openSUSE

Disable martian logging

tnx 2 linux-club.de

/etc/sysconfig/SuSEfirewall2 : FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom" /etc/sysconfig/scripts/SuSEfirewall2-custom : fw_custom_after_finished() { # these are the rules to be loaded after the firewall is fully configured for IF in /proc/sys/net/ipv4/conf/*/log_martians; do echo "0" > $IF done true }

split /etc/SuSE-release

re="^([^ ]+) ([^ ]+) (.*)$" [[ "`head -1 /etc/SuSE-release`" =~ $re ]] && \ os_vendor="${BASH_REMATCH[1]}" && \ os_version="${BASH_REMATCH[2]}" && \ os_arch=`echo ${BASH_REMATCH[3]} | sed -e 's/(//' -e 's/)//'` echo $os_vendor echo $os_version echo $os_arch

opsensuse 12.3 : systemd / nfs4 mount

w/o timeout

<a href='http://www.happyassassin.net/2011/05/12/cute-systemd-trick-of-the-day-auto-mounting-remote-shares/' class="ext" target="_blank" onfocus="this.blur()" title="">tnx 2 AdamW</a><p> /etc/fstab : 1.2.3.4:/export /parts/export nfs4 noauto,comment=systemd.automount 0 0

w timeout

<a href='https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725815' class="ext" target="_blank" onfocus="this.blur()" title="">tnx 2 Michael Biebl</a><p> /etc/fstab : 1.2.3.4:/export /parts/export nfs4 noauto,comment=systemd.automount,comment=systemd.device-timeout=10 0 0 this works fine: 1.2.3.4:/export /parts/export nfs4 noauto,nofail,bg,soft,intr,comment=systemd.automount,comment=systemd.device-timeout=10 0 0

kde3 on XFCE4 with ldm

tnx 2 puppylinux

kcontrol - empty !? kcmshell kthememanager kcmshell colors kcmshell style kcmshell icons kcmshell kwindecoration kcmshell filetypes kcmshell desktoppath kcmshell kwinoptions kcmshell kwinrules kcmshell componentchooser kcmshell --list kwincompositing - Configure desktop effects display - Display Settings autostart - A configuration tool for managing which programs start up with KDE. ebrowsing - Configure enhanced browsing kcm_phonon - Sound and Video Configuration khtml_appearance - Configure how to display web pages kcm_pkk_authorization - Set up policies for applications using PolicyKit khtml_behavior - Configure the browser behavior kpk_update - Check and Install Updates desktoppath - Change the location important files are stored keyboard - Keyboard settings energy - Settings for display power management kpk_addrm - Add and Remove Software kgrubeditor - A system tool to view and edit the GRUB boot loader. kcm_keyboard - Keyboard settings kcmaccess - Improve accessibility for disabled persons audiocd - Audiocd IO Slave Configuration kcmdolphinnavigation - Configure file manager navigation khotkeys - Configure Input Actions settings fontinst - Install, manage, and preview fonts kcmnotify - System Notification Configuration keys - Configuration of keybindings khtml_java_js - Configure the behavior of Java and JavaScript style - Allows the manipulation of widget behavior and changing the Style for KDE kwindecoration - Configure the look and feel of window titles joystick - Joystick settings componentchooser - Choose the default components for various services kwinoptions - Configure the window behavior ksplashthememgr - Manager for Splash Screen Themes randr - Resize and Rotate your display kpk_settings - KPackageKit Settings kcmsmserver - Configure the session manager and logout settings netpref - Configure generic network preferences, like timeout values fonts - Font settings bookmarks - Configure the bookmarks home page kcmlaunch - Choose application-launch feedback style k3bsetup - K3bSetup - modify permission for CD/DVD burning with K3b kdm - Configure the login manager (KDM) proxy - Configure the proxy servers used kcmperformance - Configure settings that can improve KDE performance kcm_akonadi - Configuration of the Akonadi Personal Information Management framework kamera - Configure Kamera system-config-printer-kde - Configure local and remote Printers standard_actions - Configuration of standard keybindings spellchecking - Configure the spell checker kwalletconfig - KDE Wallet Configuration khtml_plugins - Configure the browser plugins emoticons - Emoticons Themes Manager icons - Customize KDE Icons keyboard_layout - Keyboard Layout kwinrules - Configure settings specifically for a window clock - Date and time settings libkcddb - Configure the CDDB Retrieval khtml_general - Configure general Konqueror behavior kcm_useraccount - User information such as password, name and email bell - System Bell Configuration kcmtrash - Configure trash settings kcmkded - KDE Services Configuration khtml_filter - Configure Konqueror AdBlocK filters kcmdolphingeneral - Configure general file manager settings filetypes - Configure file associations kcm_solid - Hardware Integration Configuration with Solid cookies - Configure the way cookies work powerdevilconfig - Display brightness, suspend and power profile settings kwinscreenedges - Configure active screen edges kcmsambaconf - A module to configure shares for Microsoft Windows lanbrowser - Configure local network browsing for shared folders and printers useragent - Configure the way Konqueror reports itself solid-actions - A configuration tool for managing the actions available to the user when connecting new devices to the computer kcmgtk - Control the style and fonts used by GTK+ applications in KDE fileshare - Enable or disable file sharing cache - Configure web cache settings kcm_kdnssd - Configure service discovery kcmdolphinviewmodes - Configure file manager view modes mouse - Mouse settings kcm_nepomuk - Nepomuk/Strigi Server Configuration xinerama - Configure KDE for multiple monitors kcmhistory - Configure the history sidebar language - Language, numeric, and time settings for your particular region colors - Color settings desktop - You can configure how many virtual desktops there are. kcmdolphinservices - Configure file manager services desktopthemedetails - Customize individual desktop theme items screensaver - Screen Saver Settings

