2 ## Copyright (C) 2019 Wind River Systems, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 DESCRIPTION = "stx-config-files"
20 SRCREV = "d778e862571957ece3c404c0c37d325769772fde"
21 SRCNAME = "config-files"
25 LICENSE = "Apache-2.0"
27 file://systemd-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
28 file://audit-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
29 file://docker-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
30 file://filesystem-scripts/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
31 file://filesystem-scripts/filesystem-scripts-1.0/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
32 file://io-scheduler/centos/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
33 file://iptables-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
34 file://lighttpd-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
35 file://logrotate-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
36 file://mlx4-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
37 file://ntp-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
38 file://openldap-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
39 file://openvswitch-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
40 file://shadow-utils-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
41 file://sudo-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
42 file://syslog-ng-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
43 file://systemd-config/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57 \
47 git://opendev.org/starlingx/${SRCNAME}.git;protocol=${PROTOCOL};rev=${SRCREV};branch=${BRANCH} \
48 file://openssh-config-rm-hmac-ripemd160.patch \
49 file://util-linux-pam-postlogin.patch \
50 file://syslog-ng-config-parse-err.patch \
51 file://syslog-ng-config-systemd-service.patch \
52 file://syslog-ng-conf-replace-match-with-message.patch \
53 file://lighttpd-init-script-chroot.patch \
65 install -m 0755 -d ${D}/${datadir}/starlingx/config-files
66 for f in $(find ./ -name '*\.spec' | cut -d '/' -f2);
68 tar -c $f -f - | tar -C ${D}/${datadir}/starlingx/config-files -xf -;
70 find ${D}/${datadir}/starlingx/config-files -name centos -exec rm -rf {} +
71 chown -R root:root ${D}/${datadir}/starlingx/config-files/
73 # For io-scheduler-config
74 mkdir -p ${D}/${sysconfdir}/udev/rules.d
75 install -m 644 ${S}/io-scheduler/centos/files/60-io-scheduler.rules ${D}/${sysconfdir}/udev/rules.d/60-io-scheduler.rules
76 rm -rf ${D}/${datadir}/starlingx/config-files/io-scheduler
80 PACKAGES += "audit-config"
81 PACKAGES += "centos-release-config"
82 PACKAGES += "dhclient-config"
83 PACKAGES += "dnsmasq-config"
84 PACKAGES += "docker-config"
85 PACKAGES += "initscripts-config"
86 PACKAGES += "filesystem-scripts"
87 PACKAGES += "haproxy-config"
88 PACKAGES += "ioscheduler-config"
89 PACKAGES += "iptables-config"
90 PACKAGES += "iscsi-initiator-utils-config"
91 PACKAGES += "lighttpd-config"
92 PACKAGES += "logrotate-config"
93 PACKAGES += "memcached-custom"
94 PACKAGES += "mlx4-config"
95 PACKAGES += "net-snmp-config"
96 PACKAGES += "nfs-utils-config"
97 PACKAGES += "ntp-config"
98 PACKAGES += "openldap-config"
99 PACKAGES += "openssh-config"
100 PACKAGES += "openvswitch-config"
101 PACKAGES += "pam-config"
102 PACKAGES += "rabbitmq-server-config"
103 PACKAGES += "rsync-config"
104 PACKAGES += "setup-config"
105 PACKAGES += "shadow-utils-config"
106 PACKAGES += "sudo-config"
107 PACKAGES += "syslog-ng-config"
108 PACKAGES += "systemd-config"
109 PACKAGES += "util-linux-config"
112 FILES_audit-config = "${datadir}/starlingx/config-files/audit-config/"
113 FILES_centos-release-config = "${datadir}/starlingx/config-files/centos-release-config/"
114 FILES_dhclient-config = "${datadir}/starlingx/config-files/dhcp-config/"
115 FILES_dnsmasq-config = "${datadir}/starlingx/config-files/dnsmasq-config/"
