[gentoo-user] transferring contents of /etc/conf.d to the config files

[gentoo-user] transferring contents of /etc/conf.d to the config files

[meino.cramer]

Hi,

I have read several docs to figure out this...all docs do changes
in /etc/conf.d but I found no hint how to transfer that settings
to the "real" configuration files of the according programs.

env-update & etc-update do not help...

What tool do I have to call to acchieve this?

Thank you very much in advance for any help!

Best regards
mcc

[gentoo-user] Re: transferring contents of /etc/conf.d to the config files

[Nikos Chantziaras]

On 10/10/2011 08:33 PM, meino.cramer@gmx.de wrote:
> Hi,
>
> I have read several docs to figure out this...all docs do changes
> in /etc/conf.d but I found no hint how to transfer that settings
> to the "real" configuration files of the according programs.

These *are* real configuration files and you don't need to transfer 
anything.

Re: [gentoo-user] transferring contents of /etc/conf.d to the config files

[Alan McKinnon]

On Mon, 10 Oct 2011 19:33:52 +0200
meino.cramer@gmx.de wrote:

> Hi,
> 
> I have read several docs to figure out this...all docs do changes
> in /etc/conf.d but I found no hint how to transfer that settings
> to the "real" configuration files of the according programs.
> 
> env-update & etc-update do not help...
> 
> What tool do I have to call to acchieve this?
> 
> Thank you very much in advance for any help!

That's not how it works.

The files in /etc/conf.d are not "included" in config files at all,
they are arguments used when the app is launched.

For example, sshd:

SSHD_CONFDIR="/etc/ssh"
SSHD_OPTS=""
SSHD_PIDFILE="/var/run/sshd.pid"
SSHD_BINARY="/usr/sbin/sshd"

None of those items can go in sshd_config except maybe the pid file,
but that can be specified on the command-line.

The Gentoo init system reads conf.d and uses the info in it to
determine hwo to launch the app.

There is other stuff in /etc/conf.d not related to specific daemons,
but the same principle applies - the system reads the files and does
the appropriate thing at strat-up.

I believe you may have the intent of conf.d and env.d confused?

-- 
Alan McKinnnon
alan.mckinnon@gmail.com

Re: [gentoo-user] transferring contents of /etc/conf.d to the config files

[Canek Peláez Valdés]

On Mon, Oct 10, 2011 at 10:33 AM,  <meino.cramer@gmx.de> wrote:
> Hi,
>
> I have read several docs to figure out this...all docs do changes
> in /etc/conf.d but I found no hint how to transfer that settings
> to the "real" configuration files of the according programs.
>
> env-update & etc-update do not help...
>
> What tool do I have to call to acchieve this?

/etc/conf.d is like /etc/sysconfig in RedHat/Fedora and /etc/default
in Debian: they were introduced to pass environment variables and
(cometimes) extra arguments to the daemons in /etc/init.d.

So, if you have /etc/init.d/foo, you can put environment variables and
(perhaps) extra args for the daemon in /etc/conf.d/foo. You don't need
to "transfer" anything; when you do

/etc/init.d/foo start

the variables in /etc/conf.d/foo are readed and passed to the daemon.

It's a distro specific directory (again, like /etc/sysconfig in
RedHat/Fedora and /etc/default in Debian), and the "real"
configuration of the daemon will probably be on /etc/foo (if at all).
The new init systemd doesn't need this kind of distro-specific thing,
instead pushing the configuration where it belongs, only in /etc/foo
(or whatever). I highly recommend it.

Regards.
-- 
Canek Peláez Valdés
Posgrado en Ciencia e Ingeniería de la Computación
Universidad Nacional Autónoma de México

Re: [gentoo-user] Re: transferring contents of /etc/conf.d to the config files

[meino.cramer]

Nikos Chantziaras <realnc@arcor.de> [11-10-10 19:52]:
> On 10/10/2011 08:33 PM, meino.cramer@gmx.de wrote:
> >Hi,
> >
> >I have read several docs to figure out this...all docs do changes
> >in /etc/conf.d but I found no hint how to transfer that settings
> >to the "real" configuration files of the according programs.
> 
> These *are* real configuration files and you don't need to transfer 
> anything.
> 
> 

The reason I thought, that those settings in /etc/conf.d is due
to a warning of the rkhunter tool:

[03:23:21] Performing system configuration file checks
[03:23:21] Info: Starting test name 'system_configs'
[03:23:21]   Checking for SSH configuration file             [ Found ]
[03:23:21] Info: Found SSH configuration file: /etc/ssh/sshd_config
[03:23:21] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
[03:23:21] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
[03:23:21]   Checking if SSH root access is allowed          [ Warning ]
[03:23:21] Warning: The SSH configuration option 'PermitRootLogin' has not been set.
           The default value may be 'yes', to allow root access.
[03:23:21]   Checking if SSH protocol v1 is allowed          [ Warning ]
[03:23:21] Warning: The SSH configuration option 'Protocol' has not been set.
           The default value may be '2,1', to allow the use of protocol version 1.
[03:23:22]   Checking for running syslog daemon              [ Not found ]
[03:23:22] Info: The syslog daemon is not running, but a metalog daemon has been found.
[03:23:22]   Checking for syslog configuration file          [ Not found ]

Now I see, that it seems to check simply the wrong file.

I think it would be an idea to patch rkhunter to be more compliant to
the setup of the gentoo system ?!
From own experience I know that a lot false warnings of such tools
dull the sigth on to the real threads...

Only my two cents, your currency may vary... ;)

Best regards,
mcc

[gentoo-user] Re: transferring contents of /etc/conf.d to the config files

[Nikos Chantziaras]

On 10/10/2011 09:45 PM, meino.cramer@gmx.de wrote:
> Nikos Chantziaras<realnc@arcor.de>  [11-10-10 19:52]:
>> On 10/10/2011 08:33 PM, meino.cramer@gmx.de wrote:
>>> Hi,
>>>
>>> I have read several docs to figure out this...all docs do changes
>>> in /etc/conf.d but I found no hint how to transfer that settings
>>> to the "real" configuration files of the according programs.
>>
>> These *are* real configuration files and you don't need to transfer
>> anything.
>>
>>
>
> The reason I thought, that those settings in /etc/conf.d is due
> to a warning of the rkhunter tool:
>
> [03:23:21] Performing system configuration file checks
> [03:23:21] Info: Starting test name 'system_configs'
> [03:23:21]   Checking for SSH configuration file             [ Found ]
> [03:23:21] Info: Found SSH configuration file: /etc/ssh/sshd_config
> [03:23:21] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
> [03:23:21] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
> [03:23:21]   Checking if SSH root access is allowed          [ Warning ]
> [03:23:21] Warning: The SSH configuration option 'PermitRootLogin' has not been set.
>             The default value may be 'yes', to allow root access.
> [03:23:21]   Checking if SSH protocol v1 is allowed          [ Warning ]
> [03:23:21] Warning: The SSH configuration option 'Protocol' has not been set.
>             The default value may be '2,1', to allow the use of protocol version 1.
> [03:23:22]   Checking for running syslog daemon              [ Not found ]
> [03:23:22] Info: The syslog daemon is not running, but a metalog daemon has been found.
> [03:23:22]   Checking for syslog configuration file          [ Not found ]
>
> Now I see, that it seems to check simply the wrong file.
>
> I think it would be an idea to patch rkhunter to be more compliant to
> the setup of the gentoo system ?!
>  From own experience I know that a lot false warnings of such tools
> dull the sigth on to the real threads...

It's checking the correct file.  Simply edit /etc/ssh/sshd_config to 
your liking.  /etc/conf.d/ is not for those kind of settings; it's 
read-in by Gentoo's init system and other infrastructure.

Re: [gentoo-user] Re: transferring contents of /etc/conf.d to the config files

[meino.cramer]

