Compare commits
No commits in common. "65dda1f790c03517b7ab95c67f577b9759951e1d" and "91c4c7e3248a877cbac7a38fb89b6618894b0fef" have entirely different histories.
65dda1f790
...
91c4c7e324
|
|
@ -1,2 +0,0 @@
|
||||||
dbpath = /data/mail/config/vmail.db
|
|
||||||
query = SELECT action FROM access WHERE address = '%s'
|
|
||||||
|
|
@ -38,5 +38,3 @@ smtpd_sender_login_maps = sqlite:/etc/postfix/login.cf, $virtual_alias_maps
|
||||||
|
|
||||||
smtpd_milters = unix:private/opendkim
|
smtpd_milters = unix:private/opendkim
|
||||||
non_smtpd_milters = $smtpd_milters
|
non_smtpd_milters = $smtpd_milters
|
||||||
|
|
||||||
smtpd_recipient_restrictions = check_recipient_access sqlite:/etc/postfix/access.cf
|
|
||||||
|
|
|
||||||
|
|
@ -4,4 +4,3 @@ create table mailbox (username varchar(255) not null primary key, password varch
|
||||||
|
|
||||||
create table dkim (match varchar(255) not null primary key, key varchar(255) not null);
|
create table dkim (match varchar(255) not null primary key, key varchar(255) not null);
|
||||||
create table dkim_key (key varchar(255) not null primary key, domain varchar(255) not null, selector varchar(255) not null, private_key varchar(65535) not null);
|
create table dkim_key (key varchar(255) not null primary key, domain varchar(255) not null, selector varchar(255) not null, private_key varchar(65535) not null);
|
||||||
create table access (address varchar(255) not null primary key, action varchar(255) not null);
|
|
||||||
|
|
|
||||||
|
|
@ -18,9 +18,8 @@ sudo cp 99-no-wifi-on-ethernet /etc/NetworkManager/dispatcher.d
|
||||||
sudo sed -i '$ a EXTRA_OPTS=-L 4' /etc/default/cron
|
sudo sed -i '$ a EXTRA_OPTS=-L 4' /etc/default/cron
|
||||||
```
|
```
|
||||||
|
|
||||||
## Do not log sessions
|
## Do not log cron sessions
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
sudo cp unix-no-session-log /usr/share/pam-configs
|
sudo sed -i '/pam_unix.so/ i session [success=1 default=ignore] pam_succeed_if.so service in cron quiet' /etc/pam.d/common-session-noninteractive
|
||||||
sudo pam-auth-update # Select OK to update
|
|
||||||
```
|
```
|
||||||
|
|
|
||||||
|
|
@ -1,6 +0,0 @@
|
||||||
Name: Unix authentication - no session logging
|
|
||||||
Default: yes
|
|
||||||
Priority: 257
|
|
||||||
Session-Type: Additional
|
|
||||||
Session:
|
|
||||||
[success=1 default=ignore] pam_succeed_if.so service in cron:sudo quiet
|
|
||||||
|
|
@ -5,9 +5,7 @@ Switch to your main user with `su - adminuser` afterwards.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
sudo sed -i '$ a sshlogin:*:1001:65534::/home/sshlogin:/bin/sh' /etc/passwd
|
sudo sed -i '$ a sshlogin:*:1001:65534::/home/sshlogin:/bin/sh' /etc/passwd
|
||||||
sudo sed -i '$ a Match User *' /etc/ssh/sshd_config
|
sudo cp *.conf /etc/ssh/sshd_config.d
|
||||||
sudo sed -i '$ a Include /etc/ssh/sshd_config.d/*.user' /etc/ssh/sshd_config
|
|
||||||
sudo cp *.conf *.user /etc/ssh/sshd_config.d
|
|
||||||
|
|
||||||
sudo mkdir -p /home/sshlogin/.ssh
|
sudo mkdir -p /home/sshlogin/.ssh
|
||||||
sudo chown sshlogin:root /home/sshlogin/.ssh
|
sudo chown sshlogin:root /home/sshlogin/.ssh
|
||||||
|
|
@ -15,13 +13,3 @@ sudo chown sshlogin:root /home/sshlogin/.ssh
|
||||||
|
|
||||||
* Either create a password with `sudo passwd sshlogin` or
|
* Either create a password with `sudo passwd sshlogin` or
|
||||||
* Add a key `sudo -u sshlogin editor /home/sshlogin/.ssh/authorized_keys`
|
* Add a key `sudo -u sshlogin editor /home/sshlogin/.ssh/authorized_keys`
|
||||||
* Test config for user with `sudo sshd -T -C user=sshlogin`
|
|
||||||
|
|
||||||
## Notes
|
|
||||||
|
|
||||||
> Included files do not affect the match context of the file including them.
|
|
||||||
|
|
||||||
https://bugzilla.mindrot.org/show_bug.cgi?id=2468#c26
|
|
||||||
|
|
||||||
According to the tests, the above is possible:
|
|
||||||
https://github.com/openssh/openssh-portable/blob/master/regress/servcfginclude.sh
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue