Econet
|
|
|
|
alias char-major-10-175 agpgart
|
|
alias char-major-10-200 tun
|
|
alias char-major-81 bttv
|
|
alias char-major-108 ppp_generic
|
|
alias /dev/ppp ppp_generic
|
|
alias tty-ldisc-3 ppp_async
|
|
alias tty-ldisc-14 ppp_synctty
|
|
alias ppp-compress-21 bsd_comp
|
|
alias ppp-compress-24 ppp_deflate
|
|
alias ppp-compress-26 ppp_deflate
|
|
|
|
# Crypto modules (see http://www.kerneli.org/)
|
|
alias loop-xfer-gen-0 loop_gen
|
|
alias loop-xfer-3 loop_fish2
|
|
alias loop-xfer-gen-10 loop_gen
|
|
alias cipher-2 des
|
|
alias cipher-3 fish2
|
|
alias cipher-4 blowfish
|
|
alias cipher-6 idea
|
|
alias cipher-7 serp6f
|
|
alias cipher-8 mars6
|
|
alias cipher-11 rc62
|
|
alias cipher-15 dfc2
|
|
alias cipher-16 rijndael
|
|
alias cipher-17 rc5
|
|
|
|
|
|
### update-modules: end processing /etc/modutils/aliases
|
|
|
|
### update-modules: start processing /etc/modutils/ltmodem-2.4.18
|
|
# lt_drivers: autoloading and insertion parameter usage
|
|
alias char-major-62 lt_serial
|
|
alias /dev/tts/LT0 lt_serial
|
|
alias /dev/modem lt_serial
|
|
# options lt_modem vendor_id=0x115d device_id=0x0420 Forced=3,0x130,0x2f8
|
|
# section for lt_drivers ends
|
|
|
|
### update-modules: end processing /etc/modutils/ltmodem-2.4.18
|
|
|
|
### update-modules: start processing /etc/modutils/paths
|
|
# This file contains a list of paths that modprobe should scan,
|
|
# beside the once that are compiled into the modutils tools
|
|
# themselves.
|
|
|
|
|
|
### update-modules: end processing /etc/modutils/paths
|
|
|
|
### update-modules: start processing /etc/modutils/ppp
|
|
alias /dev/ppp ppp_generic
|
|
alias char-major-108 ppp_generic
|
|
alias tty-ldisc-3 ppp_async
|
|
alias tty-ldisc-14 ppp_synctty
|
|
alias ppp-compress-21 bsd_comp
|
|
alias ppp-compress-24 ppp_deflate
|
|
alias ppp-compress-26 ppp_deflate
|
|
|
|
### update-modules: end processing /etc/modutils/ppp
|
|
|
|
### update-modules: start processing /etc/modutils/setserial
|
|
#
|
|
# This is what I wanted to do, but logger is in /usr/bin, which isn't
|
|
# loaded when the module is first loaded into the kernel at boot time!
|
|
#
|
|
#post-install serial /etc/init.d/setserial start |
|
|
#logger -p daemon.info -t "setserial-module reload"
|
|
#pre-remove serial /etc/init.d/setserial stop |
|
|
#logger -p daemon.info -t "setserial-module uload"
|
|
#
|
|
alias /dev/tts serial
|
|
alias /dev/tts/0 serial
|
|
alias /dev/tts/1 serial
|
|
alias /dev/tts/2 serial
|
|
alias /dev/tts/3 serial
|
|
post-install serial /etc/init.d/setserial modload > /dev/null 2> /dev/null
|
|
pre-remove serial /etc/init.d/setserial modsave > /dev/null 2> /dev/null
|
|
|
|
### update-modules: end processing /etc/modutils/setserial
|
|
|
|
### update-modules: start processing /etc/modutils/arch/i386
|
|
alias parport_lowlevel parport_pc
|
|
alias char-major-10-144 nvram
|
|
alias binfmt-0064 binfmt_aout
|
|
alias char-major-10-135 rtc
|
|
|
|
### update-modules: end processing /etc/modutils/arch/i386
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/modutils</term><listitem><para>These
|
|
utilities are intended to make a Linux modular kernel manageable for all
|
|
users, administrators and distribution maintainers.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mtools</term><listitem><para>Debian
|
|
default mtools configuration file. The mtools series of commands work with
|
|
MS-DOS files and directories on floppy disks. This allows you to use Linux
|
|
with MS-DOS formatted diskettes on DOS and Windows systems.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/manpath.conf</term><listitem><para>This
|
|
file is used by the man_db package to configure the man and cat paths. It is
|
|
also used to provide a manpath for those without one by examining their PATH
|
|
environment variable. For details see the manpath(5) man page.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mediaprm</term><listitem><para>Was
|
|
formally named /etc/fdprm. See /etc/fdprm for further details.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/motd</term><listitem><para>The
|
|
message of the day, automatically output after a successful login. Contents
|
|
are up to the system administrator. Often used for getting information to
|
|
every user, such as warnings about planned downtimes. Linux
|
|
debian.localdomain.com 2.4.18 #1 Sat Mar 15 00:17:39 EST 2003 i686 unknown
|
|
Most of the programs included with the Debian GNU/Linux system are freely