116 FILES_docker-config = "${datadir}/starlingx/config-files/docker-config/"
117 FILES_initscripts-config = "${datadir}/starlingx/config-files/initscripts-config/"
118 FILES_filesystem-scripts= "${datadir}/starlingx/config-files/filesystem-scripts/"
119 FILES_haproxy-config= "${datadir}/starlingx/config-files/haproxy-config/"
120 FILES_ioscheduler-config= "${sysconfdir}/udev/rules.d/60-io-scheduler.rules"
121 FILES_iptables-config= "${datadir}/starlingx/config-files/iptables-config/"
122 FILES_iscsi-initiator-utils-config = "${datadir}/starlingx/config-files/iscsi-initiator-utils-config/"
123 FILES_lighttpd-config= "${datadir}/starlingx/config-files/lighttpd-config/"
124 FILES_logrotate-config= "${datadir}/starlingx/config-files/logrotate-config/"
125 FILES_memcached-custom = "${datadir}/starlingx/config-files/memcached-custom/"
126 FILES_mlx4-config= "${datadir}/starlingx/config-files/mlx4-config/"
127 FILES_net-snmp-config= "${datadir}/starlingx/config-files/net-snmp-config/"
128 FILES_nfs-utils-config= "${datadir}/starlingx/config-files/nfs-utils-config/"
129 FILES_ntp-config= "${datadir}/starlingx/config-files/ntp-config/"
130 FILES_openldap-config= "${datadir}/starlingx/config-files/openldap-config/"
131 FILES_openssh-config= "${datadir}/starlingx/config-files/openssh-config/"
132 FILES_openvswitch-config= "${datadir}/starlingx/config-files/openvswitch-config/"
133 FILES_pam-config= "${datadir}/starlingx/config-files/pam-config/"
134 FILES_rabbitmq-server-config= "${datadir}/starlingx/config-files/rabbitmq-server-config/"
135 FILES_rsync-config= "${datadir}/starlingx/config-files/rsync-config/"
136 FILES_setup-config= "${datadir}/starlingx/config-files/setup-config/"
137 FILES_shadow-utils-config= "${datadir}/starlingx/config-files/shadow-utils-config/"
138 FILES_sudo-config= "${datadir}/starlingx/config-files/sudo-config/"
139 FILES_syslog-ng-config= "${datadir}/starlingx/config-files/syslog-ng-config/"
140 FILES_systemd-config= "${datadir}/starlingx/config-files/systemd-config/"
141 FILES_util-linux-config= "${datadir}/starlingx/config-files/util-linux-config/"
143 RDEPENDS_audit-config += " \
148 RDEPENDS_dhclient-config += "dhcp-client"
149 RDEPENDS_dnsmasq-config += "dnsmasq"
150 RDEPENDS_docker-config += "docker-ce logrotate "
151 RDEPENDS_initscripts-config += "initscripts"
152 RDEPENDS_filesystem-scripts += ""
153 RDEPENDS_haproxy-config += "haproxy"
154 RDEPENDS_ioscheduler-config += ""
155 RDEPENDS_iptables-config += "iptables"
156 RDEPENDS_iscsi-initiator-utils-config += " iscsi-initiator-utils"
157 RDEPENDS_lighttpd-config += " \
159 lighttpd-module-proxy \
160 lighttpd-module-setenv \
162 RDEPENDS_logrotate-config += " logrotate cronie"
163 RDEPENDS_memcached-custom += "memcached"
164 RDEPENDS_mlx4-config += ""
165 RDEPENDS_net-snmp-config += " \
167 net-snmp-server-snmpd \
168 net-snmp-server-snmptrapd \
170 RDEPENDS_nfs-utils-config += " nfs-utils"
171 RDEPENDS_ntp-config += " ntp"
172 RDEPENDS_openldap-config += " \
175 RRECOMMENDS_openldap-config += " \
177 openldap-backend-shell \
178 openldap-backend-passwd \
179 openldap-backend-null \
180 openldap-backend-monitor \
181 openldap-backend-meta \
182 openldap-backend-ldap \
183 openldap-backend-dnssrv \
186 openldap-overlay-proxycache \
192 RDEPENDS_openssh-config += " openssh"
193 RDEPENDS_openvswitch-config += " openvswitch"
194 RDEPENDS_pam-config += " \
199 pam-plugin-cracklib \
205 pam-plugin-faildelay \
213 pam-plugin-listfile \
214 pam-plugin-localuser \
215 pam-plugin-loginuid \
217 pam-plugin-mkhomedir \
219 pam-plugin-namespace \
222 pam-plugin-pwhistory \
225 pam-plugin-securetty \
228 pam-plugin-succeed-if \
232 pam-plugin-timestamp \
239 RDEPENDS_rabbitmq-server-config += " rabbitmq-server"
240 RDEPENDS_rsync-config += " rsync"
241 RDEPENDS_setup-config += ""
242 RDEPENDS_shadow-utils-config += " shadow"
