yigitcolakoglu
/
dotfiles
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

Moved root files to .local/share/root

main
Yigit Colakoglu 4 years ago
parent
6d6a931e5f
commit
639dbb6884
10 changed files with 1267 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +5
    -0
      .local/root/dwm.desktop
  2. +11
    -0
      .local/root/issue
  3. +36
    -0
      .local/root/kdialog
  4. +11
    -0
      .local/root/makeissue
  5. +13
    -0
      .local/root/motd
  6. +826
    -0
      .local/root/nancyj.flf
  7. +2
    -0
      .local/root/pam_env.conf
  8. +19
    -0
      .local/root/quark
  9. +9
    -0
      .local/root/quark.service
  10. +335
    -0
      .local/root/udevil.conf

+ 5
- 0
.local/root/dwm.desktop View File

@ -0,0 +1,5 @@
[Desktop Entry]
Encoding=UTF-8
Name=Dynamic Window Manager
Comment=Runs the window manager defined by xsession script
Exec=~/.config/X11/xinitrc

+ 11
- 0
.local/root/issue View File

@ -0,0 +1,11 @@

| \s \r
/\\ || | | |
/ \\ || | _ | \t
/ .. \\ //==\\\\ ||/= /==\\ ||/=\\ | | |/ \\ | | \\ / | \d
/ . . \\ || || || | || || | | | | | | X |
/ . . \\ \\\\==/| || \\==/ || || | | | | \\_/| / \\ | \U
/ .. .. \\ A simple, lightweight linux distribution. |
/_' `_\\ | \l on \n


+ 36
- 0
.local/root/kdialog View File

@ -0,0 +1,36 @@
#!/bin/sh
for ((i=1;i<=$#;i++));
do
if [ ${!i} = "--getsavefilename" ]
then ((i++))
filename=${!i};
fi
if [ ${!i} = "--version" ]
then
echo "someversion"
exit
fi
done;
path=$( echo ${filename%/*} )
file=$( echo ${filename##/*/} )
rm /tmp/lf-chrome-choosed
st -c lf -n lf -e $HOME/.local/bin/lf-ueberzug --selection-path=/tmp/lf-chrome-choosed
selected=$(cat /tmp/lf-chrome-choosed 2> /dev/null)
if [ ! $? = 0 ]
then
exit 1
fi
if [ -d $selected ]
then
echo "$selected$file"
else
echo $selected
fi

+ 11
- 0
.local/root/makeissue View File

@ -0,0 +1,11 @@
echo -e '\e[H\e[2J' > issue
echo -e ' \e[1;30m| \e[34m\\s \\r' >> issue
echo -e ' \e[36;1m/\\\\ \e[37m|| \e[36m| | \e[30m|' >> issue
echo -e ' \e[36m/ \\\\ \e[37m|| \e[36m| _ \e[30m| \e[32m\\t' >> issue
echo -e ' \e[1;36m/ \e[0;36m.. \e[1m\\\\ \e[37m//==\\\\\\\\ ||/= /==\\\\ ||/=\\\\ \e[36m| | |/ \\\\ | | \\\\ / \e[30m| \e[32m\\d' >> issue
echo -e ' \e[0;36m/ . . \\\\ \e[37m|| || || | || || \e[36m| | | | | | X \e[1;30m|' >> issue
echo -e ' \e[0;36m/ . . \\\\ \e[37m\\\\\\\\==/| || \\\\==/ || || \e[36m| | | | \\\\_/| / \\\\ \e[1;30m| \e[31m\\U' >> issue
echo -e ' \e[0;36m/ .. .. \\\\ \e[0;37mA simple, lightweight linux distribution. \e[1;30m|' >> issue
echo -e ' \e[0;36m/_\x27 `_\\\\ \e[1;30m| \e[35m\\l \e[0mon \e[1;33m\\n' >> issue
echo -e ' \e[0m' >> issue
echo -e '' >> issue

