mirror of
https://github.com/m8tin/cis.git
synced 2026-06-02 14:56:58 +02:00
CLEAN old default
This commit is contained in:
m8in
@@ -1,109 +0,0 @@
|
|||||||
# /etc/adduser.conf: `adduser' configuration.
|
|
||||||
# See adduser(8) and adduser.conf(5) for full documentation.
|
|
||||||
|
|
||||||
# A commented out setting indicates that this is the default in the
|
|
||||||
# code. If you need to change those settings, remove the comment and
|
|
||||||
# make your intended change.
|
|
||||||
|
|
||||||
# STDERRMSGLEVEL, STDOUTMSGLEVEL, and LOGMSGLEVEL set the minimum
|
|
||||||
# priority for messages logged to syslog/journal and the console,
|
|
||||||
# respectively.
|
|
||||||
# Values are trace, debug, info, warn, err, and fatal.
|
|
||||||
# Messages with the set priority or higher get logged to the
|
|
||||||
# respective medium.
|
|
||||||
#STDERRMSGLEVEL=warn
|
|
||||||
#STDOUTMSGLEVEL=info
|
|
||||||
#SYSLOGLEVEL=info
|
|
||||||
|
|
||||||
# The login shell to be used for all new users.
|
|
||||||
# Default: DSHELL=/bin/bash
|
|
||||||
#DSHELL=/bin/bash
|
|
||||||
|
|
||||||
# The directory in which new home directories should be created.
|
|
||||||
# Default: DHOME=/home
|
|
||||||
# DHOME=/home
|
|
||||||
|
|
||||||
# The directory from which skeletal user configuration files
|
|
||||||
# will be copied.
|
|
||||||
# Default: SKEL=/etc/skel
|
|
||||||
#SKEL=/etc/skel
|
|
||||||
|
|
||||||
# Specify inclusive ranges of UIDs and GIDs from which UIDs and GIDs
|
|
||||||
# for system users, system groups, non-system users and non-system groups
|
|
||||||
# can be dynamically allocated.
|
|
||||||
# Default: FIRST_SYSTEM_UID=100, LAST_SYSTEM_UID=999
|
|
||||||
#FIRST_SYSTEM_UID=100
|
|
||||||
#LAST_SYSTEM_UID=999
|
|
||||||
|
|
||||||
# Default: FIRST_SYSTEM_GID=100, LAST_SYSTEM_GID=999
|
|
||||||
#FIRST_SYSTEM_GID=100
|
|
||||||
#LAST_SYSTEM_GID=999
|
|
||||||
|
|
||||||
# Default: FIRST_UID=1000, LAST_UID=59999
|
|
||||||
#FIRST_UID=1000
|
|
||||||
#LAST_UID=59999
|
|
||||||
|
|
||||||
# Default: FIRST_GID=1000, LAST_GID=59999
|
|
||||||
#FIRST_GID=1000
|
|
||||||
#LAST_GID=59999
|
|
||||||
|
|
||||||
# Specify a file or a directory containing UID and GID pool.
|
|
||||||
#UID_POOL=/etc/adduser-pool.conf
|
|
||||||
#UID_POOL=/etc/adduser-pool.d/
|
|
||||||
#GID_POOL=/etc/adduser-pool.conf
|
|
||||||
#GID_POOL=/etc/adduser-pool.d/
|
|
||||||
|
|
||||||
# Specify whether each created non-system user will be
|
|
||||||
# given their own group to use.
|
|
||||||
# Default: USERGROUPS=yes
|
|
||||||
#USERGROUPS=yes
|
|
||||||
|
|
||||||
# Defines the groupname or GID of the group all newly-created
|
|
||||||
# non-system users are placed into.
|
|
||||||
# It is a configuration error to define both variables
|
|
||||||
# even if the values are consistent.
|
|
||||||
# Default: USERS_GID=undefined, USERS_GROUP=users
|
|
||||||
#USERS_GID=100
|
|
||||||
