Differences

This shows you the differences between two versions of the page.

--- openbsd:shell [2019/11/26 14:55]
jrmu
+++ openbsd:shell [2020/03/28 03:13]
jrmu
@@ Line 17: / Line 17: @@
         }
 </code>
+Update: hiding logs was causing problems
+We also hide logs in /var/logs and /var/www/logs
 Packages installed:
 <code>
+ImageMagick-6.9.10.62 image processing tools
+alpine-2.21p3       UW e-mail client
+anthy-9100hp2       japanese input method
+antiword-0.37p0     converts MSWord Documents to ASCII Text and PostScript
+apr-1.6.5p0         Apache Portable Runtime
+apr-util-1.6.1p2    companion library to APR
+argon2-20171227     C implementation of Argon2 - password hashing function
+aspell-0.60.6.1p10  spell checker designed to eventually replace Ispell
+bash-5.0.11         GNU Bourne Again Shell
+boehm-gc-7.6.0p3    garbage collection and memory leak detection for C and C++
+boost-1.66.0p7      free peer-reviewed portable C++ source libraries
+bzip2-1.0.8         block-sorting file compressor, unencumbered
+cmake-3.15.3v0      portable build system
+coreutils-8.31p1    file, shell and text manipulation utilities
 curl-7.66.0         get files from FTP, Gopher, HTTP or HTTPS servers
-intel-firmware-20191115v0 microcode update binaries for Intel CPUs
+cvsps-2.1p2         generate patchsets from CVS repositories
+cyrus-sasl-2.1.27p1 RFC 2222 SASL (Simple Authentication and Security Layer)
+db-4.6.21p7v0       Berkeley DB package, revision 4
+desktop-file-utils-0.24p0 utilities for dot.desktop entries
+djvulibre-3.5.27p6  view, decode and encode DjVu files
+docx2txt-1.4p0      command line converter from Microsoft docx to ASCII text
+elvis-2.2.0p5-no_x11 clone of the ex/vi text editor
+emacs-26.3-no_x11   GNU editor: extensible, customizable, self-documenting
+fdm-2.0             fetch, filter and deliver mail
+fetchmail-6.3.26p3  mail retrieval utility for POP2, POP3, KPOP, IMAP and more
+fftw3-3.3.8p1       C routines for computing the Discrete Fourier Transform
+fftw3-common-3.3.8p1 common files for the fftw3 packages
+figlet-2.2.5        generates ASCII banner art
+gawk-5.0.0p0        GNU awk
+gdk-pixbuf-2.38.2   graphic library for gtk+2
+geomyidae-0.34      Gopher protocol daemon
+gettext-runtime-0.20.1p0 GNU gettext runtime libraries and programs
+giflib-5.1.6        tools and library routines for working with GIF images
+git-2.23.0          GIT - Tree History Storage Tool
+glib2-2.60.7        general-purpose utility library
+gmake-4.2.1p4       GNU make
+gnupg-1.4.23p3      GNU privacy guard - a free PGP replacement
+gnupg-2.2.12p0      GNU privacy guard - a free PGP replacement
+got-0.17            game of trees version control system
+groff-1.22.4p0      GNU troff typesetter
+gtk-update-icon-cache-3.24.12 gtk+ icon theme caching utility
+hicolor-icon-theme-0.17 fallback theme of the icon theme specification
+icu4c-64.2p0        International Components for Unicode
+ii-1.7p3            minimalist IRC client
 irssi-1.2.2         modular IRC client with many features
+jasper-2.0.14       reference implementation of JPEG-2000
+jbigkit-2.1         lossless image compression library, with lightweight version
+jpeg-2.0.3v0        SIMD-accelerated JPEG codec replacement of libjpeg
+jq-1.6p0            lightweight and flexible command-line JSON processor
+jsoncpp-1.8.4p2     JSON parsing C++ API
+lcms2-2.9p0         color management library
+ledger-3.1.1p4      command line double-entry accounting ledger
+libarchive-3.4.0    multi-format archive and compression library
+libb2-0.98.1v0      library providing BLAKE2b, BLAKE2s, BLAKE2bp, BLAKE2sp
+libffi-3.2.1p5      Foreign Function Interface
+libiconv-1.16p0     character set conversion library
+libidn2-2.3.0       implementation of IDNA2008 internationalized domain names
+libraw-0.19.5       library for reading RAW files
+libtasn1-4.14       Abstract Syntax Notation One structure parser library
+libunbound-1.9.4    validating DNS resolver library
+libunistring-0.9.7  manipulate Unicode strings
+libuv-1.30.1        multi-platform library for asynchronous I/O
+libwebp-1.0.3       Google WebP image format conversion tool
+libxml-2.9.9        XML parsing library
+links-1.03p0        text browser, displays while downloading
+lua-5.3.5           powerful, light-weight programming language (version 5.3.5)
+lynx-2.8.9rel1p0    text web browser
+lz4-1.9.2           fast BSD-licensed data compression
+mariadb-client-10.3.20v1 multithreaded SQL database (client)
+mariadb-server-10.3.20v1 multithreaded SQL database (server)