+ 13
- 0
.local/root/motd View File

@ -0,0 +1,13 @@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
(@@@@@@@ @@@@@@@@@@@@@@@@ @@@@@@@
@@@@@@ @@@@@@@@@@@@@ @@@@@
@@@. @@@ @@@@ @@@@
%@@, ,@@@ @@@ @@@
@@@ @@@ @@@ @@@
@@ @@@ @@@ @@
@@@ ,@@ @@@ @@/
@@@ @@. @@@ @@,
@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@@@&

+ 826
- 0
.local/root/nancyj.flf View File

@ -0,0 +1,826 @@
flf2a$ 8 6 15 -1 9
nancyj.flf
named after the login of a woman who asked me to make her a
sig. this is the font that came out of it. this is my first
attempt at a figlet font, so leave me alone.
vampyr@acs.bu.edu
$$ @
$$ @
$$ @
$$ @
$$ @
$$ @
$$ @
$$ @@
dP @
88 @
88 @
dP @
@
oo @
@
@@
dP dP @
dP dP @
@
@
@
@
@
@@
@
dP dP @
8888888 @
88 88 @
8888888 @
dP dP @
@
@@
# # @
.d8888P' @
Y8#oo#o. @
# #88 @
`88888P' @
# # @
@
@@
d8P dP @
8 8 d8' @
Y8P d8' @
d8' d8P @
d8' 8 8 @
88 Y8P @
@
@@
d88b @
8`'8 @
d8b @
d8P`8b @
d8' `8bP @
`888P'`YP @
@
@@
d8 @
88 @
.P @
@
@
@
@
@@
a88P @
d8' @
88 @
88 @
Y8. @
Y88b @
@
@@
Y88o @
`8b @
88 @
88 @
.8P @
d88Y @
@
@@
dP @
8b. 88 .d8 @
`8b88d8' @
.8P88Y8. @
8P' 88 `Y8 @
dP @
@
@@
@
dP @
88 @
88888888 @
88 @
dP @
@
@@
@
@
@
@
dP @
88 @
.P @
@@
@
@
@
88888888 @
@
@
@
@@
@
@
@
@
dP @
88 @
@
@@
d8' @
d8' @
d8' @
d8' @
d8' @
88 @
@
@@
a8888a @
d8' ..8b @
88 .P 88 @
88 d' 88 @
Y8'' .8P @
Y8888P @
@
@@
d88 @
88 @
88 @
88 @
88 @
d88P @
@
@@
d8888b. @
`88 @
.aaadP' @
88' @
88. @
Y88888P @
@
@@
d8888b. @
`88 @
aaad8' @
`88 @
.88 @
d88888P @
@
@@
dP dP @
88 88 @
88aaa88 @
88 @
88 @
dP @
@
@@
888888P @
88' @
88baaa. @
`88 @
88 @
d88888P @
@
@@
.d8888P @
88' @
88baaa. @
88` `88 @
8b. .d8 @
`Y888P' @
@
@@
d88888P @
d8' @
d8' @
d8' @
d8' @
d8' @
@
@@
.d888b. @
Y8' `8P @
d8bad8b @
88` `88 @
8b. .88 @
Y88888P @
@
@@
.d888b. @
Y8' `88 @
`8bad88 @
`88 @
d. .88 @