|
|
redistributable; the exact distribution terms for each program are described
|
|
in the individual files in /usr/share/doc/*/copyright Debian GNU/Linux comes
|
|
with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/mtab</term><listitem><para>List
|
|
of currently mounted filesystems. Initially set up by the bootup scripts,
|
|
and updated automatically by the mount command. Used when a list of mounted
|
|
filesystems is needed, e.g., by the df command. This file is sometimes a
|
|
symbolic link to /proc/mounts.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/networks</term><listitem><para>List
|
|
of networks that the system is currently located on. For example,
|
|
192.168.0.0.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/nsswitch.conf</term><listitem><para>Sytem
|
|
Database/Name Service Switch configuration file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/oss.conf</term><listitem><para>OSS
|
|
(Open Sound System) configuration file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/pam.d/</term><listitem><para>This
|
|
directory is the home of the configuration files for PAMs, Pluggable
|
|
Authentication Modules.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/postfix/</term><listitem><para>Holds
|
|
your postfix configuration files. Postfix is now the MTA of choice among
|
|
Linux distributions. It is sendmail-compatible, offers improved speed over
|
|
sendmail, ease of administration and security. It was originally developed
|
|
by IBM and was called the IBM Secure Mailer and is used in many large
|
|
commercial networks. It is now the de-facto standard.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/ppp/</term><listitem><para>The
|
|
place where your dial-up configuration files are placed. More than likely to
|
|
be created by the text menu based pppconfig or other GUI based ppp
|
|
configuration utilities such as kppp or gnome-ppp.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/pam.conf</term><listitem><para>Most
|
|
programs use a file under the /etc/pam.d/ directory to setup their PAM
|
|
service modules. This file is and can be used, but is not recommended.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/paper.config</term><listitem><para>Paper
|
|
size configuration file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/papersize</term><listitem><para>Default
|
|
papersize.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/passwd</term><listitem><para>This
|
|
is the 'old' password file, It is kept for compatibility and
|
|
contains the user database, with fields giving the username, real name, home
|
|
directory, encrypted password, and other information about each user. The
|
|
format is documented in the passwd man(ual) page.</para>
|
|
|
|
<para><screen>
|
|
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|
|
bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh
|
|
sync:x:4:100:sync:/bin:/bin/sync games:x:5:100:games:/usr/games:/bin/sh
|
|
man:x:6:100:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|
|
mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh
|
|
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh
|
|
postgres:x:31:32:postgres:/var/lib/postgres:/bin/sh
|
|
www-data:x:33:33:www-data:/var/www:/bin/sh
|
|
backup:x:34:34:backup:/var/backups:/bin/sh
|
|
operator:x:37:37:Operator:/var:/bin/sh
|
|
list:x:38:38:SmartList:/var/list:/bin/sh irc:x:39:39:ircd:/var:/bin/sh
|
|
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
|
|
nobody:x:65534:65534:nobody:/home:/bin/sh
|
|
binh:x:1000:1000:,,,:/home/binh:/bin/bash
|
|
identd:x:100:65534::/var/run/identd:/bin/false
|
|
sshd:x:101:65534::/var/run/sshd:/bin/false gdm:x:102:101:Gnome Display
|
|
Manager:/var/lib/gdm:/bin/false
|
|
telnetd:x:103:103::/usr/lib/telnetd:/bin/false
|
|
dummy:x:1001:1001:,,,:/home/dummy:/bin/bash
|
|
</screen></para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/passwd-</term><listitem><para>Old
|
|
/etc/passwd file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/printcap</term><listitem><para>Printer
|
|
configuration (capabilities) file. The definition of all system printers,
|
|
whether local or remote, is stored in this file. Its layout is similar to
|
|
that of /etc/termcap but it uses a different syntax.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/profile</term><listitem><para>Files
|
|
and commands to be executed at login or startup time by the Bourne or C
