From 7240bd1ec97e7d99ba14ddfa070469cf43f06f54 Mon Sep 17 00:00:00 2001 From: Joshua Dye Date: Fri, 3 Aug 2018 11:15:47 -0400 Subject: [PATCH] committing changes in /etc after apt run Package changes: -bind9 1:9.11.3+dfsg-2 armhf -bind9-host 1:9.11.3+dfsg-2 armhf -bind9utils 1:9.11.3+dfsg-2 armhf -binutils 2.30-22+rpi1 armhf -binutils-arm-linux-gnueabihf 2.30-22+rpi1 armhf -binutils-common 2.30-22+rpi1 armhf -blends-tasks 0.7.0 all +bind9 1:9.11.4+dfsg-2 armhf +bind9-host 1:9.11.4+dfsg-2 armhf +bind9utils 1:9.11.4+dfsg-2 armhf +binutils 2.30.90.20180710-1+rpi1 armhf +binutils-arm-linux-gnueabihf 2.30.90.20180710-1+rpi1 armhf +binutils-common 2.30.90.20180710-1+rpi1 armhf +blends-tasks 0.7.2 all -bsdutils 1:2.32-0.1 armhf +bsdutils 1:2.32-0.3 armhf -certbot 0.25.0-1 all +certbot 0.26.1-1 all -cpp 4:7.3.0-3+rpi1 armhf +cpp 4:8.1.0-1+rpi1 armhf +cpp-8 8.1.0-12+rpi1 armhf -debconf 1.5.67 all -debconf-i18n 1.5.67 all -debconf-utils 1.5.67 all +debconf 1.5.69 all +debconf-i18n 1.5.69 all +debconf-utils 1.5.69 all -dh-python 3.20180326 all +dh-python 3.20180723 all -dirmngr 2.2.8-3 armhf +dirmngr 2.2.9-1+rpi1 armhf -dnsutils 1:9.11.3+dfsg-2 armhf +dnsutils 1:9.11.4+dfsg-2 armhf -e2fslibs 1.44.2-1 armhf -e2fsprogs 1.44.2-1 armhf -e2fsprogs-l10n 1.44.2-1 all +e2fslibs 1.44.3-1 armhf +e2fsprogs 1.44.3-1 armhf +e2fsprogs-l10n 1.44.3-1 all -exim4-base 4.91-5 armhf -exim4-config 4.91-5 all -exim4-daemon-light 4.91-5 armhf +exim4-base 4.91-6 armhf +exim4-config 4.91-6 all +exim4-daemon-light 4.91-6 armhf -fdisk 2.32-0.1 armhf +fdisk 2.32-0.3 armhf -g++ 4:7.3.0-3+rpi1 armhf +g++ 4:8.1.0-1+rpi1 armhf +g++-8 8.1.0-12+rpi1 armhf -gcc 4:7.3.0-3+rpi1 armhf +gcc 4:8.1.0-1+rpi1 armhf -gcc-4.9-base 4.9.4-2+rpi1+b7 armhf +gcc-4.9-base 4.9.4-2+rpi1+b19 armhf -gcc-8-base 8.1.0-9+rpi1 armhf +gcc-8 8.1.0-12+rpi1 armhf +gcc-8-base 8.1.0-12+rpi1 armhf -gdb 7.12-6+b1 armhf +gdb 8.1-4 armhf -gnupg 2.2.8-3 all -gnupg-agent 2.2.8-3 all -gnupg-l10n 2.2.8-3 all -gnupg-utils 2.2.8-3 armhf -gpg 2.2.8-3 armhf -gpg-agent 2.2.8-3 armhf -gpg-wks-client 2.2.8-3 armhf -gpg-wks-server 2.2.8-3 armhf -gpgconf 2.2.8-3 armhf -gpgsm 2.2.8-3 armhf -gpgv 2.2.8-3 armhf +gnupg 2.2.9-1+rpi1 all +gnupg-agent 2.2.9-1+rpi1 all +gnupg-l10n 2.2.9-1+rpi1 all +gnupg-utils 2.2.9-1+rpi1 armhf +gpg 2.2.9-1+rpi1 armhf +gpg-agent 2.2.9-1+rpi1 armhf +gpg-wks-client 2.2.9-1+rpi1 armhf +gpg-wks-server 2.2.9-1+rpi1 armhf +gpgconf 2.2.9-1+rpi1 armhf +gpgsm 2.2.9-1+rpi1 armhf +gpgv 2.2.9-1+rpi1 armhf -initramfs-tools 0.130 all -initramfs-tools-core 0.130 all +initramfs-tools 