clear tmp dir on boot

tnx 2 Matthias Gerds

tnx 2 forums.opensuse.org

cp -vi /usr/lib/tmpfiles.d/tmp.conf /etc/tmpfiles.d/tmp.conf /etc/tmpfiles.d/tmp.conf : ... D /tmp 1777 root root - D /var/tmp 1777 root root - d /tmp/.cache 1777 root root 1s ...

speedtest-cli

rpm -ivh http://download.opensuse.org/repositories/home:/mcaj/openSUSE_13.1/noarch/speedtest-cli-0.2.4-4.1.noarch.rpm speedtest-cli

openSUSE bugfix - /dev/getty: No such file or directory

tnx 2 Martin Wilck

logfile: agetty[2526]: /dev/getty: No such file or directory systemctl stop getty@getty.service systemctl disable getty@getty.service rm -i /etc/systemd/system/getty.target.wants/getty@.service ### https://bugs.mageia.org/show_bug.cgi?id=10931 # Workaround until the cause is found/fixed. #ln /dev/tty0 /dev/getty

X11

set OBO Flat File MIME-Types

kde3

/usr/share/mimelnk/application/obo.desktop
[Desktop Entry] Encoding=UTF-8 Icon=ontology Type=MimeType Patterns=*.obo MimeType=text/x-obo;*.OBO Comment=OBO Flat File DocumentHidden=false X-KDE-AutoEmbed=false #~/.kde/share/config/profilerc #/etc/kde-profile/standard/share/config/profilerc
/opt/kde3/share/config/profilerc
[text/x-obo - 1] AllowAsDefault=true Application=ontviewer.desktop GenericServiceType=Application Preference=1 ServiceType=text/x-obo [text/x-obo - 2] AllowAsDefault=true Application=jedit.desktop GenericServiceType=Application Preference=2 ServiceType=text/x-obo [text/x-obo - 3] AllowAsDefault=true Application=hugeedit.desktop GenericServiceType=Application Preference=3 ServiceType=text/x-obo [text/x-obo - 4] AllowAsDefault=true Application=kate.desktop; GenericServiceType=Application Preference=4 ServiceType=text/x-obo [text/x-obo - 5] AllowAsDefault=true Application=gvim.desktop GenericServiceType=Application Preference=5 ServiceType=text/x-obo

KDE3 Knews on XFCE4/lxdm

I'm a absolutely fan of the kde knews. But, kde3 isn't further developed. So I use XFCEE4 running on LXDM yet and kNews is not working. Really??? I experimented a lot and here is a solution (working on openSUSE): - install kdebase3-workspace and knews zypper in kdebase3-workspace kdenetwork3-news - try to start appletproxy knewsticker.desktop - ok, but this is not what we want. So install devilspie zypper in devilspie - configure it mkdir ~/.devilspie cd ~/.devilspie echo '(debug)' > ~/.devilspie/debug.ds echo '( if (is (window_name) "KNewsTicker") ( begin (geometry "1890x25+0+-25") (undecorate) (maximize_horizontally) (skip_tasklist) (pin) (below) ) )' > ~/.devilspie/knewsticker.ds - run xfce4-settings-manager, select "Session and Startup" -> Application Autostart -> Add new entry: Name: devilspie Command: devilspie -a - create a KNews Starter echo ' [Desktop Entry] X-SuSE-translate=true NoDisplay=true Name=KNewsTicker Type=Application Exec=appletproxy knewsticker.desktop Icon=knewsticker GenericName=News Ticker Terminal=false X-KDE-StartupNotify=true X-DCOP-ServiceType=Unique Categories=Qt;KDE;Network;X-KDE-More;News; ' > KNewsTicker.desktop - well, it works :))) - BTW, if you like to kill knewsticker, try this: echo ' [Desktop Entry] Version=1.0 Type=Application Name=killKnews Comment= Exec=killall -9 appletproxy Icon=clanbomber Path= Terminal=false StartupNotify=false ' > killKnews.desktop - thats all