|
|
shells. These allow the system administrator to set global defaults for all
|
|
users.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/profile.d</term><listitem><para>Shells
|
|
scripts to be executed upon login to the Bourne or C shells. These scripts
|
|
are normally called from the /etc/profile file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/protocols</term><listitem><para>Protocols
|
|
definitions file. It describes the various DARPA Internet protocols that are
|
|
available from the TCP/IP subsystem. It should be consulted instead of using
|
|
the numbers in the ARPA include files or resorting to guesstimation. This
|
|
file should be left untouched since changes could result in incorrect IP
|
|
packages.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/pcmcia</term><listitem><para>Configuration
|
|
files for PCMCIA devices. Generally only useful to laptop users.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/reportbug.conf</term><listitem><para>Configuration
|
|
file for reportbug. Reportbug is primarily designed to report bugs in the
|
|
Debian distribution. By default it creates an e-mail to the Debian bug
|
|
tracking system at mit@bugs.debian.org with information about the bug. Using
|
|
the -bts option you can report bugs to other servers also using ddebbugs
|
|
such as KDE.org. It is similar to bug but has far greater capabilities while
|
|
still maintaining simplicity.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/rc.boot or /etc/rc?.d</term><listitem><para>These directories contain all the files necessary to control system services and configure runlevels. A skeleton file is provided in /etc/init.d/skeleton</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/rcS.d</term><listitem><para>The
|
|
scripts in this directory are executed once when booting the system, even
|
|
when booting directly into single user mode. The files are all symbolic
|
|
links, the real files are located in /etc/init.d/. For a more general
|
|
discussion of this technique, see /etc/init.d/README.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/resolv.conf</term><listitem><para>Configuration
|
|
of how DNS is to occur is defined in this file. It tells the name resolver
|
|
libraries where they need to go to find information not found in the
|
|
/etc/hosts file. This always has at least one nameserver line, but
|
|
preferably three. The resolver uses each in turn. More than the first three
|
|
can be included but anything beyond the first three will be ignored. Two
|
|
lines that appear in the /etc/resolv.conf file are domain and search. Both
|
|
of these are mutually exclusive options, and where both show up, the last
|
|
one wins. Other entries beyond the three discussed here are listed in the
|
|
man pages but aren't often used.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/rmt</term><listitem><para>This
|
|
is not a mistake. This shell script (/etc/rmt) has been provided for
|
|
compatibility with other Unix-like systems, some of which have utilities
|
|
that expect to find (and execute) rmt in the /etc directory on remote
|
|
systems.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/rpc</term><listitem><para>The
|
|
rpc file contains user readable names that can be used in place of rpc
|
|
program numbers. Each line has the following information: -name of server
|
|
for the rpc program -rpc program number -aliases Items are separated by any
|
|
number of blanks and/or tab characters. A ``#'' indicates the
|
|
beginning of a comment; characters up to the end of the line are not
|
|
interpreted by routines which search the file.</para>
|
|
|
|
<para><screen>
|
|
# /etc/rpc:
|
|
# $Id$
|
|
#
|
|
# rpc 88/08/01 4.0 RPCSRC; from 1.12 88/02/07 SMI
|
|
|
|
portmapper 100000 portmap sunrpc
|
|
rstatd 100001 rstat rstat_svc rup perfmeter
|
|
rusersd 100002 rusers
|
|
nfs 100003 nfsprog
|
|
ypserv 100004 ypprog
|
|
mountd 100005 mount showmount
|
|
ypbind 100007
|
|
walld 100008 rwall shutdown
|
|
yppasswdd 100009 yppasswd
|
|
etherstatd 100010 etherstat
|
|
rquotad 100011 rquotaprog quota rquota
|
|
sprayd 100012 spray
|
|
3270_mapper 100013
|
|
rje_mapper 100014
|
|
selection_svc 100015 selnsvc
|
|
database_svc 100016
|
|
rexd 100017 rex
|
|
alis 100018
|
|
sched 100019
|
|
llockmgr 100020
|
|
nlockmgr 100021
|
|
x25.inr 100022
|
|
statmon 100023
|
|
status 100024
|
|
bootparam 100026
|
|