0.132 all +initramfs-tools-core 0.132 all -iperf 2.0.10+dfsg1-1 armhf +iperf 2.0.12+dfsg1-2 armhf -isc-dhcp-client 4.3.5-4 armhf -isc-dhcp-common 4.3.5-4 armhf -isc-dhcp-server 4.3.5-4 armhf +isc-dhcp-client 4.3.5-4+b1 armhf +isc-dhcp-common 4.3.5-4+b1 armhf +isc-dhcp-server 4.3.5-4+b1 armhf -keyutils 1.5.9-9.2 armhf -klibc-utils 2.0.4-11+rpi1 armhf +keyutils 1.5.9-9.3 armhf +klibc-utils 2.0.4-14+rpi1 armhf -libapparmor1 2.12-5 armhf +libapparmor1 2.13-6 armhf -libarchive13 3.2.2-4 armhf +libarchive13 3.2.2-4.1 armhf +libasan5 8.1.0-12+rpi1 armhf -libatomic1 8.1.0-9+rpi1 armhf +libatomic1 8.1.0-12+rpi1 armhf -libavcodec57 7:3.4.2-2+b2 armhf -libavformat57 7:3.4.2-2+b2 armhf -libavutil55 7:3.4.2-2+b2 armhf +libavcodec57 7:3.4.3-1 armhf +libavformat57 7:3.4.3-1 armhf +libavutil55 7:3.4.3-1 armhf -libbind9-160 1:9.11.3+dfsg-2 armhf -libbinutils 2.30-22+rpi1 armhf +libbind9-160 1:9.11.4+dfsg-2 armhf +libbinutils 2.30.90.20180710-1+rpi1 armhf -libblkid1 2.32-0.1 armhf +libblkid1 2.32-0.3 armhf -libboost-filesystem1.62.0 1.62.0+dfsg-6 armhf +libboost-filesystem1.62.0 1.62.0+dfsg-8 armhf -libboost-iostreams1.62.0 1.62.0+dfsg-6 armhf -libboost-system1.62.0 1.62.0+dfsg-6 armhf +libboost-iostreams1.62.0 1.62.0+dfsg-8 armhf +libboost-system1.62.0 1.62.0+dfsg-8 armhf -libc-bin 2.27-3+rpi1 armhf -libc-dev-bin 2.27-3+rpi1 armhf -libc-l10n 2.27-3+rpi1 all -libc6 2.27-3+rpi1 armhf -libc6-dbg 2.27-3+rpi1 armhf -libc6-dev 2.27-3+rpi1 armhf +libc-bin 2.27-5+rpi1 armhf +libc-dev-bin 2.27-5+rpi1 armhf +libc-l10n 2.27-5+rpi1 all +libc6 2.27-5+rpi1 armhf +libc6-dbg 2.27-5+rpi1 armhf +libc6-dev 2.27-5+rpi1 armhf -libcc1-0 8.1.0-9+rpi1 armhf +libcc1-0 8.1.0-12+rpi1 armhf -libcom-err2 1.44.2-1 armhf -libcomerr2 1.44.2-1 armhf +libcom-err2 1.44.3-1 armhf +libcomerr2 1.44.3-1 armhf -libcryptsetup12 2:2.0.3-4 armhf +libcryptsetup12 2:2.0.3-6 armhf -libcups2 2.2.8-4 armhf +libcups2 2.2.8-5 armhf -libcwidget3v5 0.5.17-10 armhf +libcwidget3v5 0.5.17-11 armhf -libdebconfclient0 0.243 armhf +libdebconfclient0 0.244 armhf +libdns-export1102 1:9.11.4+dfsg-2 armhf -libdns1100 1:9.11.3+dfsg-2 armhf +libdns1102 1:9.11.4+dfsg-2 armhf -libext2fs2 1.44.2-1 armhf +libext2fs2 1.44.3-1 armhf -libfdisk1 2.32-0.1 armhf +libfdisk1 2.32-0.3 armhf +libfile-homedir-perl 1.004-1 all +libfile-which-perl 1.22-1 all -libfribidi0 0.19.7-3 armhf +libfribidi0 1.0.5-1 armhf +libfstrm0 0.3.0-1+b1 armhf -libgcc1 1:8.1.0-9+rpi1 armhf +libgcc-8-dev 8.1.0-12+rpi1 armhf +libgcc1 1:8.1.0-12+rpi1 armhf -libgdk-pixbuf2.0-0 2.36.11-2 armhf -libgdk-pixbuf2.0-bin 2.36.11-2 armhf -libgdk-pixbuf2.0-common 2.36.11-2 all +libgdk-pixbuf2.0-0 2.36.12-1 armhf +libgdk-pixbuf2.0-bin 2.36.12-1 armhf +libgdk-pixbuf2.0-common 2.36.12-1 all -libgl1-mesa-dri 18.1.3-1 armhf -libglapi-mesa 18.1.3-1 armhf +libgl1-mesa-dri 18.1.4-1 armhf +libglapi-mesa 18.1.4-1 armhf -libglx-mesa0 18.1.3-1 armhf +libglx-mesa0 18.1.4-1 armhf -libgnutls-dane0 3.5.18-1 armhf -libgnutls30 3.5.18-1 armhf -libgomp1 8.1.0-9+rpi1 armhf -libgpg-error0 1.31-1 armhf +libgnutls-dane0 3.5.19-1 armhf +libgnutls30 3.5.19-1 armhf +libgomp1 8.1.0-12+rpi1 armhf +libgpg-error0 1.32-1 armhf -libharfbuzz0b 1.8.2-2 armhf +libharfbuzz0b 1.8.4-1+rpi1 armhf -libio-socket-ssl-perl 2.056-1 all +libio-socket-ssl-perl 2.058-1 all -libirs-export160 1:9.11.3+dfsg-2 armhf -libirs160 1:9.11.3+dfsg-2 armhf +libirs-export160 1:9.11.4+dfsg-2 armhf +libirs160 1:9.11.4+dfsg-2 armhf -libisc-export169 1:9.11.3+dfsg-2 armhf +libisc-export169 1:9.11.4+dfsg-2 armhf -libisc169 1:9.11.3+dfsg-2 armhf -libisccc160 1:9.11.3+dfsg-2 armhf -libisccfg-export160 1:9.11.3+dfsg-2 armhf -libisccfg160 1:9.11.3+dfsg-2 armhf +libisc169 1:9.11.4+dfsg-2 armhf +libisccc160 1:9.11.4+dfsg-2 armhf +libisccfg-export160 1:9.11.4+dfsg-2 armhf +libisccfg160 1:9.11.4+dfsg-2 armhf -libjs-sphinxdoc 1.7.5-6 all +libjs-sphinxdoc 1.7.6-1 all -libkeyutils1 1.5.9-9.2 armhf -libklibc 2.0.4-11+rpi1 armhf +libkeyutils1 1.5.9-9.3 armhf +libklibc 2.0.4-14+rpi1 armhf -liblmdb0 0.9.21-1 armhf +liblmdb0 0.9.22-1 armhf -liblwres160 1:9.11.3+dfsg-2 armhf +liblwres160 1:9.11.4+dfsg-2 armhf -libmount1 2.32-0.1 armhf +libmount1 2.32-0.3 armhf -libncurses5 6.1+20180210-4 armhf -libncurses6 6.1+20180210-4 armhf -libncursesw5 6.1+20180210-4 armhf -libncursesw6 6.1+20180210-4 armhf +libncurses5 6.1+20180714-1 armhf +libncurses6 6.1+20180714-1 armhf +libncursesw5 6.1+20180714-1 armhf +libncursesw6 6.1+20180714-1 armhf -libnpth0 1.5-4 armhf +libnpth0 1.6-1 armhf -libnss-systemd 238-5 armhf +libnss-systemd 239-7 armhf -libopenmpt0 0.3.10-1 armhf +libopenmpt0 0.3.11-1 armhf -libpam-systemd 238-5 armhf +libpam-systemd 239-7 armhf -libpcre3 2:8.39-9 armhf +libpcre3 2:8.39-10 armhf -libpng-dev 1.6.34-1 armhf -libpng-tools 1.6.34-1 armhf -libpng16-16 1.6.34-1 armhf +libpng-dev 1.6.34-2+rpi1 armhf +libpng-tools 1.6.34-2+rpi1 armhf +libpng16-16 1.6.34-2+rpi1 armhf +libprotobuf-c1 1.2.1-2 armhf -libpython2.7 2.7.15-1 armhf -libpython2.7-dev 2.7.15-1 armhf -libpython2.7-minimal 2.7.15-1 armhf -libpython2.7-stdlib 2.7.15-1 armhf +libpython2.7 2.7.15-3 armhf +libpython2.7-dev 2.7.15-3 armhf +libpython2.7-minimal 