compiz: make application always on visible workspace

tnx 2 Alvin Row

- Open up CompizConfig Settings Manager and enable the Window Rules plugin Window Management -> Windows rules (Fensterverwaltung -> Regeln für Fenster) - open Window Rules plugin, clicking the + button of the "Sticky" field (Klebrig) - use type class and and then using the Grab feature - for knews on XFCE type "<i>class=Appletproxy</i>"

tomcat

settings

/etc/tomcat/tomcat-users.xml : ... <tomcat-users> <user username="admin" password="XXXXX" roles="admin,manager,admin-gui,manager-gui" /> </tomcat-users> ... /etc/tomcat/context.xml : ... <Context> <WatchedResource>WEB-INF/web.xml</WatchedResource> <Manager pathname="" /> </Context> ... /etc/tomcat/tomcat.conf : ... CATALINA_OPTS="-server -Xmx4600M -XX:MaxPermSize=512M" ... /etc/tomcat/server.xml : ... <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" /> ... <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" keystorePass="Leagiv8u" keystoreFile="/etc/tomcat/oc_keystore.ks" clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" /> ... <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" URIEncoding="UTF-8" /> ...

logging

/etc/tomcat/server.xml : ... <!-- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t &quot;%r&quot; %s %b" /> --> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost" suffix=".log" pattern="common" rotatable="false" resolveHosts="false" /> ...
/etc/tomcat/logging.properties.patch :
--- /etc/tomcat/logging.properties 2014-01-07 14:35:57.000000000 +0100 +++ /etc/tomcat/logging.properties.NEW 2014-03-28 09:24:53.523651431 +0100 @@ -22,23 +22,27 @@ # Describes specific configuration info for Handlers. ############################################################ -1catalina.org.apache.juli.FileHandler.level = FINE +1catalina.org.apache.juli.FileHandler.level = INFO 1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs -1catalina.org.apache.juli.FileHandler.prefix = catalina. +1catalina.org.apache.juli.FileHandler.prefix = catalina +1catalina.org.apache.juli.FileHandler.rotatable = false -2localhost.org.apache.juli.FileHandler.level = FINE +2localhost.org.apache.juli.FileHandler.level = INFO 2localhost.org.apache.juli.FileHandler.directory = ${catalina.base}/logs -2localhost.org.apache.juli.FileHandler.prefix = localhost. +2localhost.org.apache.juli.FileHandler.prefix = localhost +2localhost.org.apache.juli.FileHandler.rotatable = false -3manager.org.apache.juli.FileHandler.level = FINE +3manager.org.apache.juli.FileHandler.level = INFO 3manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs -3manager.org.apache.juli.FileHandler.prefix = manager. +3manager.org.apache.juli.FileHandler.prefix = manager +3manager.org.apache.juli.FileHandler.rotatable = false -4host-manager.org.apache.juli.FileHandler.level = FINE +4host-manager.org.apache.juli.FileHandler.level = INFO 4host-manager.org.apache.juli.FileHandler.directory = ${catalina.base}/logs -4host-manager.org.apache.juli.FileHandler.prefix = host-manager. +4host-manager.org.apache.juli.FileHandler.prefix = host-manager +4host-manager.org.apache.juli.FileHandler.rotatable = false -java.util.logging.ConsoleHandler.level = FINE +java.util.logging.ConsoleHandler.level = INFO java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
/etc/logrotate.d/tomcat :
/var/log/tomcat/catalina.out /var/log/tomcat/*log { su tomcat tomcat copytruncate compress dateext maxage 365 rotate 99 size=+4096k notifempty missingok create 0644 tomcat tomcat }

tar

tar with pigz

tnx 2 user154053

time tar cvzf /tmp/bla /var/lib/rpm/Packages real 0m8.073s user 0m7.864s sys 0m0.200s ################################################## /tmp/mypigz : #!/bin/bash pigz -p`awk '/^processor/ { N++} END { print N-1 }' /proc/cpuinfo` -9 $@ ################################################## export TAR_OPTIONS="--use-compress-program=/tmp/mypigz" time tar cvf /tmp/bla /var/lib/rpm/Packages real 0m5.847s user 0m17.368s sys 0m0.264s

SSH

SSH autologout

tnx 2 adercon.com

tnx 2 garron.me

/etc/ssh/sshd_config : # autologout # 1 hour # hint : TMOUT=3600 in /etc/bash.bashrc.local or ~/.bashrc ClientAliveInterval 3600 ClientAliveCountMax 0

ssh: permit root login only from local network / ip

tnx 2

/etc/ssh/sshd_config : AllowUsers foo1 foo2 Match Address 192.168.0.*,127.0.0.1 PermitRootLogin without-password AllowUsers root foo1 foo2