243 RDEPENDS_sudo-config += " sudo"
244 RDEPENDS_syslog-ng-config += " syslog-ng"
245 RDEPENDS_systemd-config += " systemd"
246 RDEPENDS_util-linux-config += " util-linux"
248 pkg_postinst_ontarget_audit-config() {
249 cp -f ${datadir}/starlingx/config-files/audit-config/files/syslog.conf ${sysconfdir}/audisp/plugins.d/syslog.conf
250 chmod 640 ${sysconfdir}/audisp/plugins.d/syslog.conf
253 pkg_postinst_centos-release-config() {
254 sed 's/@PLATFORM_RELEASE@/${ORAN_REL}/' $D${datadir}/starlingx/config-files/centos-release-config/files/issue >> $D${sysconfdir}/issue
255 sed 's/@PLATFORM_RELEASE@/${ORAN_REL}/' $D${datadir}/starlingx/config-files/centos-release-config/files/issue.net >> $D${sysconfdir}/issue.net
256 chmod 644 $D${sysconfdir}/issue
257 chmod 644 $D${sysconfdir}/issue.net
260 pkg_postinst_ontarget_dhclient-config() {
261 SRCPATH=${datadir}/starlingx/config-files/dhcp-config/files
262 install -m 0755 -p ${SRCPATH}/dhclient-enter-hooks ${sysconfdir}/dhcp/dhclient-enter-hooks
263 install -m 0755 -p ${SRCPATH}/dhclient.conf ${sysconfdir}/dhcp/dhclient/dhclient.conf
264 ln -fs ${sysconfdir}/dhcp/dhclient-enter-hooks ${sysconfdir}/dhclient-enter-hooks
267 pkg_postinst_ontarget_dnsmasq-config() {
268 install -m 755 ${datadir}/starlingx/config-files/dnsmasq-config/files/init ${sysconfdir}/init.d/dnsmasq
271 pkg_postinst_ontarget_docker-config() {
272 SRCPATH=${datadir}/starlingx/config-files/docker-config/files
273 install -d -m 0755 ${sysconfdir}/systemd/system/docker.service.d
275 install -D -m 644 ${SRCPATH}/docker-pmond.conf ${sysconfdir}/pmon.d/docker.conf
276 install -D -m 644 ${SRCPATH}/docker-stx-override.conf \
277 ${sysconfdir}/systemd/system/docker.service.d/docker-stx-override.conf
278 install -D -m 644 ${SRCPATH}/docker.logrotate ${sysconfdir}/logrotate.d/docker.logrotate
281 pkg_postinst_ontarget_filesystem-scripts() {
282 SRCPATH=${datadir}/starlingx/config-files/filesystem-scripts/filesystem-scripts-1.0
283 install -D -m 755 ${SRCPATH}/uexportfs ${sysconfdir}/init.d/uexportfs
285 install -d -m 0755 /usr/lib/ocf/resource.d/platform/
286 install -D -m 755 ${SRCPATH}/nfsserver-mgmt /usr/lib/ocf/resource.d/platform/nfsserver-mgmt
288 install -p -D -m 755 ${SRCPATH}/nfs-mount ${bindir}/nfs-mount
289 install -D -m 755 ${SRCPATH}/uexportfs.service ${systemd_system_unitdir}/uexportfs.service
291 systemctl enable uexportfs.service
295 pkg_postinst_ontarget_haproxy-config() {
297 install -d -m 755 ${sysconfdir}/haproxy/errors/
298 install -m 755 ${datadir}/starlingx/config-files/haproxy-config/files/503.http ${sysconfdir}/haproxy/errors/503.http
300 install -m 644 ${datadir}/starlingx/config-files/haproxy-config/files/haproxy.service ${sysconfdir}/systemd/system/
301 install -p -D -m 0755 ${datadir}/starlingx/config-files/haproxy-config/files/haproxy.sh ${sysconfdir}/init.d/haproxy
303 /bin/systemctl disable haproxy.service
304 if test -s ${sysconfdir}/logrotate.d/haproxy ; then
305 echo '#See /etc/logrotate.d/syslog for haproxy rules' > ${sysconfdir}/logrotate.d/haproxy
309 pkg_postinst_ontarget_initscripts-config() {
310 install -d -m 755 ${sysconfdir}/sysconfig
311 install -d -m 755 ${sysconfdir}/init.d
312 install -d -m 755 ${systemd_system_unitdir}
314 SRCPATH=${datadir}/starlingx/config-files/initscripts-config/files
315 install -m 644 ${SRCPATH}/sysctl.conf ${datadir}/starlingx/stx.sysctl.conf
316 install -m 644 ${SRCPATH}/sysconfig-network.conf ${sysconfdir}/sysconfig/network
317 install -m 755 ${SRCPATH}/mountnfs.sh ${sysconfdir}/init.d/mountnfs
318 install -m 644 ${SRCPATH}/mountnfs.service ${systemd_system_unitdir}/mountnfs.service
321 cp -f ${datadir}/starlingx/stx.sysctl.conf ${sysconfdir}/sysctl.conf
322 chmod 644 ${sysconfdir}/sysctl.conf
325 pkg_postinst_ontarget_iscsi-initiator-utils-config() {
327 # package StarlingX configuration files of iscsi-initiator-utils to system folder.