ypupdated 100028 ypupdate
|
|
keyserv 100029 keyserver
|
|
tfsd 100037
|
|
nsed 100038
|
|
nsemntd 100039
|
|
pcnfsd 150001
|
|
amd 300019 amq
|
|
sgi_fam 391002
|
|
ugidd 545580417
|
|
bwnfsd 788585389
|
|
</screen></para>
|
|
|
|
</listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/samba</term><listitem><para>Samba
|
|
configuration files. A 'LanManager' like file and printer server for
|
|
Unix. The Samba software suite is a collection of programs that implements
|
|
the SMB protocol for unix systems, allowing you to serve files and printers
|
|
to Windows, NT, OS/2 and DOS clients. This protocol is sometimes also
|
|
referred to as the LanManager or NetBIOS protocol.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/sane.d</term><listitem><para>Sane
|
|
configuration files. SANE stands for "Scanner Access Now Easy" and
|
|
is an application programming interface (API) that provides standardized
|
|
access to any raster image scanner hardware (flatbed scanner, hand-held
|
|
scanner, video- and still-cameras, frame-grabbers, etc.). The SANE API is
|
|
public domain and its discussion and development is open to everybody. The
|
|
current source code is written for UNIX (including GNU/Linux) and is
|
|
available under the GNU General Public License (the SANE API is available to
|
|
proprietary applications and backends as well, however).</para><para>SANE is
|
|
a universal scanner interface. The value of such a universal interface is
|
|
that it allows writing just one driver per image acquisition device rather
|
|
than one driver for each device and application. So, if you have three
|
|
applications and four devices, traditionally you'd have had to write 12
|
|
different programs. With SANE, this number is reduced to seven: the three
|
|
applications plus the four drivers. Of course, the savings get even bigger
|
|
as more and more drivers and/or applications are added.</para><para>Not only
|
|
does SANE reduce development time and code duplication, it also raises the
|
|
level at which applications can work. As such, it will enable applications
|
|
that were previously unheard of in the UNIX world. While SANE is primarily
|
|
targeted at a UNIX environment, the standard has been carefully designed to
|
|
make it possible to implement the API on virtually any hardware or operating
|
|
system.</para><para>While SANE is an acronym for ``Scanner Access Now
|
|
Easy'' the hope is of course that SANE is indeed sane in the sense
|
|
that it will allow easy implementation of the API while accommodating all
|
|
features required by today's scanner hardware and applications.
|
|
Specifically, SANE should be broad enough to accommodate devices such as
|
|
scanners, digital still and video cameras, as well as virtual devices like
|
|
image file filters.</para><para>If you're familiar with TWAIN, you may
|
|
wonder why there is a need for SANE. Simply put, TWAIN does not separate the
|
|
user-interface from the driver of a device. This, unfortunately, makes it
|
|
difficult, if not impossible, to provide network transparent access to image
|
|
acquisition devices (which is useful if you have a LAN full of machines, but
|
|
scanners connected to only one or two machines; it's obviously also
|
|
useful for remote-controlled cameras and such). It also means that any
|
|
particular TWAIN driver is pretty much married to a particular GUI API (be
|
|
it Win32 or the Mac API). In contrast, SANE cleanly separates device
|
|
controls from their representation in a user-interface. As a result, SANE
|
|
has no difficulty supporting command-line driven interfaces or
|
|
network-transparent scanning. For these reasons, it is unlikely that there
|
|
will ever be a SANE backend that can talk to a TWAIN driver. The converse is
|
|
no problem though: it would be pretty straight forward to access SANE
|
|
devices through a TWAIN source. In summary, if TWAIN had been just a little
|
|
better designed, there would have been no reason for SANE to exist, but
|
|
things being the way they are, TWAIN simply isn't SANE.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/securetty</term><listitem><para>Identifies
|
|
secure terminals, i.e., the terminals from which root is allowed to log in.
|
|
Typically only the virtual consoles are listed, so that it becomes
|
|
impossible (or at least harder) to gain superuser privileges by breaking
|
|
into a system over a modem or a network.