Nikos Chantziaras <realnc@arcor.de> [11-10-10 20:56]:
> On 10/10/2011 09:45 PM, meino.cramer@gmx.de wrote:
> >Nikos Chantziaras<realnc@arcor.de>  [11-10-10 19:52]:
> >>On 10/10/2011 08:33 PM, meino.cramer@gmx.de wrote:
> >>>Hi,
> >>>
> >>>I have read several docs to figure out this...all docs do changes
> >>>in /etc/conf.d but I found no hint how to transfer that settings
> >>>to the "real" configuration files of the according programs.
> >>
> >>These *are* real configuration files and you don't need to transfer
> >>anything.
> >>
> >>
> >
> >The reason I thought, that those settings in /etc/conf.d is due
> >to a warning of the rkhunter tool:
> >
> >[03:23:21] Performing system configuration file checks
> >[03:23:21] Info: Starting test name 'system_configs'
> >[03:23:21]   Checking for SSH configuration file             [ Found ]
> >[03:23:21] Info: Found SSH configuration file: /etc/ssh/sshd_config
> >[03:23:21] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
> >[03:23:21] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
> >[03:23:21]   Checking if SSH root access is allowed          [ Warning 
> >]
> >[03:23:21] Warning: The SSH configuration option 'PermitRootLogin' has 
> >not been set.
> >            The default value may be 'yes', to allow root access.
> >[03:23:21]   Checking if SSH protocol v1 is allowed          [ Warning 
> >]
> >[03:23:21] Warning: The SSH configuration option 'Protocol' has not 
> >been set.
> >            The default value may be '2,1', to allow the use of 
> >protocol version 1.
> >[03:23:22]   Checking for running syslog daemon              [ Not 
> >found ]
> >[03:23:22] Info: The syslog daemon is not running, but a metalog 
> >daemon has been found.
> >[03:23:22]   Checking for syslog configuration file          [ Not 
> >found ]
> >
> >Now I see, that it seems to check simply the wrong file.
> >
> >I think it would be an idea to patch rkhunter to be more compliant to
> >the setup of the gentoo system ?!
> > From own experience I know that a lot false warnings of such tools
> >dull the sigth on to the real threads...
> 
> It's checking the correct file.  Simply edit /etc/ssh/sshd_config to 
> your liking.  /etc/conf.d/ is not for those kind of settings; it's 
> read-in by Gentoo's init system and other infrastructure.
> 
> 

Now I am a little more confused...

What is the purpose of this file?  :

    /etc/conf.d/sshd

with this contents:


    # /etc/conf.d/sshd: config file for /etc/init.d/sshd

    # Where is your sshd_config file stored?

    SSHD_CONFDIR="/etc/ssh"


    # Any random options you want to pass to sshd.
    # See the sshd(8) manpage for more info.

    SSHD_OPTS=""


    # Pid file to use (needs to be absolute path).

    #SSHD_PIDFILE="/var/run/sshd.pid"


    # Path to the sshd binary (needs to be absolute path).

    #SSHD_BINARY="/usr/sbin/sshd"


if /etc/ssh/sshd_config is for configuration of sshd's options...for
what purpose is /etc/conf.d/sshd then ?

And what files gets overwritten when installing a new version of sshd?

Best regards,
mcc

Re: [gentoo-user] Re: transferring contents of /etc/conf.d to the config files

[Canek Peláez Valdés]

On Mon, Oct 10, 2011 at 12:13 PM,  <meino.cramer@gmx.de> wrote:
> Nikos Chantziaras <realnc@arcor.de> [11-10-10 20:56]:
>> On 10/10/2011 09:45 PM, meino.cramer@gmx.de wrote:
>> >Nikos Chantziaras<realnc@arcor.de>  [11-10-10 19:52]:
>> >>On 10/10/2011 08:33 PM, meino.cramer@gmx.de wrote:
>> >>>Hi,
>> >>>
>> >>>I have read several docs to figure out this...all docs do changes
>> >>>in /etc/conf.d but I found no hint how to transfer that settings
>> >>>to the "real" configuration files of the according programs.
>> >>
>> >>These *are* real configuration files and you don't need to transfer
>> >>anything.
>> >>
>> >>
>> >
>> >The reason I thought, that those settings in /etc/conf.d is due
>> >to a warning of the rkhunter tool:
>> >
>> >[03:23:21] Performing system configuration file checks
>> >[03:23:21] Info: Starting test name 'system_configs'
>> >[03:23:21]   Checking for SSH configuration file             [ Found ]
>> >[03:23:21] Info: Found SSH configuration file: /etc/ssh/sshd_config
>> >[03:23:21] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
>> >[03:23:21] Info: Rkhunter option ALLOW_SSH_PROT_V1 set to '0'.
>> >[03:23:21]   Checking if SSH root access is allowed          [ Warning
>> >]
>> >[03:23:21] Warning: The SSH configuration option 'PermitRootLogin' has
>> >not been set.
>> >            The default value may be 'yes', to allow root access.
>> >[03:23:21]   Checking if SSH protocol v1 is allowed          [ Warning
>> >]
>> >[03:23:21] Warning: The SSH configuration option 'Protocol' has not
>> >been set.
>> >            The default value may be '2,1', to allow the use of
>> >protocol version 1.
>> >[03:23:22]   Checking for running syslog daemon              [ Not
>> >found ]
>> >[03:23:22] Info: The syslog daemon is not running, but a metalog
>> >daemon has been found.
>> >[03:23:22]   Checking for syslog configuration file          [ Not
>> >found ]
>> >
>> >Now I see, that it seems to check simply the wrong file.
>> >
>> >I think it would be an idea to patch rkhunter to be more compliant to
>> >the setup of the gentoo system ?!
>> > From own experience I know that a lot false warnings of such tools
>> >dull the sigth on to the real threads...
>>
>> It's checking the correct file.  Simply edit /etc/ssh/sshd_config to
>> your liking.  /etc/conf.d/ is not for those kind of settings; it's
>> read-in by Gentoo's init system and other infrastructure.
>>
>>
>
> Now I am a little more confused...
>
> What is the purpose of this file?  :
>
>    /etc/conf.d/sshd
>
> with this contents:
>
>
>    # /etc/conf.d/sshd: config file for /etc/init.d/sshd
>
>    # Where is your sshd_config file stored?
>
>    SSHD_CONFDIR="/etc/ssh"
>
>
>    # Any random options you want to pass to sshd.
>    # See the sshd(8) manpage for more info.
>
>    SSHD_OPTS=""
>
>
>    # Pid file to use (needs to be absolute path).
>
>    #SSHD_PIDFILE="/var/run/sshd.pid"
>
>
>    # Path to the sshd binary (needs to be absolute path).
>
>    #SSHD_BINARY="/usr/sbin/sshd"
>
>
> if /etc/ssh/sshd_config is for configuration of sshd's options...for
> what purpose is /etc/conf.d/sshd then ?