329 # install -d ${libdir}/tmpfiles.d
330 # install -d ${sysconfdir}/systemd/system
331 # install -d ${datadir}/starlingx
333 SRCPATH=${datadir}/starlingx/config-files/iscsi-initiator-utils-config/files
334 tmpfilesdir=${libdir}/tmpfiles.d
336 install -m 0644 ${SRCPATH}/iscsi-cache.volatiles ${tmpfilesdir}/iscsi-cache.conf
337 install -m 0644 ${SRCPATH}/iscsi-shutdown.service ${sysconfdir}/systemd/system
338 install -m 0644 ${SRCPATH}/iscsid.conf ${datadir}/starlingx/stx.iscsid.conf
340 cp -f ${datadir}/starlingx/stx.iscsid.conf ${sysconfdir}/iscsi/iscsid.conf
341 chmod 0750 ${sysconfdir}/iscsi
342 chmod 0640 ${sysconfdir}/iscsi/iscsid.conf
344 /bin/systemctl disable iscsi-shutdown.service
347 pkg_postinst_ontarget_lighttpd-config() {
349 # StarlingX lighttpd configuration file
351 CONFDIR=${sysconfdir}/lighttpd
353 SRCPATH=${datadir}/starlingx/config-files/lighttpd-config/files
355 install -d -m 1777 ${ROOTDIR}/tmp
356 install -d ${CONFDIR}/ssl
357 install -d ${ROOTDIR}/pages/dav
358 install -m640 ${SRCPATH}/lighttpd.conf ${datadir}/starlingx/lighttpd.conf
359 install -m755 ${SRCPATH}/lighttpd.init ${datadir}/starlingx/lighttpd.init
360 install -m644 ${SRCPATH}/lighttpd-inc.conf ${CONFDIR}/lighttpd-inc.conf
361 install -m644 ${SRCPATH}/index.html.lighttpd ${ROOTDIR}/pages/index.html
363 install -d ${sysconfdir}/logrotate.d
364 install -m644 ${SRCPATH}/lighttpd.logrotate ${datadir}/starlingx/lighttpd.logrotate
365 chmod 02770 ${sysconfdir}/lighttpd
367 cp --preserve=xattr -f ${datadir}/starlingx/lighttpd.conf ${sysconfdir}/lighttpd/lighttpd.conf
368 chmod 640 ${sysconfdir}/lighttpd/lighttpd.conf
369 cp --preserve=xattr -f ${datadir}/starlingx/lighttpd.logrotate ${sysconfdir}/logrotate.d/lighttpd
370 chmod 644 ${sysconfdir}/logrotate.d/lighttpd
372 # /etc/rc.d/init.d/lighttpd is not a config file, so replace it here if it doesn't match
373 cp --preserve=xattr -f ${datadir}/starlingx/lighttpd.init ${sysconfdir}/rc.d/init.d/lighttpd
374 cp --preserve=xattr -f ${datadir}/starlingx/lighttpd.init ${sysconfdir}/init.d/lighttpd
375 chmod 755 ${sysconfdir}/rc.d/init.d/lighttpd
376 chmod 755 ${sysconfdir}/init.d/lighttpd
379 pkg_postinst_ontarget_logrotate-config() {
381 # StarlingX logrotate configuration file
383 SRCPATH=${datadir}/starlingx/config-files/logrotate-config/files
385 install -m 644 ${SRCPATH}/logrotate-cron.d ${sysconfdir}/cron.d/logrotate
386 install -m 644 ${SRCPATH}/logrotate.conf ${datadir}/starlingx/logrotate.conf
388 cp -f ${datadir}/starlingx/logrotate.conf ${sysconfdir}/logrotate.conf
389 chmod 644 ${sysconfdir}/logrotate.conf
390 mv ${sysconfdir}/cron.daily/logrotate ${sysconfdir}/logrotate.cron
391 chmod 700 ${sysconfdir}/logrotate.cron
395 pkg_postinst_ontarget_memcached-custom() {
396 # Summary: package memcached service files to system folder.