|
|
|
|
<variablelist>
|
|
<varlistentry><term></term><listitem>
|
|
<para><screen>
|
|
# /etc/securetty: list of terminals on which root is allowed to login.
|
|
# See securetty(5) and login(1).
|
|
console
|
|
|
|
# Standard consoles
|
|
tty1
|
|
tty2
|
|
tty3
|
|
tty4
|
|
tty5
|
|
tty6
|
|
tty7
|
|
tty8
|
|
tty9
|
|
tty10
|
|
tty11
|
|
tty12
|
|
|
|
# Same as above, but these only occur with devfs devices
|
|
vc/1
|
|
vc/2
|
|
vc/3
|
|
vc/4
|
|
vc/5
|
|
vc/6
|
|
vc/7
|
|
vc/8
|
|
vc/9
|
|
vc/10
|
|
vc/11
|
|
vc/12
|
|
</screen> </para>
|
|
</listitem></varlistentry>
|
|
</variablelist>
|
|
|
|
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/sensors.conf</term><listitem><para>Configuration
|
|
file for libsensors. A set of libraries designed to ascertain current
|
|
hardware states via motherboard sensor chips. Useful statistics such as core
|
|
voltages, CPU temperature can be determined through third party utilities
|
|
that make user of these libraries such as 'gkrellm'. If you do not
|
|
wish to install these packages you may also utliise the /proc filesystem
|
|
real-time nature.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/sudoers</term><listitem><para>Sudoers
|
|
file. This file must be edited with the 'visudo' command as root.
|
|
The sudo command allows an authenticated user to execute an authorized
|
|
command as root. Both the effective UID and GID are set to 0 (you are
|
|
basically root). It determines which users are authorized and which commands
|
|
they are authorized to use. Configuration of this command is via this file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/shadow</term><listitem><para>Shadow
|
|
password file on systems with shadow password software installed (PAMs).
|
|
Shadow passwords move the encrypted password from /etc/passwd into
|
|
/etc/shadow; the latter is not readable by anyone except root. This makes it
|
|
more difficult to crack passwords.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/shadow-</term><listitem><para>Old
|
|
/etc/shadow file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/sysctl.conf</term><listitem><para>Configuration
|
|
file for setting system variables, most notably kernel parameters.
|
|
'sysctl' is a means of configuring certain aspects of the kernel at
|
|
run-time, and the /proc/sys/ directory is there so that you don't even
|
|
need special tools to do it!</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/security</term><listitem><para>Essential
|
|
to security. This subdirectory allows administrators to impose quota limits,
|
|
access limits and also to configure PAM environments.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/serial.conf</term><listitem><para>Serial
|
|
port configuration. Changeable parameters include speed, baud rate, port,
|
|
irq and type.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/services</term><listitem><para>A
|
|
definition of the networks, services and the associated port for each
|
|
protocol that are available on this system. For example, web services (http)
|
|
are assigned to port 80 by default.
|
|
|
|
# /etc/services:
|
|
# $Id$
|
|
#
|
|
# Network services, Internet style
|
|
#
|
|
# Note that it is presently the policy of IANA to assign a single
|
|
# well-known port number for both TCP and UDP; hence, most entries
|
|
# here have two entries even if the protocol doesn't support UDP
|
|
# operations. Updated from RFC 1700, ``Assigned Numbers'' (October
|
|
# 1994). Not all ports are included, only the more common ones.
|
|
echo 7/tcp
|
|
echo 7/udp
|
|
discard 9/tcp sink null
|
|
discard 9/udp sink null
|
|
systat 11/tcp users
|
|
daytime 13/tcp daytime
|
|
13/udp netstat
|
|
15/tcp qotd
|
|
17/tcp quote msp
|
|
18/tcp # message send protocol
|
|
msp 18/udp # message send protocol
|
|
chargen 19/tcp ttytst source
|
|
chargen 19/udp ttytst source
|
|
ftp-data 20/tcp
|
|
ftp 21/tcp
|
|
fsp 21/udp fspd
|
|
ssh 22/tcp # SSH Remote Login Protocol
|
|
ssh 22/udp # SSH Remote Login Protocol
|
|
telnet 23/tcp
|
|
# 24 - private smtp
|
|
25/tcp mail
|
|
# 26 - unassigned
|
|
time 37/tcp timserver
|
|
time 37/udp timserver
|
|
rlp 39/udp resource # resource location
|
|
nameserver 42/tcp name # IEN 116
|
|
whois 43/tcp nicname
|
|
re-mail-ck 50/tcp # Remote Mail Checking Protocol
|
|
re-mail-ck 50/udp # Remote Mail Checking Protocol
|
|
domain 53/tcp nameserver # name-domain server domain 53/udp
|
|
nameserver netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp
|
|
netbios-dgm 138/tcp # NETBIOS Datagram Service
|
|
netbios-dgm 138/udp
|
|
netbios-ssn 139/tcp # NETBIOS session service
|
|
netbios-ssn 139/udp
|
|
x11 6000/tcp x11-0 # X windows system
|
|
x11 6000/udp x11-0 # X windows system
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/shells</term><listitem><para>Lists
|
|
trusted shells. The chsh command allows users to change their login shell
|
|
only to shells listed in this file. ftpd, the server process that provides
|
|
FTP services for a machine, will check that the user's shell is listed
|
|
in /etc/shells and will not let people log in unless the shell is listed
|
|
there. There are also some display managers that will passively or actively
|
|
(dependent upon on distribution and display manager being used) refuse a
|
|
user access to the system unless their shell is one of those listed here.
