From: root Date: Tue, 30 Dec 2008 17:15:05 +0000 (+0100) Subject: Merge commit 'origin/template' into dns X-Git-Url: https://git.stderr.nl/gitweb?a=commitdiff_plain;h=d96d97ff949d02a5708877cfdf85d535a3b5a87a;hp=dc84e38a62813df639ae0478fe47441f732044a4;p=matthijs%2Fservers%2Fdrsnuggles.git Merge commit 'origin/template' into dns * commit 'origin/template': pam: Deny everything in pam.d/other. pam: Add default pam.d/other file. pam: Fix pam configuration for cron. pam: Don't allow console logins. pam: Allow only root to change shells and user info. pam: Add default pamd.d/{chfn,chsh,cron,login} files. pam: Remove all but one line from pam.d/su. pam: Add default pam.d/su file. --- diff --git a/etc/dnsmasq.conf b/etc/dnsmasq.conf new file mode 100644 index 0000000..933f2d5 --- /dev/null +++ b/etc/dnsmasq.conf @@ -0,0 +1,49 @@ +# See "/usr/sbin/dnsmasq --help" or /usr/share/doc/dnsmasq/examples for help on +# the options. +# +# In short, this file configures dnsmasq to use /etc/hosts for resolution of +# local names and forward the rest to a set of upstream DNS servers. + +# Never forward plain names (without a dot or domain part) +domain-needed +# Never forward (reverse queries for) addresses in the non-routed address spaces. +bogus-priv + +# Only answer queries in this domain from local sources. +local=/.drsnuggles.stderr.nl/ + +# Don't get upstream servers from resolv.conf, but use the ones listed here +no-resolv +server=193.202.115.202 +server=195.85.225.170 +server=195.3.164.19 +server=193.202.115.142 + +# Answer queries from our /etc/hosts file +expand-hosts + +# This domain is appended to the short names from /etc/hosts +domain=drsnuggles.stderr.nl + +# These options might be useful later on + +# Set the cachesize here. +#cache-size=150 + +# If you want to disable negative caching, uncomment this. +#no-negcache + +# Normally responses which come form /etc/hosts and the DHCP lease +# file have Time-To-Live set as zero, which conventionally means +# do not cache further. If you are happy to trade lower load on the +# server for potentially stale date, you can set a time-to-live (in +# seconds) here. +#local-ttl= + +# For debugging purposes, log each DNS query as it passes through +# dnsmasq. +# log-queries + +# Include a another lot of configuration options. +#conf-file=/etc/dnsmasq.more.conf +#conf-dir=/etc/dnsmasq.d diff --git a/etc/hosts b/etc/hosts new file mode 100644 index 0000000..6b82a65 --- /dev/null +++ b/etc/hosts @@ -0,0 +1,24 @@ +# /etc/hosts + +127.0.0.1 localhost + +# The following lines are desirable for IPv6 capable hosts +# (added automatically by netbase upgrade) + +::1 ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +ff02::3 ip6-allhosts + +# These entries are meant to be resolved through dnsmasq (which will also add a +# default domain suffix). +10.42.0.2 test git.stderr.nl hg.stderr.nl svn.stderr.nl +10.42.0.3 build +10.42.0.4 ldap +10.42.0.5 dns +10.42.0.254 template +10.42.0.6 mysql +10.42.0.7 www +10.42.0.8 backup diff --git a/etc/maradns/mararc b/etc/maradns/mararc new file mode 100644 index 0000000..8714892 --- /dev/null +++ b/etc/maradns/mararc @@ -0,0 +1,39 @@ +# This file configures maradns to be an authoritive-only dns server, running on +# a non-standard port. +# +# See /usr/share/doc/maradns/en/examples/example_full_mararc.gz or mararc(5) +# for more info. + +# Initialize this variable +csv2 = {} + +# Load the zone files +csv2["stderr.nl."] = "db.stderr.nl" +csv2["stdin.nl."] = "db.stdin.nl" +csv2["stdout.nl."] = "db.stdout.nl" +csv2["foresightsecurity.nl."] = "db.foresightsecurity.nl" + +# The address this DNS server runs on. If you want to bind +# to all addresses a given machine has, use "0.0.0.0". +bind_address = "127.0.0.1" + +# Run on a non-standard port, so another recursive resolver can run on port 53. +# We will be portforwarded anyway, so this doesn't matter. +dns_port = 54 + +# The directory with all of the zone files +chroot_dir = "/data/db/dns" + +# Run as user / group maradns +maradns_uid = 104 +maradns_gid = 104 + +# The number of messages we log to stdout +# 0: No messages except for fatal parsing errors and the legal disclaimer +# 1: Only startup messages logged (default) +# 2: Error queries logged +# 3: All queries logged (but not very verbosely right now) +verbose_level = 1 + +# Don't show the (long) disclaimer in syslog +hide_disclaimer = "yes"