398 SRCPATH=${datadir}/starlingx/config-files/memcached-custom/files
399 install -m 644 -p ${SRCPATH}/memcached.service ${sysconfdir}/systemd/system/memcached.service
403 pkg_postinst_ontarget_mlx4-config() {
405 # Wind River Mellanox port-type configuration scripts
406 SRCPATH=${datadir}/starlingx/config-files/mlx4-config/files
408 # /bin/systemctl disable mlx4-config.service >/dev/null 2>&1
410 install -m 755 ${SRCPATH}/mlx4-configure.sh ${sysconfdir}/init.d/
411 install -m 644 ${SRCPATH}/mlx4-config.service ${systemd_system_unitdir}/
412 install -m 555 ${SRCPATH}/mlx4_core_goenabled.sh ${sysconfdir}/goenabled.d/
413 install -m 755 ${SRCPATH}/mlx4_core_config.sh ${bindir}/
415 /bin/systemctl enable mlx4-config.service >/dev/null 2>&1
419 pkg_postinst_ontarget_net-snmp-config() {
421 # package StarlingX configuration files of net-snmp to system folder.
423 SRCPATH=${datadir}/starlingx/config-files/net-snmp-config/files
425 install -d ${datadir}/snmp
427 install -m 644 ${SRCPATH}/stx.snmpd.conf ${datadir}/starlingx/stx.snmpd.conf
428 install -m 755 ${SRCPATH}/stx.snmpd ${sysconfdir}/rc.d/init.d/snmpd
429 install -m 755 ${SRCPATH}/stx.snmpd ${sysconfdir}/init.d/snmpd
430 install -m 660 ${SRCPATH}/stx.snmp.conf ${datadir}/snmp/snmp.conf
431 install -m 644 ${SRCPATH}/snmpd.service ${sysconfdir}/systemd/system/snmpd.service
434 cp -f ${datadir}/starlingx/stx.snmpd.conf ${sysconfdir}/snmp/snmpd.conf
435 chmod 640 ${sysconfdir}/snmp/snmpd.conf
436 chmod 640 ${sysconfdir}/snmp/snmptrapd.conf
438 /bin/systemctl disable snmpd.service
442 pkg_postinst_nfs-utils-config() {
444 # package customized configuration and service files of nfs-utils to system folder.
447 SRCPATH=$D${datadir}/starlingx/config-files/nfs-utils-config/files
450 install -m 755 -p -D ${SRCPATH}/nfscommon $D${sysconfdir}/init.d
451 install -m 644 -p -D ${SRCPATH}/nfscommon.service $D${systemd_system_unitdir}/
452 install -m 755 -p -D ${SRCPATH}/nfsserver $D${sysconfdir}/init.d
453 install -m 644 -p -D ${SRCPATH}/nfsserver.service $D${systemd_system_unitdir}
454 install -m 644 -p -D ${SRCPATH}/nfsmount.conf $D${datadir}/starlingx/stx.nfsmount.conf
456 cp -f $D${datadir}/starlingx/stx.nfsmount.conf $D${sysconfdir}/nfsmount.conf
457 chmod 644 $D${sysconfdir}/nfsmount.conf
459 # enable nfs services by default
465 systemctl daemon-reload
468 systemctl $OPTS enable nfscommon.service
469 systemctl $OPTS enable nfsserver.service
472 systemctl --no-block restart nfscommon.service
473 systemctl --no-block restart nfsserver.service
477 pkg_postinst_ontarget_ntp-config() {
479 # StarlingX ntp configuration file
481 SRCPATH=${datadir}/starlingx/config-files/ntp-config/files
482 install -D -m644 ${SRCPATH}/ntpd.sysconfig ${datadir}/starlingx/ntpd.sysconfig
483 install -D -m644 ${SRCPATH}/ntp.conf ${datadir}/starlingx/ntp.conf
485 cp -f ${datadir}/starlingx/ntpd.sysconfig ${sysconfdir}/sysconfig/ntpd
486 cp -f ${datadir}/starlingx/ntp.conf ${sysconfdir}/ntp.conf
487 chmod 644 ${sysconfdir}/sysconfig/ntpd
488 chmod 644 ${sysconfdir}/ntp.conf
492 pkg_postinst_ontarget_openldap-config() {
494 # StarlingX openldap configuration file
496 SRCPATH=${datadir}/starlingx/config-files/openldap-config/files
498 install -m 755 ${SRCPATH}/initscript ${sysconfdir}/init.d/openldap
499 install -m 600 ${SRCPATH}/slapd.conf ${sysconfdir}/openldap/slapd.conf
501 install -m 600 ${SRCPATH}/initial_config.ldif ${sysconfdir}/openldap/initial_config.ldif
503 install -m 644 ${SRCPATH}/slapd.service ${sysconfdir}/systemd/system/slapd.service
504 install -m 644 ${SRCPATH}/slapd.sysconfig ${datadir}/starlingx/slapd.sysconfig
506 sed -i -e 's|/var/run|/run|' ${sysconfdir}/systemd/system/slapd.service
508 cp -f ${datadir}/starlingx/slapd.sysconfig ${sysconfdir}/sysconfig/slapd
509 chmod 644 ${systemd_system_unitdir}/slapd
512 pkg_postinst_openssh-config() {
514 # package StarlingX configuration files of openssh to system folder.
517 SRCPATH=$D${datadir}/starlingx/config-files/openssh-config/files
519 install -m 644 ${SRCPATH}/sshd.service $D${sysconfdir}/systemd/system/sshd.service
520 install -m 644 ${SRCPATH}/ssh_config $D${datadir}/starlingx/ssh_config
521 install -m 600 ${SRCPATH}/sshd_config $D${datadir}/starlingx/sshd_config
523 # remove the unsupported and deprecated options
524 sed -i -e 's/^\(GSSAPIAuthentication.*\)/#\1/' \
525 -e 's/^\(GSSAPICleanupCredentials.*\)/#\1/' \
526 -e 's/^\(UsePrivilegeSeparation.*\)/#\1/' \
527 $D${datadir}/starlingx/sshd_config
529 sed -i -e 's/\(GSSAPIAuthentication yes\)/#\1/' $D${datadir}/starlingx/ssh_config
531 cp -f $D${datadir}/starlingx/ssh_config $D${sysconfdir}/ssh/ssh_config
532 cp -f $D${datadir}/starlingx/sshd_config $D${sysconfdir}/ssh/sshd_config
534 # enable sshd service by default
540 systemctl daemon-reload
543 systemctl $OPTS enable sshd.service
546 systemctl --no-block restart sshd.service
551 pkg_postinst_ontarget_openvswitch-config() {
553 # StarlingX openvswitch configuration file
555 SRCPATH=${datadir}/starlingx/config-files/openvswitch-config/files
557 install -m 0644 ${SRCPATH}/ovsdb-server.pmon.conf ${sysconfdir}/openvswitch/ovsdb-server.pmon.conf
558 install -m 0644 ${SRCPATH}/ovs-vswitchd.pmon.conf ${sysconfdir}/openvswitch/ovs-vswitchd.pmon.conf
559 install -m 0640 ${SRCPATH}/etc_logrotate.d_openvswitch ${datadir}/starlingx/etc_logrotate.d_openvswitch
561 cp -f ${datadir}/starlingx/etc_logrotate.d_openvswitch ${sysconfdir}/logrotate.d/openvswitch
562 chmod 644 ${sysconfdir}/logrotate.d/openvswitch
565 pkg_postinst_ontarget_pam-config() {
567 # package StarlingX configuration files of pam to system folder.
569 SRCPATH=${datadir}/starlingx/config-files/pam-config/files
571 install -m 644 ${SRCPATH}/sshd.pam ${datadir}/starlingx/sshd.pam
572 install -m 644 ${SRCPATH}/common-account ${sysconfdir}/pam.d/common-account
573 install -m 644 ${SRCPATH}/common-auth ${sysconfdir}/pam.d/common-auth
574 install -m 644 ${SRCPATH}/common-password ${sysconfdir}/pam.d/common-password
575 install -m 644 ${SRCPATH}/common-session ${sysconfdir}/pam.d/common-session
576 install -m 644 ${SRCPATH}/common-session-noninteractive ${sysconfdir}/pam.d/common-session-noninteractive
577 install -m 644 ${SRCPATH}/system-auth.pamd ${datadir}/starlingx/stx.system-auth
579 cp -f ${datadir}/starlingx/stx.system-auth ${sysconfdir}/pam.d/system-auth
580 cp -f ${datadir}/starlingx/sshd.pam ${sysconfdir}/pam.d/sshd
583 pkg_postinst_ontarget_rabbitmq-server-config() {
585 # package StarlingX configuration files of rabbitmq-server to system folder.