|
|
|
|
<variablelist>
|
|
<varlistentry><term></term><listitem>
|
|
<para><screen>
|
|
# /etc/shells: valid login shells
|
|
/bin/ash
|
|
/bin/bash
|
|
/bin/csh
|
|
/bin/sh
|
|
/usr/bin/es
|
|
/usr/bin/ksh
|
|
/bin/ksh
|
|
/usr/bin/rc
|
|
/usr/bin/tcsh
|
|
/bin/tcsh
|
|
/usr/bin/zsh
|
|
/bin/sash
|
|
/bin/zsh
|
|
/usr/bin/esh
|
|
</screen></para></listitem></varlistentry>
|
|
</variablelist>
|
|
|
|
</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/skel/</term><listitem><para>The
|
|
default files for each new user are stored in this directory. Each time a
|
|
new user is added, these skeleton files are copied into their home
|
|
directory. An average system would have: .alias, .bash_profile, .bashrc and
|
|
.cshrc files. Other files are left up to the system administrator.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/sysconfig/</term><listitem><para>This
|
|
directory contains configuration files and subdirectories for the setup of
|
|
system configuration specifics and for the boot process, like
|
|
'clock', which sets the timezone, or 'keyboard' which
|
|
controls the keyboard map. The contents may vary drastically depending on
|
|
which distribution and what utilities you have installed. For example, on a
|
|
Redhat or Mandrake based system it is possible to alter an endless array of
|
|
attributes from the default desktop to whether DMA should be enabled for
|
|
your IDE devices. On our Debian reference system though this folder is
|
|
almost expedient containing only two files hwconf and soundcard which are
|
|
both configured by the Redhat utilities hwconf and sndconfig respectively.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/slip</term><listitem><para>Configuration
|
|
files for the setup and operation of SLIP (serial line IP) interface.
|
|
Generally unused nowadays. This protocol has been superceded by the faster
|
|
and more efficient PPP protocol.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/screenrc</term><listitem><para>This
|
|
is the system wide screenrc. You can use this file to change the default
|
|
behavior of screen system wide or copy it to ~/.screenrc and use it as a
|
|
starting point for your own settings. Commands in this file are used to set
|
|
options, bind screen functions to keys, redefine terminal capabilities, and
|
|
to automatically establish one or more windows at the beginning of your
|
|
screen session. This is not a comprehensive list of options, look at the
|
|
screen manual for details on everything that you can put in this file.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/scrollkeeper.conf</term><listitem><para>A
|
|
free electronic cataloging system for documentation. It stores metadata
|
|
specified by the http://www.ibiblio.org/osrt/omf/ (Open Source Metadata
|
|
Framework) as well as certain metadata extracted directly from documents
|
|
(such as the table of contents). It provides various functionality
|
|
pertaining to this metadata to help browsers, such as sorting the registered
|
|
documents or searching the metadata for documents which satisfy a set of
|
|
criteria.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/ssh</term><listitem><para>'ssh'
|
|
configuration files. 'ssh' is a secure rlogin/rsh/rcp replacement
|
|
(OpenSSH). This is the portable version of OpenSSH, a free implementation of
|
|
the Secure Shell protocol as specified by the IETF secsh working group.