+mawk-1.3.4.20171017 fast POSIX-compliant awk
+mcabber-1.1.0p4     console jabber client
+mercurial-5.0.2     fast, lightweight source control management
+multitail-6.4.2p0   multi-window tail(1) utility
 mutt-1.12.2v3-sasl  tty-based e-mail client
+nano-4.4            simple editor, inspired by Pico
+neovim-0.3.8        continuation and extension of Vim
+newsboat-2.15p0     RSS/Atom feed reader for text terminals
+nghttp2-1.39.2      library for HTTP/2
+ngircd-25           lightweight irc server
+node-10.16.3        V8 JavaScript for clients and servers
 nvi-2.1.3p2         ex/vi text editor with wide character support
+oath-toolkit-2.6.2p1 toolkit for OATH/HOTP and TOTP
+openjp2-2.3.1       open-source JPEG 2000 codec library
+p11-kit-0.23.18.1   library for loading and enumerating PKCS#11 modules
+pcre-8.41p2         perl-compatible regular expression library
 php-7.3.12          server-side HTML-embedded scripting language
+pico-5.09p20        UW text editor
+pkglocatedb-1.5     database of packages for use with locate(1)
+png-1.6.37          library for manipulating PNG images
+profanity-0.7.1     console based XMPP client
+py-pip-19.1.1       tool for installing Python packages
+py3-neovim-0.3.2p0  Python plugin support for Neovim
+py3-pip-19.1.1      tool for installing Python packages
 python-2.7.16p1     interpreted object-oriented programming language
 python-3.7.4        interpreted object-oriented programming language
 quirks-3.182        exceptions to pkg_add rules
+rhash-1.3.5p0       utility and library for computing hash sums
+rsync-3.1.3         mirroring/synchronization over low bandwidth links
+ruby-2.6.5          object oriented script language with threads
+rust-1.38.0         compiler for Rust Language
+sacc-1.00           simple console gopher client
+screen-4.6.2        multi-screen window manager
+shared-mime-info-1.10p5 shared mime database for desktops
+sic-1.2p1           simple irc client
+slrn-1.0.2p2        SLang-based newsreader
+sqlite3-3.29.0      embedded SQL implementation
+subversion-1.12.2   subversion revision control system
+tcsh-6.20.00p1      extended C-shell with many useful features
+tiff-4.0.10         tools and library routines for working with TIFF images
+tree-0.62           print ascii formatted tree of a directory structure
+trn-4.0.77p2        threaded newsreader
+uim-1.8.8p0         multilingual input method library
+uim-chewing-0.1.0p2 chewing input method for uim
+unzip-6.0p12        extract, list & test files in a ZIP archive
 vim-8.1.2061-no_x11 vi clone, many additional features
+w3m-0.5.3p8         pager/text-based web browser
+weechat-2.6         fast, light and extensible chat client
+wget-1.20.3p1       retrieve files from the web via HTTP, HTTPS and FTP
+xlsx2csv-20150318p1 convert XLSX files to CSV
+xz-5.2.4            LZMA compression and decompression tools
+zh-fonts-kc-1.05p2  extra chinese fonts
+zh-libchewing-0.5.1p0 intelligent phonetic input method library
+zip-3.0p1           create/update ZIP files compatible with PKZip(tm)
+zstd-1.4.3          zstandard fast real-time compression algorithm
+</code>
+To set the user's default prompt to  "username$ ", stick this into /etc/profile:
+<code>
+export PS1="`whoami`$ "
+</code>
+<code>
+             # chmod -R o-rx /var/log
+             # chmod o-rx /var/run/utmp
+             # chmod o-r /var/log/wtmp*
 </code>
@@ Line 57: / Line 188: @@
 # ln -s /var/www/htdocs/username /home/username/htdocs
 # chown username:username /var/www/htdocs/username /home/username/htdocs
+# edquota username
+</code>
+In /etc/httpd.conf:
+<code>
+        location "/~username/*" {
+                root "/htdocs/username"
+                request strip 1
+        }
+</code>
+In nsd zone files, create 1 subdomain per user so users get: username.shell.ircnow.org
+any new suid binary's with
+<code>
+             # find / -perm -4000
+</code>
+Check /etc/groups to make sure that no user is a member of wheel. This will prevent them from su to root even if they know the password.
+In /etc/ssh/sshd_config, turn off X11 forwarding
+Create symlinks for users so they don't complain:
+<code>
+ln -s /usr/local/bin/tclsh8.6 /usr/local/bin/tclsh
+ln -s /usr/local/bin/python3.7 /usr/local/bin/python
+</code>
+You will want to have /var/www/etc/resolv.conf to allow DNS lookup inside the chroot:
+<code>
+# mkdir /var/www/etc/
+# cp /etc/resolv.conf /var/www/etc/
+# chown -R www:daemon /var/www/etc
 </code>

IRCNow

Page Tools

Site Tools

User Tools

Differences