#USERS_GROUP=users
|
|
||||||
|
|
||||||
# The permissions mode for home directories of non-system users.
|
|
||||||
# Default: DIR_MODE=0750
|
|
||||||
#DIR_MODE=0750
|
|
||||||
|
|
||||||
# The permissions mode for home directories of system users.
|
|
||||||
# Default: SYS_DIR_MODE=0750
|
|
||||||
#SYS_DIR_MODE=0750
|
|
||||||
|
|
||||||
# If set to a nonempty value, new users will have quotas copied
|
|
||||||
# from that user with `edquota -p QUOTAUSER newuser'
|
|
||||||
# Default: QUOTAUSER=""
|
|
||||||
#QUOTAUSER=""
|
|
||||||
|
|
||||||
# Non-system user- and groupnames are checked against this regular
|
|
||||||
# expression.
|
|
||||||
# Default: NAME_REGEX="^[a-z][-a-z0-9_]*\$?$"
|
|
||||||
#NAME_REGEX="^[a-z][-a-z0-9_]*\$?$"
|
|
||||||
|
|
||||||
# System user- and groupnames are checked against this regular
|
|
||||||
# expression.
|
|
||||||
# Default: SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*\$?$"
|
|
||||||
#SYS_NAME_REGEX="^[A-Za-z_][-A-Za-z0-9_]*\$?$"
|
|
||||||
|
|
||||||
# When populating the newly created home directory of a non-system user,
|
|
||||||
# files in SKEL matching this regex are not copied.
|
|
||||||
# Default: SKEL_IGNORE_REGEX="\.(dpkg|ucf)-(old|new|dist|save)$"
|
|
||||||
#SKEL_IGNORE_REGEX="\.(dpkg|ucf)-(old|new|dist|save)$"
|
|
||||||
|
|
||||||
# list of groups that new non-system users will be added to
|
|
||||||
# if ADD_EXTRA_GROUPS is non-zero or set on the command line.
|
|
||||||
# Default: EXTRA_GROUPS="users"
|
|
||||||
#EXTRA_GROUPS="users"
|
|
||||||
|
|
||||||
# Setting this to something other than 0 will cause adduser to add
|
|
||||||
# newly created non-system users to the list of groups defined by
|
|
||||||
# EXTRA_GROUPS.
|
|
||||||
# Default: ADD_EXTRA_GROUPS=0
|
|
||||||
#ADD_EXTRA_GROUPS=0
|
|
||||||
|
|
||||||
# use extrausers by default
|
|
||||||
#USE_EXTRAUSERS=1
|
|
||||||
@@ -1,11 +0,0 @@
|
|||||||
# Allows user 'root' to use ssh always.
|
|
||||||
# This should prevent lockout because access is allowed without group membership.
|
|
||||||
# For details see: https://serverfault.com/questions/617081/how-to-use-both-allowgroups-and-allowusers-in-sshd-config
|
|
||||||
AllowUsers root
|
|
||||||
# 1. Create custom group 'ssh_login' of type system if not exist:
|
|
||||||
# - addgroup --system "ssh_login"
|
|
||||||
# 2. Additionally allow users of group 'ssh_login' to use ssh only:
|
|
||||||
# - adduser "${USER}" "ssh_login"
|
|
||||||
Match group ssh_login
|
|
||||||
AllowUsers *
|
|
||||||
PasswordAuthentication no
|
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
Cmnd_Alias C_JENKINS = \
|
|
||||||
/cis/updateRepositories.sh --core, \
|
|
||||||
/cis/updateRepositories.sh --scripts, \
|
|
||||||
/cis/updateRepositories.sh --definitions, \
|
|
||||||
/cis/updateRepositories.sh --states
|
|
||||||
jenkins ALL = (root) NOPASSWD: C_JENKINS
|
|
||||||
Reference in New Issue
Block a user