|
|
'ssh' (Secure Shell) is a program for logging into a remote machine
|
|
and for executing commands on a remote machine. It provides secure encrypted
|
|
communications between two untrusted hosts over an insecure network. X11
|
|
connections and arbitrary TCP/IP ports can also be forwarded over the secure
|
|
channel. It is intended as a replacement for rlogin, rsh and rcp, and can be
|
|
used to provide applications with a secure communication channel. It should
|
|
be noted that in some countries, particularly Iraq, and Pakistan, it may be
|
|
illegal to use any encryption at all without a special permit.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/syslog.conf</term><listitem><para>Lists
|
|
where log files should go, what messages are written to them and the level
|
|
of verbosity. It is also now possible to filter based on message content,
|
|
message integrity, message encryption (near future), portability and better
|
|
network forwarding.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/termcap</term><listitem><para>The
|
|
terminal capability database. Describes the "escape sequences" by
|
|
which various terminals can be controlled. Programs are written so that
|
|
instead of directly outputting an escape sequence that only works on a
|
|
particular brand of terminal, they look up the correct sequence to do
|
|
whatever it is they want to do in /etc/termcap. As a result most programs
|
|
work with most kinds of terminals.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/timezone</term><listitem><para>local
|
|
timezone.</para></listitem></varlistentry><varlistentry><term>/etc/updatedb.conf</term><listitem><para>Sets
|
|
environment variables that are used by updatedb which therefore configures
|
|
the database for 'locate', a utility that locates a pattern in a
|
|
database of filenames and returns the filenames that match.</para>
|
|
|
|
<para><screen>
|
|
# This file sets environment variables which are used by updatedb
|
|
|
|
# filesystems which are pruned from updatedb database
|
|
PRUNEFS="NFS nfs afs proc smbfs autofs auto iso9660 ncpfs coda devpts ftpfs"
|
|
export PRUNEFS
|
|
# paths which are pruned from updatedb database
|
|
PRUNEPATHS="/tmp /usr/tmp /var/tmp /afs /amd /alex /var/spool"
|
|
export PRUNEPATHS
|
|
# netpaths which are added
|
|
NETPATHS=""
|
|
export NETPATHS
|
|
</screen></para>
|
|
</listitem></varlistentry>
|
|
|
|
|
|
<varlistentry><term>/etc/vga</term><listitem><para>The
|
|
configuration file for the svgalib is stored in this directory. svgalib
|
|
provides graphics capabilities to programs running on the system console,
|
|
without going through the X Window System. It uses direct access to the
|
|
video hardware to provide low-level access to the standard VGA and SVGA
|
|
graphics modes. It only works with some video hardware; so use with caution.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/vim</term><listitem><para>Contains
|
|
configuration files for both vim and its X based counterpart gvim. A wide
|
|
range of options can be accessed though these two files such as automatic
|
|
indentation, syntax highlighting, etc....</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/xinetd.d/</term><listitem><para>The
|
|
original 'inetd' daemon has now been superceded by the much improved
|
|
'xinetd'. 'inetd' should be run at boot time by
|
|
/etc/init.d/inetd (or /etc/rc.local on some systems). It then listens for
|
|
connections on certain Internet sockets. When a connection is found on one
|
|
of its sockets, it decides what service the socket corresponds to, and
|
|
invokes a program to service the request. After the program is finished, it
|
|
continues to listen on the socket (except in some cases). Essentially, inetd
|
|
allows running one daemon to invoke several others, reducing load on the
|
|
system. Services controlled via xinetd put their configuration files here.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/zlogin</term><listitem><para>System-wide
|
|
.zlogin file for zsh(1). This file is sourced only for login shells. It
|
|
should contain commands that should be executed only in login shells. It
|
|
should be used to set the terminal type and run a series of external
|
|
commands (fortune, msgs, from, etc.)</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/zlogout</term><listitem><para>Commands
|
|
to be executed upon user exit from the zsh. It's control is system-wide
|
|
but the .zlogout file for zsh(1) does override it in terms of importance.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/zprofile</term><listitem><para>System-wide
|
|
.zprofile file for zsh(1). This file is sourced only for login shells (i.e.
|
|
Shells invoked with "-" as the first character of argv[0], and
|
|
shells invoked with the -l flag.)</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/zshenv</term><listitem><para>System-wide
|
|
.zshenv file for zsh(1). This file is sourced on all invocations of the
|
|
shell. If the -f flag is present or if the NO_RCS option is set within this
|
|
file, all other initialization files are skipped. This file should contain
|
|
commands to set the command search path, plus other important environment
|
|
variables. This file should not contain commands that produce output or
|
|
assume the shell is attached to a tty.</para></listitem></varlistentry>
|
|
|
|
<varlistentry><term>/etc/zshrc</term><listitem><para>System-wide
|
|
.zshrc file for zsh(1). This file is sourced only for interactive shells. It
|
|
should contain commands to set up aliases, functions, options, key bindings,
|
|
etc.</para></listitem></varlistentry></variablelist></para>
|
|
|
|
<para>Compliance with the FSSTND require that the following directories, or
|
|
symbolic links to directories are required in /etc:</para>
|
|
|
|
<para><screen> /etc -- Host-specific system configuration /etc/opt
|
|
Configuration for /opt
|
|
|
|
The following directories, or symbolic links to directories must be in /etc,
|
|
if the corresponding subsystem is installed:
|
|
|
|
/etc -- Host-specific system configuration /etc/X11 Configuration for the X
|
|
Window System (optional) /etc/sgml Configuration for SGML and XML (optional)
|
|
|
|
The following files, or symbolic links to files, must be in /etc if
|
|
the corresponding subsystem is installed:
|
|
|
|
Systems that use the shadow password suite will have additional
|
|
configuration files in /etc (/etc/shadow and others) and programs in
|
|
/usr/sbin (useradd, usermod, and others).