`8888P @
@
@@
dP @
88 @
@
@
dP @
88 @
@
@@
dP @
88 @
@
@
dP @
88 @
.P @
@@
d8 @
d8' @
d8' @
Y8. @
Y8. @
Y8 @
@
@@
@
@
aaaaaaaa @
@
88888888 @
@
@
@@
8b @
`8b @
`8b @
.8P @
.8P @
8P @
@
@@
.d8888ba @
`8' `8b @
.d8' @
d8P' @
"" @
oo @
@
@@
a88888b. @
d8' `88 @
88 d8P 88 @
88 Yo8b88 @
Y8. @
Y88888P' @
@
@@
.d888888 @
d8' 88 @
88aaaaa88a @
88 88 @
88 88 @
88 88 @
@
@@
888888ba @
88 `8b @
a88aaaa8P' @
88 `8b. @
88 .88 @
88888888P @
@
@@
a88888b. @
d8' `88 @
88 @
88 @
Y8. .88 @
Y88888P' @
@
@@
888888ba @
88 `8b @
88 88 @
88 88 @
88 .8P @
8888888P @
@
@@
88888888b @
88 @
a88aaaa @
88 @
88 @
88888888P @
@
@@
88888888b @
88 @
a88aaaa @
88 @
88 @
dP @
@
@@
.88888. @
d8' `88 @
88 @
88 YP88 @
Y8. .88 @
`88888' @
@
@@
dP dP @
88 88 @
88aaaaa88a @
88 88 @
88 88 @
dP dP @
@
@@
dP @
88 @
88 @
88 @
88 @
dP @
@
@@
dP @
88 @
88 @
88 @
88. .d8P @
`Y8888' @
@
@@
dP dP @
88 .d8' @
88aaa8P' @
88 `8b. @
88 88 @
dP dP @
@
@@
dP @
88 @
88 @
88 @
88 @
88888888P @
@
@@
8888ba.88ba @
88 `8b `8b @
88 88 88 @
88 88 88 @
88 88 88 @
dP dP dP @
@
@@
888888ba @
88 `8b @
88 88 @
88 88 @
88 88 @
dP dP @
@
@@
.88888. @
d8' `8b @
88 88 @
88 88 @
Y8. .8P @
`8888P' @
@
@@
888888ba @
88 `8b @
a88aaaa8P' @
88 @
88 @
dP @
@
@@
.88888. @
d8' `8b @
88 88 @
88 db 88 @
Y8. Y88P @
`8888PY8b @
@
@@
888888ba @
88 `8b @
a88aaaa8P' @
88 `8b. @
88 88 @
dP dP @
@
@@
.d88888b @
88. "' @
`Y88888b. @
`8b @
d8' .8P @
Y88888P @
@
@@
d888888P @
88 @
88 @
88 @
88 @
dP @
@
@@
dP dP @
88 88 @
88 88 @
88 88 @
Y8. .8P @
`Y88888P' @
@
@@
dP dP @
88 88 @
88 .8P @
88 d8' @
88 .d8P @
888888' @
@
@@
dP dP dP @
88 88 88 @
88 .8P .8P @
88 d8' d8' @
88.d8P8.d8P @
8888' Y88' @
@
@@
dP dP @
Y8. .8P @
Y8aa8P @
d8' `8b @
88 88 @
dP dP @
@
@@
dP dP @
Y8. .8P @
Y8aa8P @
88 @
88 @
dP @
@
@@
d8888888P @
.d8' @
.d8' @
.d8' @
d8' @