It's a Gentoo-ism. It's for the (highly unlikely) case of you having
your sshd_config file in a directory different from /etc/ssh, and to
pass other arguments to the sshd daemon.

It's completely redundant and innecessary, but it was the way
different distros dealed with the shortcomings of SysV (OpenRC, the
Gentoo init systems, works on top of SysV).

> And what files gets overwritten when installing a new version of sshd?

All of them :D Of course they are overwritten with ._cfg000* backups,
but anyway is ridiculous. As you say, the only config sshd would need
to look for should be in /etc/ssh. With systemd, there is no need for
a /etc/conf.d (or /etc/sysconfig) dir.

Regards.
-- 
Canek Peláez Valdés
Posgrado en Ciencia e Ingeniería de la Computación
Universidad Nacional Autónoma de México

[gentoo-user] Re: transferring contents of /etc/conf.d to the config files

[Nikos Chantziaras]

On 10/10/2011 10:13 PM, meino.cramer@gmx.de wrote:
> Nikos Chantziaras<realnc@arcor.de>  [11-10-10 20:56]:
>> On 10/10/2011 09:45 PM, meino.cramer@gmx.de wrote:
>>> Nikos Chantziaras<realnc@arcor.de>   [11-10-10 19:52]:
>>>> On 10/10/2011 08:33 PM, meino.cramer@gmx.de wrote:
>>>>> I have read several docs to figure out this...all docs do changes
>>>>> in /etc/conf.d but I found no hint how to transfer that settings
>>>>> to the "real" configuration files of the according programs.
>>>>
>>>> These *are* real configuration files and you don't need to transfer
>>>> anything.
>>>
>>> The reason I thought, that those settings in /etc/conf.d is due
>>> to a warning of the rkhunter tool:
>>> [...]
>>> Now I see, that it seems to check simply the wrong file.
>>
>> It's checking the correct file.  Simply edit /etc/ssh/sshd_config to
>> your liking.  /etc/conf.d/ is not for those kind of settings; it's
>> read-in by Gentoo's init system and other infrastructure.
>
> Now I am a little more confused...
>
> What is the purpose of this file?  :
>
>      /etc/conf.d/sshd

It's used by Gentoo's init system, not by ssh.


> if /etc/ssh/sshd_config is for configuration of sshd's options...for
> what purpose is /etc/conf.d/sshd then ?
>
> And what files gets overwritten when installing a new version of sshd?

All files are overwritten.  In case of differences, emerge will tell you 
about it at the end of the emerge (even if you emerged multiple 
packages, the notification will only appear at the end of all of them.)

Configuration protection is a basic feature of portage.  When emerge 
tells you that the newly installed configuration files differ from the 
existing ones, it means that you need to run 'dispatch-conf' (or another 
equivalent tool) that will show you what those differences are and will 
allow you to merge them.  Until you do that, the new config files will 
keep their temporary names ("._cfg" prefix).