diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2004-09-26 23:01:48 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2004-09-26 23:01:48 +0000 |
| commit | 37a090bca39674b3092ba652d31d8b28383e7f63 (patch) | |
| tree | 80b0d7c76bd54e0a1cbbe08dbd0f42da5b210f06 /proftpd | |
| parent | c82b086fc3f54999e64464201223c3cc21f41be0 (diff) | |
New more strict tweak-file.
Diffstat (limited to 'proftpd')
| -rwxr-xr-x | proftpd/proftpd_stricter.cf | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/proftpd/proftpd_stricter.cf b/proftpd/proftpd_stricter.cf new file mode 100755 index 0000000..1ea0528 --- /dev/null +++ b/proftpd/proftpd_stricter.cf @@ -0,0 +1,94 @@ +#! /usr/bin/cfengine -qf + +control: + OutputPrefix = ("${cf_prefix}") + AddInstallable = ( proftpd_reload ) + actionsequence = ( + editfiles + shellcommands + processes + ) + +editfiles: + { /etc/proftpd.conf + DefineClasses "proftpd_reload" + # + # LsDefaultOptions -> ListOptions + # + # (Replace everywhere, as the daemon fails if the + # deprecated option exists) + # + ResetSearch "1" + ReplaceAll "LsDefaultOptions" With "ListOptions" + # + # (Make sure (remaining) cfengine hacks happens outside + # of virtual hosts) + # + ResetSearch "1" + BeginGroupIfNoSuchLine "# BEGIN CFENGINE" + BeginGroupIfNoLineMatching "^[[:blank:]]*VirtualHost[[:blank:]].*" + Append "" + Append "# BEGIN CFENGINE" + Append "# END CFENGINE (no virtual hosts above this line, please!)" + EndGroup + BeginGroupIfNoLineMatching "^# BEGIN CFENGINE.*" + LocateLineMatching "^[[:blank:]]*VirtualHost[[:blank:]]" + IncrementPointer "-1" + InsertLine "" + InsertLine "# BEGIN CFENGINE" + InsertLine "# END CFENGINE (no virtual hosts above this line, please!)" + InsertLine "" + EndGroup + EndGroup + # + # (Later options override earlier ones, so care only + # about our own area from here on) + # + AbortAtLineMatching "^# END CFENGINE.*$" + # + # ListOptions "-la" + # + CatchAbort + ResetSearch "1" + LocateLineMatching "^# BEGIN CFENGINE" +# WarnIfNoLineMatching "^[[:blank:]]*ListOptions[[:blank:]].*" + BeginGroupIfNoLineMatching "^[[:blank:]]*ListOptions[[:blank:]].*" +# LocateLineMatching "^# BEGIN CFENGINE" +# InsertLine 'ListOptions "-la"' + InsertLine "DefaultRooddddt ~" + EndGroup + CatchAbort + ResetSearch "1" + LocateLineMatching "^# BEGIN CFENGINE" + LocateLineMatching "^[[:blank:]]*ListOptions[[:blank:]].*" + BeginGroupIfNoLineMatching '^[[:blank:]]*ListOptions[[:blank:]]"-la"([[:blank:]]+(#.*)?)?$' + ReplaceLineWith 'ListOptions "-la"' + EndGroup + CatchAbort + # + # DefaultRoot ~ + # + ResetSearch "1" + LocateLineMatching "^# BEGIN CFENGINE" + WarnIfNoLineMatching "^[[:blank:]]*DefaultRoot[[:blank:]].*" + BeginGroupIfNoLineMatching "^[[:blank:]]*DefaultRoot[[:blank:]].*" +# LocateLineMatching "^# BEGIN CFENGINE" + InsertLine 'DefaultRoot ~' + EndGroup + CatchAbort + ResetSearch "1" + LocateLineMatching "^# BEGIN CFENGINE" + LocateLineMatching "^[[:blank:]]*DefaultRoot[[:blank:]].*" + BeginGroupIfNoLineMatching "^[[:blank:]]*DefaultRoot[[:blank:]]+~$" + ReplaceLineWith 'DefaultRoot ~' + EndGroup + CatchAbort + # + UnsetAbort "^# END CFENGINE.*$" + } +processes: + "proftpd" restart "/etc/init.d/proftpd restart" + +shellcommands: + proftpd_reload:: + "/etc/init.d/proftpd force-reload" |