Y8888888P @
@
@@
8888P @
88 @
88 @
88 @
88 @
88888 @
@
@@
Yb @
`Yb @
`Yb @
`Yb @
`Yb @
88 @
@
@@
d8888 @
88 @
88 @
88 @
88 @
88888 @
@
@@
db @
d8'`8b @
`" "' @
@
@
@
@
@@
@
@
@
@
@
@
oooooooooooo @
@@
dP @
88 @
Y. @
@
@
@
@
@@
@
@
.d8888b. @
88' `88 @
88. .88 @
`88888P8 @
@
@@
dP @
88 @
88d888b. @
88' `88 @
88. .88 @
88Y8888' @
@
@@
@
@
.d8888b. @
88' `"" @
88. ... @
`88888P' @
@
@@
dP @
88 @
.d888b88 @
88' `88 @
88. .88 @
`88888P8 @
@
@@
@
@
.d8888b. @
88ooood8 @
88. ... @
`88888P' @
@
@@
.8888b @
88 " @
88aaa @
88 @
88 @
dP @
@
@@
@
@
.d8888b. @
88' `88 @
88. .88 @
`8888P88 @
.88 @
d8888P @@
dP @
88 @
88d888b. @
88' `88 @
88 88 @
dP dP @
@
@@
oo @
@
dP @
88 @
88 @
dP @
@
@@
oo @
@
dP @
88 @
88 @
88 @
88 @
dP @@
dP @
88 @
88 .dP @
88888" @
88 `8b. @
dP `YP @
@
@@
dP @
88 @
88 @
88 @
88 @
dP @
@
@@
@
@
88d8b.d8b. @
88'`88'`88 @
88 88 88 @
dP dP dP @
@
@@
@
@
88d888b. @
88' `88 @
88 88 @
dP dP @
@
@@
@
@
.d8888b. @
88' `88 @
88. .88 @
`88888P' @
@
@@
@
@
88d888b. @
88' `88 @
88. .88 @
88Y888P' @
88 @
dP @@
@
@
.d8888b. @
88' `88 @
88. .88 @
`8888P88 @
88 @
dP @@
@
@
88d888b. @
88' `88 @
88 @
dP @
@
@@
@
@
.d8888b. @
Y8ooooo. @
88 @
`88888P' @
@
@@
dP @
88 @
d8888P @
88 @
88 @
dP @
@
@@
@
@
dP dP @
88 88 @
88. .88 @
`88888P' @
@
@@
@
@
dP .dP @
88 d8' @
88 .88' @
8888P' @
@
@@
@
@
dP dP dP @
88 88 88 @
88.88b.88' @
8888P Y8P @
@
@@
@
@
dP. .dP @
`8bd8' @
.d88b. @
dP' `dP @
@
@@
@
@
dP dP @
88 88 @
88. .88 @
`8888P88 @
.88 @
d8888P @@
@
@
d888888b @
.d8P' @
.Y8P @
d888888P @
@
@@
.d88P @
8: @
.oY8. @
d8 @
8: @
`Y88b @
@
@@
dP @
88 @
"' @
dP @
88 @
"' @
@
@@
d88b. @
:8 @
.8Yo. @
8b @
:8 @
Y88P' @
@
@@
.oo. .d @
dP" "d8P @
@
@
@
@
@
@@
@
@
@
@
@
@
@
@@
@
@
@
@
@
@
@
@@
@
@
@
@
@
@
@
@@
@
@
@
@
@
@
@
@@
@
@
@
@
@
@
@
@@
@
@
@
@
@
@
@
@@
@
@
@
@
@
@
@
@@