2.7.15-3 armhf +libpython2.7-stdlib 2.7.15-3 armhf -libruby2.5 2.5.1-3 armhf +libruby2.5 2.5.1-5 armhf -libsmartcols1 2.32-0.1 armhf +libsmartcols1 2.32-0.3 armhf -libss2 1.44.2-1 armhf +libss2 1.44.3-1 armhf -libssh2-1 1.8.0-1 armhf +libssh2-1 1.8.0-2 armhf -libstdc++6 8.1.0-9+rpi1 armhf -libswresample2 7:3.4.2-2+b2 armhf +libstdc++-8-dev 8.1.0-12+rpi1 armhf +libstdc++6 8.1.0-12+rpi1 armhf +libswresample2 7:3.4.3-1 armhf -libsystemd0 238-5 armhf -libtalloc2 2.1.11-2 armhf +libsystemd0 239-7 armhf +libtalloc2 2.1.14-1 armhf -libtinfo5 6.1+20180210-4 armhf -libtinfo6 6.1+20180210-4 armhf +libtinfo5 6.1+20180714-1 armhf +libtinfo6 6.1+20180714-1 armhf +libubsan1 8.1.0-12+rpi1 armhf -libudev1 238-5 armhf +libudev1 239-7 armhf -libunistring2 0.9.8-1 armhf +libunistring2 0.9.10-1 armhf -libuuid1 2.32-0.1 armhf -libuv1 1.21.0-2 armhf +libuuid1 2.32-0.3 armhf +libuv1 1.22.0-3 armhf -libva-drm2 2.1.0-3 armhf -libva-x11-2 2.1.0-3 armhf -libva2 2.1.0-3 armhf +libva-drm2 2.2.0-1 armhf +libva-x11-2 2.2.0-1 armhf +libva2 2.2.0-1 armhf -libwww-perl 6.34-1 all +libwww-perl 6.35-2 all -libx264-152 2:0.152.2854+gite9a5903-2+rpi1 armhf +libx264-152 2:0.152.2854+gite9a5903-2+rpi1+b1 armhf -libxapian30 1.4.6-2 armhf +libxapian30 1.4.7-2 armhf -libxcb-dri2-0 1.13-1 armhf -libxcb-dri3-0 1.13-1 armhf -libxcb-glx0 1.13-1 armhf +libxcb-dri2-0 1.13-2 armhf +libxcb-dri3-0 1.13-2 armhf +libxcb-glx0 1.13-2 armhf -libxcb-present0 1.13-1 armhf -libxcb-render0 1.13-1 armhf -libxcb-shape0 1.13-1 armhf -libxcb-shm0 1.13-1 armhf -libxcb-sync1 1.13-1 armhf +libxcb-present0 1.13-2 armhf +libxcb-render0 1.13-2 armhf +libxcb-shape0 1.13-2 armhf +libxcb-shm0 1.13-2 armhf +libxcb-sync1 1.13-2 armhf -libxcb-xfixes0 1.13-1 armhf -libxcb1 1.13-1 armhf +libxcb-xfixes0 1.13-2 armhf +libxcb1 1.13-2 armhf -locales 2.27-3+rpi1 all +locales 2.27-5+rpi1 all -login 1:4.5-1 armhf +login 1:4.5-1.1 armhf -make 4.1-9.1 armhf +make 4.2.1-1.1 armhf -mesa-va-drivers 18.1.3-1 armhf -mesa-vdpau-drivers 18.1.3-1 armhf +mesa-va-drivers 18.1.4-1 armhf +mesa-vdpau-drivers 18.1.4-1 armhf -mount 2.32-0.1 armhf +mount 2.32-0.3 armhf -multiarch-support 2.27-3+rpi1 armhf -myrepos 1.20160123 all +multiarch-support 2.27-5+rpi1 armhf +myrepos 1.20180726 all -ncurses-base 6.1+20180210-4 all -ncurses-bin 6.1+20180210-4 armhf -ncurses-term 6.1+20180210-4 all +ncurses-base 6.1+20180714-1 all +ncurses-bin 6.1+20180714-1 armhf +ncurses-term 6.1+20180714-1 all -openssh-client 1:7.7p1-2 armhf -openssh-server 1:7.7p1-2 armhf -openssh-sftp-server 1:7.7p1-2 armhf +openssh-client 1:7.7p1-3 