|
|
|
|
csh.login Systemwide initialization file for C shell logins
|
|
(optional)
|
|
exports NFS filesystem access control list (optional)
|
|
fstab Static information about filesystems (optional)
|
|
ftpusers FTP daemon user access control list (optional)
|
|
gateways File which lists gateways for routed (optional)
|
|
gettydefs Speed and terminal settings used by getty (optional)
|
|
group User group file (optional)
|
|
host.conf Resolver configuration file (optional)
|
|
hosts Static information about host names (optional)
|
|
hosts.allow Host access file for TCP wrappers (optional)
|
|
hosts.deny Host access file for TCP wrappers (optional)
|
|
hosts.equiv List of trusted hosts for rlogin, rsh, rcp (optional)
|
|
hosts.lpd List of trusted hosts for lpd (optional)
|
|
inetd.conf Configuration file for inetd (optional)
|
|
inittab Configuration file for init (optional)
|
|
issue Pre-login message and identification file (optional)
|
|
ld.so.conf List of extra directories to search for shared libraries
|
|
(optional)
|
|
motd Post-login message of the day file (optional)
|
|
mtab Dynamic information about filesystems (optional)
|
|
|
|
mtab does not fit the static nature of /etc: it is excepted
|
|
for historical reasons. On some Linux systems, this may be a
|
|
symbolic link to /proc/mounts, in which case this exception is not required.
|
|
|
|
mtools.conf Configuration file for mtools (optional)
|
|
networks Static information about network names (optional)
|
|
passwd The password file (optional)
|
|
printcap The lpd printer capability database (optional)
|
|
profile Systemwide initialization file for sh shell logins (optional)
|
|
protocols IP protocol listing (optional)
|
|
resolv.conf Resolver configuration file (optional)
|
|
rpc RPC protocol listing (optional)
|
|
securetty TTY access control for root login (optional)
|
|
services Port names for network services (optional)
|
|
shells Pathnames of valid login shells (optional)
|
|
syslog.conf Configuration file for syslogd (optional)
|
|
|
|
/etc/opt : Configuration files for /opt
|
|
|
|
Host-specific configuration files for add-on application software packages
|
|
must be installed within the directory
|
|
|
|
/etc/opt/<package>, where <package> is the name of the
|
|
subtree in /opt where the static data from that package is stored. No
|
|
structure is imposed on the internal arrangement of
|
|
/etc/opt/<package>. If a configuration file must reside in a
|
|
different location in order for the package or system to function properly,
|
|
it may be placed in a location other than /etc/opt/<package>.
|
|
|
|
/etc/X11 : Configuration for the X Window System (optional) /etc/X11 is the
|
|
location for all X11 host-specific configuration. This directory is
|
|
necessary to allow local control if /usr is mounted read only. The following
|
|
files, or symbolic links to files, must be in ` /etc/X11 if the
|
|
corresponding subsystem is installed: Xconfig The configuration file for
|
|
early versions of XFree86 (optional) XF86Config The configuration file for
|
|
XFree86 versions 3 and 4 (optional) Xmodmap Global X11 keyboard modification
|
|
file (optional) Subdirectories of /etc/X11 may include those for xdm and for
|
|
any other programs (some window managers, for example) that need them.
|
|
|
|
/etc/X11/xdm holds the configuration files for xdm. These are most of the
|
|
files previously found in /usr/lib/X11/xdm. Some local variable data for xdm
|
|
is stored in /var/lib/xdm. We recommend that window managers with only one
|
|
configuration file which is a default .*wmrc file must name it system.*wmrc
|
|
(unless there is a widely-accepted alternative name) and not use a
|
|
subdirectory. Any window manager subdirectories must be identically named to
|
|
the actual window manager binary.
|
|
|
|
/etc/sgml : Configuration files for SGML
|
|
and XML (optional) Generic configuration files defining high-level
|
|
parameters of the SGML or XML systems are installed here. Files with names
|
|
*.conf indicate generic configuration files. File with names *.cat are the
|
|
DTD-specific centralized catalogs, containing references to all other
|
|
catalogs needed to use the given DTD. The super catalog file catalog
|
|
references all the centralized catalogs.
|
|
</screen></para>
|
|
|
|
</sect1>
|