+ 2
- 0
.local/root/pam_env.conf View File

@ -0,0 +1,2 @@
GNUPGHOME DEFAULT=@{HOME}/.local/share/gnupg
XDG_CONFIG_HOME DEFAULT=@{HOME}/.config

+ 19
- 0
.local/root/quark View File

@ -0,0 +1,19 @@
#!/usr/bin/openrc-run
depend() {
need net
need localmount
}
start() {
ebegin "Starting quark"
start-stop-daemon --background --start --exec /usr/local/bin/quark -- -p 9999 -d /home/yigit/.dotfiles/browser/startpage/dist -h 127.0.0.1
eend $?
}
stop() {
ebegin "Stopping myApp"
eend $?
}

+ 9
- 0
.local/root/quark.service View File

@ -0,0 +1,9 @@
[Unit]
Description=Quark instance on 9999 for start page
[Service]
Type=simple
ExecStart=/usr/local/bin/quark -p 9999 -d /home/yigit/.dotfiles/browser/startpage/dist -h 127.0.0.1
[Install]
WantedBy=multi-user.target

+ 335
- 0
.local/root/udevil.conf View File

@ -0,0 +1,335 @@
##############################################################################
#
# udevil configuration file /etc/udevil/udevil.conf
#
# This file controls what devices, networks, and files users may mount and
# unmount via udevil (set suid).
#
# IMPORTANT: IT IS POSSIBLE TO CREATE SERIOUS SECURITY PROBLEMS IF THIS FILE
# IS MISCONFIGURED - EDIT WITH CARE
#
# Note: For greater control for specific users, including root, copy this
# file to /etc/udevil/udevil-user-USERNAME.conf replacing USERNAME with the
# desired username (eg /etc/udevil/udevil-user-jim.conf).
#
# Format:
# OPTION = VALUE[, VALUE, ...]
#
# DO NOT USE QUOTES except literally
# Lines beginning with # are ignored
#
##############################################################################
# To log all uses of udevil, set log_file to a file path:
# log_file = /var/log/udevil.log
# Approximate number of days to retain log entries (0=forever, max=60):
log_keep_days = 10
# allowed_types determines what fstypes can be passed by a user to the u/mount
# program, what device filesystems may be un/mounted implicitly, and what
# network filesystems may be un/mounted.
# It may also include the 'file' keyword, indicating that the user is allowed
# to mount files (eg an ISO file). The $KNOWN_FILESYSTEMS variable may
# be included to include common local filesystems as well as those listed in
# /etc/filesystems and /proc/filesystems.
# allowed_types_USERNAME, if present, is used to override allowed_types for
# the specific user 'USERNAME'. For example, to allow user 'jim' to mount
# only vfat filesystems, add:
# allowed_types_jim = vfat
# Setting allowed_types = * does NOT allow all types, as this is a security
# risk, but does allow all recognized types.
# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, davfs, tmpfs, ramfs
allowed_types = $KNOWN_FILESYSTEMS, file, cifs
# allowed_users is a list of users permitted to mount and unmount with udevil.
# Wildcards (* or ?) may be used in the usernames. To allow all users,
# specify "allowed_users=*". UIDs may be included using the form UID=1000.
# For example: allowed_users = carl, UID=1000, pre*
# Also note that permission to execute udevil may be limited to users belonging
# to the group that owns /usr/bin/udevil, such as 'plugdev' or 'storage',
# depending on installation.
# allowed_users_FSTYPE, if present, is used to override allowed_users when
# mounting or unmounting a specific fstype (eg nfs, ext3, file).
# Note that when mounting a file, fstype will always be 'file' regardless of
# the internal fstype of the file.
# For example, to allow only user 'bob' to mount nfs shares, add:
# allowed_users_nfs = bob
# The root user is NOT automatically allowed to use udevil in some cases unless
# listed here (except for unmounting anything or mounting fstab devices).
allowed_users = *
# allowed_groups is a list of groups permitted to mount and unmount with
# udevil. The user MUST belong to at least one of these groups. Wildcards
# or GIDs may NOT be used in group names, but a single * may be used to allow
# all groups.
# Also note that permission to execute udevil may be limited to users belonging
# to the group that owns /usr/bin/udevil, such as 'plugdev' or 'storage',
# depending on installation.
# allowed_groups_FSTYPE, if present, is used to override allowed_groups when
# mounting or unmounting a specific fstype (eg nfs, ext3, file). For example,
# to allow only members of the 'network' group to mount smb and nfs shares,
# use both of these lines:
# allowed_groups_smbfs = network
# allowed_groups_nfs = network
# The root user is NOT automatically allowed to use udevil in some cases unless
# listed here (except for unmounting anything or mounting fstab devices).
allowed_groups = *