armhf +openssh-server 1:7.7p1-3 armhf +openssh-sftp-server 1:7.7p1-3 armhf -passwd 1:4.5-1 armhf +passwd 1:4.5-1.1 armhf -python-cryptography 2.2.2-1 armhf +python-cryptography 2.3-1 armhf -python-html5lib 0.999999999-1 all +python-html5lib 1.0.1-1 all -python-lxml 4.2.1-1 armhf +python-lxml 4.2.3-1 armhf -python2.7 2.7.15-1 armhf -python2.7-dev 2.7.15-1 armhf -python2.7-minimal 2.7.15-1 armhf +python2.7 2.7.15-3 armhf +python2.7-dev 2.7.15-3 armhf +python2.7-minimal 2.7.15-3 armhf -python3-acme 0.25.1-1 all +python3-acme 0.26.0-1 all -python3-certbot 0.25.0-1 all +python3-certbot 0.26.1-1 all -python3-cryptography 2.2.2-1 armhf +python3-cryptography 2.3-1 armhf -python3-debconf 1.5.67 all +python3-debconf 1.5.69 all -python3-magic 2:0.4.15-1 all +python3-magic 2:0.4.15-2 all -python3-ply 3.11-2 all +python3-ply 3.11-3 all -rfkill 2.32-0.1 armhf +rfkill 2.32-0.3 armhf -rsync 3.1.2-2.1 armhf +rsync 3.1.2-2.2 armhf -ruby-xmlrpc 0.3.0-1 all -ruby2.5 2.5.1-3 armhf +ruby-xmlrpc 0.3.0-2 all +ruby2.5 2.5.1-5 armhf -screen 4.6.2-1+b1 armhf +screen 4.6.2-3 armhf -ssh 1:7.7p1-2 all +ssh 1:7.7p1-3 all -sudo 1.8.23-1 armhf -systemd 238-5 armhf -systemd-sysv 238-5 armhf +sudo 1.8.23-2 armhf +systemd 239-7 armhf +systemd-sysv 239-7 armhf -udev 238-5 armhf +udev 239-7 armhf -util-linux 2.32-0.1 armhf +util-linux 2.32-0.3 armhf -va-driver-all 2.1.0-3 armhf +va-driver-all 2.2.0-1 armhf -whois 5.3.1 armhf +whois 5.3.2 armhf --- .etckeeper | 1 + group | 1 + group- | 2 +- gshadow | 1 + gshadow- | 2 +- initramfs-tools/initramfs.conf | 12 ++++++++++-- pam.d/su-l | 6 ++++++ systemd/journald.conf | 2 +- systemd/logind.conf | 1 - systemd/resolved.conf | 1 + systemd/system.conf | 1 + 11 files changed, 24 insertions(+), 6 deletions(-) create mode 100644 pam.d/su-l diff --git a/.etckeeper b/.etckeeper index 697f4a45..177126cc 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1537,6 +1537,7 @@ maybe chmod 0644 'pam.d/runuser-l' maybe chmod 0644 'pam.d/samba' maybe chmod 0644 'pam.d/sshd' maybe chmod 0644 'pam.d/su' +maybe chmod 0644 'pam.d/su-l' maybe chmod 0644 'pam.d/sudo' maybe chmod 0644 'pam.d/systemd-user' maybe chmod 0644 'passwd' diff --git a/group b/group index 89e3353b..01803057 100644 --- a/group +++ b/group @@ -60,3 +60,4 @@ vnstat:x:116: nobody:x:996: systemd-coredump:x:995: ovalwonder:x:1002:jgdye +kvm:x:106: diff --git a/group- b/group- index 6962dba1..89e3353b 100644 --- a/group- +++ b/group- @@ -59,4 +59,4 @@ duck:x:115: vnstat:x:116: nobody:x:996: systemd-coredump:x:995: -ovalwonder:x:1002: +ovalwonder:x:1002:jgdye