diff --git a/core/default/etc/adduser.conf b/core/default/etc/adduser.conf deleted file mode 100644 index 44f5404..0000000 --- a/core/default/etc/adduser.conf +++ /dev/null @@ -1,109 +0,0 @@ -# /etc/adduser.conf: `adduser' configuration. -# See adduser(8) and adduser.conf(5) for full documentation. - -# A commented out setting indicates that this is the default in the -# code. If you need to change those settings, remove the comment and -# make your intended change. - -# STDERRMSGLEVEL, STDOUTMSGLEVEL, and LOGMSGLEVEL set the minimum -# priority for messages logged to syslog/journal and the console, -# respectively. -# Values are trace, debug, info, warn, err, and fatal. -# Messages with the set priority or higher get logged to the -# respective medium. -#STDERRMSGLEVEL=warn -#STDOUTMSGLEVEL=info -#SYSLOGLEVEL=info - -# The login shell to be used for all new users. -# Default: DSHELL=/bin/bash -#DSHELL=/bin/bash - -# The directory in which new home directories should be created. -# Default: DHOME=/home -# DHOME=/home - -# The directory from which skeletal user configuration files -# will be copied. -# Default: SKEL=/etc/skel -#SKEL=/etc/skel - -# Specify inclusive ranges of UIDs and GIDs from which UIDs and GIDs -# for system users, system groups, non-system users and non-system groups -# can be dynamically allocated. -# Default: FIRST_SYSTEM_UID=100, LAST_SYSTEM_UID=999 -#FIRST_SYSTEM_UID=100 -#LAST_SYSTEM_UID=999 - -# Default: FIRST_SYSTEM_GID=100, LAST_SYSTEM_GID=999 -#FIRST_SYSTEM_GID=100 -#LAST_SYSTEM_GID=999 - -# Default: FIRST_UID=1000, LAST_UID=59999 -#FIRST_UID=1000 -#LAST_UID=59999 - -# Default: FIRST_GID=1000, LAST_GID=59999 -#FIRST_GID=1000 -#LAST_GID=59999 - -# Specify a file or a directory containing UID and GID pool. -#UID_POOL=/etc/adduser-pool.conf -#UID_POOL=/etc/adduser-pool.d/ -#GID_POOL=/etc/adduser-pool.conf -#GID_POOL=/etc/adduser-pool.d/ - -# Specify whether each created non-system user will be -# given their own group to use. -# Default: USERGROUPS=yes -#USERGROUPS=yes - -# Defines the groupname or GID of the group all newly-created -# non-system users are placed into. -# It is a configuration error to define both variables -# even if the values are consistent. -# Default: USERS_GID=undefined, USERS_GROUP=users -#USERS_GID=100 -#USERS_GROUP=users - -# The permissions mode for home directories of non-system users. -# Default: DIR_MODE=0750 -#DIR_MODE=0750 - -# The permissions mode for home directories of system users. -# Default: SYS_DIR_MODE=0750 -#SYS_DIR_MODE=0750 - -# If set to a nonempty value, new users will have quotas copied -# from that user with `edquota -p QUOTAUSER newuser' -# Default: QUOTAUSER="" -#QUOTAUSER="" - -# Non-system user- and groupnames are checked against this regular -# expression. -# Default: NAME_REGEX="^[a-z][-a-z0-9_]*\$?$" -#NAME_REGEX="^[a-z][-a-z0-9_]*\$?$" - -# System user- and groupnames are checked against this regular -# expression. -# Default: SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*\$?$" -#SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*\$?$" - -# When populating the newly created home directory of a non-system user, -# files in SKEL matching this regex are not copied. -# Default: SKEL_IGNORE_REGEX="\.(dpkg|ucf)-(old|new|dist|save)$" -#SKEL_IGNORE_REGEX="\.(dpkg|ucf)-(old|new|dist|save)$" - -# list of groups that new non-system users will be added to -# if ADD_EXTRA_GROUPS is non-zero or set on the command line. -# Default: EXTRA_GROUPS="users" -#EXTRA_GROUPS="users" - -# Setting this to something other than 0 will cause adduser to add -# newly created non-system users to the list of groups defined by -# EXTRA_GROUPS. -# Default: ADD_EXTRA_GROUPS=0 -#ADD_EXTRA_GROUPS=0 - -# use extrausers by default -#USE_EXTRAUSERS=1 diff --git a/core/default/etc/ssh/sshd_config.d/AccessRestriction.conf b/core/default/etc/ssh/sshd_config.d/AccessRestriction.conf deleted file mode 100644 index 3bffc5c..0000000 --- a/core/default/etc/ssh/sshd_config.d/AccessRestriction.conf +++ /dev/null @@ -1,11 +0,0 @@ -# Allows user 'root' to use ssh always. -# This should prevent lockout because access is allowed without group membership. -# For details see: https://serverfault.com/questions/617081/how-to-use-both-allowgroups-and-allowusers-in-sshd-config -AllowUsers root -# 1. Create custom group 'ssh_login' of type system if not exist: -# - addgroup --system "ssh_login" -# 2. Additionally allow users of group 'ssh_login' to use ssh only: -# - adduser "${USER}" "ssh_login" -Match group ssh_login - AllowUsers * - PasswordAuthentication no diff --git a/core/default/etc/sudoers.d/allow-jenkins-updateRepositories b/core/default/etc/sudoers.d/allow-jenkins-updateRepositories deleted file mode 100644 index 804dba5..0000000 --- a/core/default/etc/sudoers.d/allow-jenkins-updateRepositories +++ /dev/null @@ -1,6 +0,0 @@ -Cmnd_Alias C_JENKINS = \ - /cis/updateRepositories.sh --core, \ - /cis/updateRepositories.sh --scripts, \ - /cis/updateRepositories.sh --definitions, \ - /cis/updateRepositories.sh --states -jenkins ALL = (root) NOPASSWD: C_JENKINS