# allowed_media_dirs specifies the media directories in which user mount points
# may be located. The first directory which exists and does not contain a
# wildcard will be used as the default media directory (normally /media or
# /media/$USER).
# The $USER variable, if included, will be replaced with the username of the
# user running udevil. Wildcards may also be used in any directory EXCEPT the
# default. Wildcards will not match a /, except a /** suffix for recursion.
# allowed_media_dirs_FSTYPE, if present, is used to override allowed_media_dirs
# when mounting or unmounting a specific fstype (eg ext2, nfs). For example,
# to cause /media/network to be used as the default media directory for
# nfs and ftpfs mounts, use these two lines:
# allowed_media_dirs_nfs = /media/network, /media, /media/$USER
# allowed_media_dirs_ftpfs = /media/network, /media, /media/$USER
# NOTE: If you want only the user who mounted a device to have access to it
# and be allowed to unmount it, specify /media/$USER as the first
# allowed media directory (only /media/$USER is created on demand).
# IMPORTANT: If an allowed file is mounted to a media directory, the user may
# be permitted to unmount its associated loop device even though internal.
# INCLUDING /MNT HERE IS NOT RECOMMENDED. ALL ALLOWED MEDIA DIRECTORIES
# SHOULD BE OWNED AND WRITABLE ONLY BY ROOT.
allowed_media_dirs = /media/$USER, /run/media/$USER
# allowed_devices is the first criteria for what block devices users may mount
# or unmount. If a device is not listed in allowed_devices, it cannot be
# un/mounted (unless in fstab). However, even if a device is listed, other
# factors may prevent its use. For example, access to system internal devices
# will be denied to normal users even if they are included in allowed_devices.
# allowed_devices_FSTYPE, if present, is used to override allowed_devices when
# mounting or unmounting a specific fstype (eg ext3, ntfs). For example, to
# prevent all block devices containing an ext4 filesystem from being
# un/mounted use:
# allowed_devices_ext4 =
# Note: Wildcards may be used, but a wildcard will never match a /, except
# for "allowed_devices=*" which allows any device. The recommended setting is
# allowed_devices = /dev/*
# WARNING: ALLOWING USERS TO MOUNT DEVICES OUTSIDE OF /dev CAN CAUSE SERIOUS
# SECURITY PROBLEMS. DO NOT ALLOW DEVICES IN /dev/shm
allowed_devices = /dev/*
# allowed_internal_devices causes udevil to treat any listed block devices as
# removable, thus allowing normal users to un/mount them (providing they are
# also listed in allowed_devices).
# allowed_internal_devices_FSTYPE, if present, is used to override
# allowed_internal_devices when mounting or unmounting a specific fstype
# (eg ext3, ntfs). For example, to allow block devices containing a vfat
# filesystem to be un/mounted even if they are system internal devices, use:
# allowed_internal_devices_vfat = /dev/sdb*
# Some removable esata drives look like internal drives to udevil. To avoid
# this problem, they can be treated as removable with this setting.
# WARNING: SETTING A SYSTEM DEVICE HERE CAN CAUSE SERIOUS SECURITY PROBLEMS.
# allowed_internal_devices =
# allowed_internal_uuids and allowed_internal_uuids_FSTYPE work similarly to
# allowed_internal_devices, except that UUIDs are specified instead of devices.
# For example, to allow un/mounting of an internal filesystem based on UUID:
# allowed_internal_uuids = cc0c4489-8def-1e5b-a304-ab87c3cb626c0
# WARNING: SETTING A SYSTEM DEVICE HERE CAN CAUSE SERIOUS SECURITY PROBLEMS.
# allowed_internal_uuids =
# forbidden_devices is used to prevent block devices from being un/mounted
# even if other settings would allow them (except devices in fstab).
# forbidden_devices_FSTYPE, if present, is used to override
# forbidden_devices when mounting or unmounting a specific fstype
# (eg ext3, ntfs). For example, to prevent device /dev/sdd1 from being
# mounted when it contains an ntfs filesystem, use:
# forbidden_devices_ntfs = /dev/sdd1
# NOTE: device node paths are canonicalized before being tested, so forbidding
# a link to a device will have no effect.
forbidden_devices =
# allowed_networks determines what hosts may be un/mounted by udevil users when
# using nfs, cifs, smbfs, curlftpfs, ftpfs, or sshfs. Hosts may be specified
# using a hostname (eg myserver.com) or IP address (192.168.1.100).
# Wildcards may be used in hostnames and IP addresses, but CIDR notation
# (192.168.1.0/16) is NOT supported. IP v6 is supported. For example:
# allowed_networks = 127.0.0.1, 192.168.1.*, 10.0.0.*, localmachine, *.okay.com
# Or, to prevent un/mounting of any network shares, set:
# allowed_networks =
# allowed_networks_FSTYPE, if present, is used to override allowed_networks
# when mounting or unmounting a specific network fstype (eg nfs, cifs, sshfs,
# curlftpfs). For example, to limit nfs and samba shares to only local
# networks, use these two lines:
# allowed_networks_nfs = 192.168.1.*, 10.0.0.*
# allowed_networks_cifs = 192.168.1.*, 10.0.0.*
allowed_networks = *