diff --git a/gshadow b/gshadow index 11459bf5..594d9bb7 100644 --- a/gshadow +++ b/gshadow @@ -60,3 +60,4 @@ vnstat:!:: nobody:!!:: systemd-coredump:!!:: ovalwonder:!::jgdye +kvm:!:: diff --git a/gshadow- b/gshadow- index cd2b6657..11459bf5 100644 --- a/gshadow- +++ b/gshadow- @@ -59,4 +59,4 @@ duck:!:: vnstat:!:: nobody:!!:: systemd-coredump:!!:: -ovalwonder:!:: +ovalwonder:!::jgdye diff --git a/initramfs-tools/initramfs.conf b/initramfs-tools/initramfs.conf index f0f50714..dd76996c 100644 --- a/initramfs-tools/initramfs.conf +++ b/initramfs-tools/initramfs.conf @@ -38,7 +38,7 @@ BUSYBOX=auto KEYMAP=n # -# COMPRESS: [ gzip | bzip2 | lzma | lzop | xz ] +# COMPRESS: [ gzip | bzip2 | lz4 | lzma | lzop | xz ] # COMPRESS=gzip @@ -51,7 +51,7 @@ COMPRESS=gzip # DEVICE: ... # # Specify a specific network interface, like eth0 -# Overridden by optional ip= bootarg +# Overridden by optional ip= or BOOTIF= bootarg # DEVICE= @@ -62,3 +62,11 @@ DEVICE= NFSROOT=auto +# +# RUNSIZE: ... +# +# The size of the /run tmpfs mount point, like 256M or 10% +# Overridden by optional initramfs.runsize= bootarg +# + +RUNSIZE=10% diff --git a/pam.d/su-l b/pam.d/su-l new file mode 100644 index 00000000..656a139a --- /dev/null +++ b/pam.d/su-l @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth include su +account include su +password include su +session optional pam_keyinit.so force revoke +session include su diff --git a/systemd/journald.conf b/systemd/journald.conf index 12d79b33..a397799d 100644 --- a/systemd/journald.conf +++ b/systemd/journald.conf @@ -18,7 +18,7 @@ #SplitMode=uid #SyncIntervalSec=5m #RateLimitIntervalSec=30s -#RateLimitBurst=1000 +#RateLimitBurst=10000 #SystemMaxUse= #SystemKeepFree= #SystemMaxFileSize= diff --git a/systemd/logind.conf b/systemd/logind.conf index d3fcf8f3..d380a616 100644 --- a/systemd/logind.conf +++ b/systemd/logind.conf @@ -35,4 +35,3 @@ #RemoveIPC=yes #InhibitorsMax=8192 #SessionsMax=8192 -#UserTasksMax=33% diff --git a/systemd/resolved.conf b/systemd/resolved.conf index cd2c4895..56fe1376 100644 --- a/systemd/resolved.conf +++ b/systemd/resolved.conf @@ -18,5 +18,6 @@ #LLMNR=yes #MulticastDNS=yes #DNSSEC=allow-downgrade +#DNSOverTLS=no #Cache=yes #DNSStubListener=udp diff --git a/systemd/system.conf b/systemd/system.conf index fd0c6277..e5cb5c28 100644 --- a/systemd/system.conf +++ b/systemd/system.conf @@ -27,6 +27,7 @@ #RuntimeWatchdogSec=0 #ShutdownWatchdogSec=10min #CapabilityBoundingSet= +#NoNewPrivileges=no #SystemCallArchitectures= #TimerSlackNSec= #DefaultTimerAccuracySec=1min