587 SRCPATH=${datadir}/starlingx/config-files/rabbitmq-server-config/files
589 install -d ${libdir}/ocf/resource.d/rabbitmq
590 install -m 0755 ${SRCPATH}/rabbitmq-server.ocf ${libdir}/ocf/resource.d/rabbitmq/stx.rabbitmq-server
591 install -m 0644 ${SRCPATH}/rabbitmq-server.service.example ${sysconfdir}/systemd/system/rabbitmq-server.service
592 install -m 0644 ${SRCPATH}/rabbitmq-server.logrotate ${datadir}/starlingx/stx.rabbitmq-server.logrotate
594 sed -i -e 's/notify/simple/' ${sysconfdir}/systemd/system/rabbitmq-server.service
596 cp ${datadir}/starlingx/stx.rabbitmq-server.logrotate ${sysconfdir}/logrotate.d/rabbitmq-server
599 pkg_postinst_ontarget_rsync-config() {
601 # package StarlingX configuration files of rsync to system folder.
603 SRCPATH=${datadir}/starlingx/config-files/rsync-config/files
605 install -m 644 ${SRCPATH}/rsyncd.conf ${datadir}/starlingx/stx.rsyncd.conf
607 cp -f ${datadir}/starlingx/stx.rsyncd.conf ${sysconfdir}/rsyncd.conf
610 pkg_postinst_ontarget_setup-config() {
612 # package StarlingX configuration files of setup to system folder.
614 SRCPATH=${datadir}/starlingx/config-files/setup-config/files
616 install -m 644 ${SRCPATH}/motd ${datadir}/starlingx/stx.motd
617 install -m 644 ${SRCPATH}/prompt.sh ${sysconfdir}/profile.d/prompt.sh
618 install -m 644 ${SRCPATH}/custom.sh ${sysconfdir}/profile.d/custom.sh
620 cp -f ${datadir}/starlingx/stx.motd ${sysconfdir}/motd
621 chmod 600 ${sysconfdir}/{exports,fstab}
624 pkg_postinst_ontarget_shadow-utils-config() {
626 # StarlingX shadow-utils configuration file
628 SRCPATH=${datadir}/starlingx/config-files/shadow-utils-config/files
630 install -D -m644 ${SRCPATH}/login.defs ${datadir}/starlingx/login.defs
631 install -D -m644 ${SRCPATH}/clear_shadow_locks.service ${systemd_system_unitdir}/clear_shadow_locks.service
633 cp -f ${datadir}/starlingx/login.defs ${sysconfdir}/login.defs
634 chmod 644 ${sysconfdir}/login.defs
635 /bin/systemctl preset clear_shadow_locks.service
638 pkg_postinst_ontarget_sudo-config() {
640 # StarlingX sudo configuration file
642 SYSADMIN_P="4SuW8cnXFyxsk"
643 SRCPATH=${datadir}/starlingx/config-files/sudo-config/files
645 install -m 440 ${SRCPATH}/sysadmin.sudo ${sysconfdir}/sudoers.d/sysadmin
647 getent group sys_protected >/dev/null || groupadd -f -g 345 sys_protected
648 getent passwd sysadmin > /dev/null || \
649 useradd -m -g sys_protected -G root -d /home/sysadmin -p ${SYSADMIN_P} -s /bin/sh sysadmin 2> /dev/null || :
652 pkg_postinst_syslog-ng-config() {
654 # StarlingX syslog-ng configuration file
656 SRCPATH=$D${datadir}/starlingx/config-files/syslog-ng-config/files
658 install -D -m644 ${SRCPATH}/syslog-ng.conf $D${datadir}/starlingx/syslog-ng.conf
660 # Fix the config version to avoid warning
661 sed -i -e 's/\(@version: \).*/\1 3.19/' $D${datadir}/starlingx/syslog-ng.conf
663 # Workaround: comment out the udp source to aviod the service fail to start at boot time
664 sed -i -e 's/\(.*s_udp.*\)/#\1/' $D${datadir}/starlingx/syslog-ng.conf
666 install -D -m644 ${SRCPATH}/syslog-ng.logrotate $D${datadir}/starlingx/syslog-ng.logrotate