# forbidden_networks and forbidden_networks_FSTYPE are used to specify networks
# that are never allowed, even if other settings allow them (except fstab).
# NO REVERSE LOOKUP IS PERFORMED, so including bad.com will only have an effect
# if the user uses that hostname. IP lookup is always performed, so forbidding
# an IP address will also forbid all corresponding hostnames.
forbidden_networks =
# allowed_files is used to determine what files in what directories may be
# un/mounted. A user must also have read permission on a file to mount it.
# Note: Wildcards may be used, but a wildcard will never match a /, except
# for "allowed_files=*" which allows any file, and a /** suffix, which matches
# all files recursively.
# For example, to allow only files in the /share directory to be mounted, use:
# allowed_files = /share/*
# To allow all files in the /share directory AND all subdirectories use:
# allowed_files = /share/**
# NOTE: Specifying allowed_files_FSTYPE will NOT work because the fstype of
# files is always 'file'.
allowed_files = *
# forbidden_files is used to specify files that are never allowed, even if
# other settings allow them (except fstab). Specify a full path.
# Note: Wildcards may be used, but a wildcard will never match a /, except
# for "forbidden_files = *", or a /** suffix, which matches all recursively.
# NOTE: file paths are canonicalized before being tested, so forbidding
# a link to a file will have no effect.
forbidden_files =
# default_options specifies what options are always included when performing
# a mount, in addition to any options the user may specify.
# Note: When a device is present in /etc/fstab, and the user does not specify
# a mount point, the device is mounted with normal user permissions using
# the fstab entry, without these options.
# default_options_FSTYPE, if present, is used to override default_options
# when mounting a specific fstype (eg ext2, nfs).
# The variables $USER, $UID, and $GID are changed to the user's username, UID,
# and GID.
# FOR GOOD SECURITY, default_options SHOULD ALWAYS INCLUDE: nosuid,noexec,nodev
# WARNING: OPTIONS PRESENT OR MISSING CAN CAUSE SERIOUS SECURITY PROBLEMS.
default_options = nosuid, noexec, nodev, noatime
default_options_file = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro
# mount iso9660 with 'ro' to prevent mount read-only warning
default_options_iso9660 = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro, utf8
default_options_udf = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
default_options_vfat = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, utf8
default_options_exfat = nosuid, noexec, nodev, noatime, umask=0077, uid=$UID, gid=$GID, iocharset=utf8, namecase=0, nonempty
default_options_msdos = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID
default_options_umsdos = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID
default_options_ntfs = nosuid, noexec, nodev, noatime, fmask=0133, uid=$UID, gid=$GID, utf8
default_options_cifs = nosuid, noexec, nodev, uid=$UID, gid=$GID
default_options_smbfs = nosuid, noexec, nodev, uid=$UID, gid=$GID
default_options_sshfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other
default_options_curlftpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other
default_options_ftpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
default_options_davfs = nosuid, noexec, nodev, uid=$UID, gid=$GID
default_options_tmpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
default_options_ramfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
# allowed_options determines all options that a user may specify when mounting.
# All the options used in default_options above must be included here too, or
# they will be rejected. If the user attempts to use an option not included
# here, an error will result. Wildcards may be used.
# allowed_options_FSTYPE, if present, is used to override allowed_options
# when mounting a specific fstype (eg ext2, nfs).
# The variables $USER, $UID, and $GID are changed to the user's username, UID,
# and GID.
# If you want to forbid remounts, remove 'remount' from here.
# WARNING: OPTIONS HERE CAN CAUSE SERIOUS SECURITY PROBLEMS - CHOOSE CAREFULLY
allowed_options = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, ro, rw, sync, flush, iocharset=*, utf8, remount
allowed_options_nfs = nosuid, noexec, nodev, noatime, ro, rw, sync, remount, port=*, rsize=*, wsize=*, hard, proto=*, timeo=*, retrans=*
allowed_options_cifs = nosuid, noexec, nodev, ro, rw, remount, port=*, user=*, username=*, pass=*, password=*, guest, domain=*, uid=$UID, gid=$GID, credentials=*
allowed_options_smbfs = nosuid, noexec, nodev, ro, rw, remount, port=*, user=*, username=*, pass=*, password=*, guest, domain=*, uid=$UID, gid=$GID, credentials=*
allowed_options_sshfs = nosuid, noexec, nodev, noatime, ro, rw, uid=$UID, gid=$GID, nonempty, allow_other, idmap=user, BatchMode=yes, port=*
allowed_options_curlftpfs = nosuid, noexec, nodev, noatime, ro, rw, uid=$UID, gid=$GID, nonempty, allow_other, user=*
allowed_options_ftpfs = nosuid, noexec, nodev, noatime, ro, rw, port=*, user=*, pass=*, root=*, uid=$UID, gid=$GID
allowed_options_exfat = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, umask=0077, namecase=*, ro, rw, sync, flush, iocharset=*, remount, nonempty
# mount_point_mode, if present and set to a non-empty value, will cause udevil
# to set the mode (permissions) on the moint point after mounting If not
# specified or if left empty, the mode is not changed. Mode must be octal
# starting with a zero (0755).
# mount_point_mode_FSTYPE, if present, is used to override mount_point_mode
# when mounting a specific fstype (eg ext2, nfs).
# NOT SETTING A MODE CAN HAVE SECURITY IMPLICATIONS FOR SOME FSTYPES
mount_point_mode = 0755
# don't set a mode for some types:
mount_point_mode_sshfs =
mount_point_mode_curlftpfs =
mount_point_mode_ftpfs =
# Use the settings below to change the default locations of programs used by
# udevil, or (advanced topic) to redirect commands to your scripts.
# When substituting scripts, make sure they are root-owned and accept the
# options used by udevil (for example, the mount_program must accept --fake,
# -o, -v, and other options valid to mount.)
# Be sure to specify the full path and include NO OPTIONS or other arguments.
# These programs may also be specified as configure options when building
# udevil.
# THESE PROGRAMS ARE RUN AS ROOT
# mount_program = /bin/mount
# umount_program = /bin/umount
# losetup_program = /sbin/losetup
# setfacl_program = /usr/bin/setfacl
# validate_exec specifies a program or script which provides additional
# validation of a mount or unmount command, beyond the checks performed by
# udevil. The program is run as a normal user (if root runs udevil,
# validate_exec will NOT be run). The program is NOT run if the user is
# mounting a device without root privileges (a device in fstab).
# The program is passed the username, a printable description of what is
# happening, and the entire udevil command line as the first three arguments.
# The program must return an exit status of 0 to allow the mount or unmount
# to proceed. If it returns non-zero, the user will be denied permission.
# For example, validate_exec might specify a script which notifies you
# of the command being run, or performs additional steps to authenticate the
# user.
# Specify a full path to the program, with NO options or arguments.
# validate_exec =
# validate_rootexec works similarly to validate_exec, except that the program
# is run as root. validate_rootexec will also be run if the root user runs
# udevil. If both validate_exec and validate_rootexec are specified,
# validate_rootexec will run first, followed by validate_exec.
# The program must return an exit status of 0 to allow the mount or unmount
# to proceed. If it returns non-zero, the user will be denied permission.
# Unless you are familiar with writing root scripts, it is recommended that
# rootexec settings NOT be used, as it is easy to inadvertently open exploits.
# THIS PROGRAM IS ALWAYS RUN AS ROOT, even if the user running udevil is not.
# validate_rootexec =
# success_exec is run after a successful mount, remount, or unmount. The
# program is run as a normal user (if root runs udevil, success_exec
# will NOT be run).
# The program is passed the username, a printable description of what action
# was taken, and the entire udevil command line as the first three arguments.
# The program's exit status is ignored.
# For example, success_exec might run a script which informs you of what action
# was taken, and might perform further actions.
# Specify a full path to the program, with NO options or arguments.
# success_exec =
# success_rootexec works similarly to success_exec, except that the program is
# run as root. success_rootexec will also be run if the root user runs udevil.
# If both success_exec and success_rootexec are specified, success_rootexec
# will run first, followed by success_exec.
# Unless you are familiar with writing root scripts, it is recommended that
# rootexec settings NOT be used, as it is easy to inadvertently open exploits.
# THIS PROGRAM IS ALWAYS RUN AS ROOT, even if the user running udevil is not.
# success_rootexec =

Write Preview
Loading…
Cancel
Save