667 install -D -m644 ${SRCPATH}/remotelogging.conf $D${sysconfdir}/syslog-ng/remotelogging.conf
668 install -D -m700 ${SRCPATH}/fm_event_syslogger $D${sbindir}/fm_event_syslogger
669 install -D -m644 ${SRCPATH}/syslog-ng.service $D${datadir}/starlingx/syslog-ng.service
671 cp -f $D${datadir}/starlingx/syslog-ng.conf $D${sysconfdir}/syslog-ng/syslog-ng.conf
672 chmod 644 $D${sysconfdir}/syslog-ng/syslog-ng.conf
673 cp -f $D${datadir}/starlingx/syslog-ng.logrotate $D${sysconfdir}/logrotate.d/syslog
674 chmod 644 $D${sysconfdir}/logrotate.d/syslog
675 cp -f $D${datadir}/starlingx/syslog-ng.service $D${systemd_system_unitdir}/syslog-ng.service
676 chmod 644 $D${systemd_system_unitdir}/syslog-ng.service
678 # enable syslog-ng service by default
684 systemctl daemon-reload
687 systemctl $OPTS enable syslog-ng.service
690 systemctl --no-block restart syslog-ng.service
694 pkg_postinst_ontarget_systemd-config() {
696 # StarlingX systemd configuration file
698 SRCPATH=${datadir}/starlingx/config-files/systemd-config/files
700 install -m644 ${SRCPATH}/60-persistent-storage.rules ${sysconfdir}/udev/rules.d/60-persistent-storage.rules
701 install -m644 ${SRCPATH}/journald.conf ${datadir}/starlingx/journald.conf
702 install -m644 ${SRCPATH}/systemd.conf.tmpfiles.d ${sysconfdir}/tmpfiles.d/systemd.conf
703 install -m644 ${SRCPATH}/tmp.conf.tmpfiles.d ${sysconfdir}/tmpfiles.d/tmp.conf
704 install -m644 ${SRCPATH}/tmp.mount ${sysconfdir}/systemd/system/tmp.mount
706 cp -f ${datadir}/starlingx/journald.conf ${sysconfdir}/systemd/journald.conf
707 chmod 644 ${sysconfdir}/systemd/journald.conf
710 pkg_postinst_ontarget_util-linux-config() {
712 # package StarlingX configuration files of util-linux to system folder.
714 SRCPATH=${datadir}/starlingx/config-files/util-linux-config/files
716 install -m 644 ${SRCPATH}/stx.su ${datadir}/starlingx/stx.su
717 install -m 644 ${SRCPATH}/stx.login ${datadir}/starlingx/stx.login
718 install -m 644 ${SRCPATH}/stx.postlogin ${datadir}/starlingx/stx.postlogin
720 cp -f ${datadir}/starlingx/stx.su ${sysconfdir}/pam.d/su
721 cp -f ${datadir}/starlingx/stx.login ${sysconfdir}/pam.d/login
722 cp -f ${datadir}/starlingx/stx.postlogin ${sysconfdir}/pam.d/postlogin
726 pkg_postinst_ontarget_ioscheduler-config() {
728 # CGCS io scheduler configuration and tuning.
730 /bin/udevadm control --reload-rules
731 /bin/udevadm trigger --type=devices --subsystem-match=block
734 pkg_postinst_ontarget_iptables-config() {
736 # StarlingX iptables configuration file
738 SRCPATH=${datadir}/starlingx/config-files/iptables-config/files
740 install -m 600 ${SRCPATH}/iptables.rules ${datadir}/starlingx/iptables.rules
741 install -m 600 ${SRCPATH}/ip6tables.rules ${datadir}/starlingx/ip6tables.rules
743 cp -f S{datadir}/starlingx/iptables.rules ${sysconfdir}/sysconfig/iptables
744 chmod 600 ${sysconfdir}/sysconfig/iptables
745 cp -f ${datadir}/starlingx/ip6tables.rules ${sysconfdir}/sysconfig/ip6tables
746 chmod 600 ${sysconfdir}/sysconfig/ip6tables
747 /bin/systemctl enable iptables.service ip6tables.service >/dev/null 2>&1