Mounts and Devices

sftp + sshfs

tnx 2 exanto.de tnx 2 darklaunch.com

interactive

mkdir foo sshfs user@ftp.bar.com:/ foo ls foo fusermount -u foo

automatic

echo password | sshfs user@ftp.bar.com:/ foo -o workaround=rename -o password_stdin

mount samsung s3

zypper in simple-mtpfs simple-mtpfs /mnt -o allow_other fusermount -u /mnt

mount NFS with NetworkManager in intranet only

tnx 2 Ben Martin

/etc/NetworkManager/dispatcher.d/nfs.intra

#!/bin/bash

IF=$1
STATUS=$2

INTRA_IF='eth0'
INTRA_IP='192.168.0.123'

if [ "${IF}" == "${INTRA_IF}" ]
then
    case "${STATUS}" in
        up|dhcp4-change|dhcp6-change)
            logger -s "INTRANET NFS: up triggered"
            /sbin/ifconfig | /usr/bin/grep -q "${INTRA_IP}"
            if [ $? -eq 0 ]; then
                logger -s "INTRANET NFS: intranet detected"
                mount 192.168.0.10:/parts/share /parts/share
            fi
            ;;
        down)
            logger -s "INTRANET NFS: down triggered"
            umount /parts/share
            exit 0
            ;;
        *)
            exit 0
            ;;
    esac
fi


Copy large files on a LAN

tar / ssh

tnx 2 spikelab.org tnx 2 ejb48

tar cf - repos | ssh 192.168.0.60 tar xf - -C /parts/data/share/var_lib_ocm/2013Q2 tar czf - repos | ssh 192.168.0.60 tar xzf - -C /parts/data/share/var_lib_ocm/2013Q2 tar czf - repos | ssh -c arcfour 192.168.0.60 tar xzf - -C /parts/data/share/var_lib_ocm/2013Q2

tar / mbuffer / ssh

tnx 2 stackexchange.com

tar zcf - bigfile | mbuffer -s 1K -m 512 | ssh otherhost "tar zxf -"

success story: copy hunderts of data DVD's with lots of small files into a storage pool

- take a lot of old pc's with a dvd drive - use ssh with ~/.ssh/authorized_keys - /etc/sudoers: %wheel ALL=(ALL) NOPASSWD: ALL - use clusterssh as the control- and monitoring center: cssh 192.168.0.100 192.168.0.101 192.168.0.102 192.168.0.103 192.168.0.104 192.168.0.105 ... - run the scipt synchronously on each pc: #!/bin/bash while true; do LABEL=`sudo /usr/sbin/blkid -o value -s LABEL /dev/dvd | sed 's/ /_/g'` echo "### $LABEL" echo -en "start : " date +%H:%M ssh root@192.168.0.XXX dir /path/$LABEL sudo mount /dev/dvd /mnt/ cd /mnt/ tar czf - * | ssh -c arcfour root@192.168.0.XXX tar xzf - -C /path/$LABEL/ cd sleep 1 sudo umount /dev/dvd sudo /usr/bin/eject sudo sh -c "echo -e '\a' > /dev/console" sleep 1 sudo sh -c "echo -e '\a' > /dev/console" sleep 1 sudo sh -c "echo -e '\a' > /dev/console" echo -en "end : " date +%H:%M echo "Insert next DVD" echo "If you are ready - press any key" read done - take a coffee while changing dvd's and listen the sound :) - quit with CTRL-C

Monitoring / Logging

user level logrotate

tnx 2 anwendungsentwickler.ws

mkdir /home/foo/logrotate touch /home/foo/logrotate/logrotate.status ~/logrotate/logrotate.conf : /home/foo/data/logs/*log { compress dateext maxage 365 rotate 99 size=+2048k notifempty missingok copytruncate create 644 foo users } crontab : 0 5 * * * /usr/sbin/logrotate -s /home/foo/logrotate/logrotate.status /home/foo/logrotate/logrotate.conf

coloring different sources for tail: ctail

tnx 2 Stéphane Chazelas

#!/bin/bash # ctail log1 [log2] ... declare -a colors=(30 31 32 33 34 35 36) while true;do if [ ${#colors[@]} -lt $# ];then colors=("${colors[@]}" "${colors[@]}") else break fi done color() { GREP_COLOR=$1 grep --line-buffered --color=always '.*'; } COUNTER=0 ( for LOGIFLE in "$@";do if [ $COUNTER -lt $(($#-1)) ];then (trap - INT; tail -qf ${LOGIFLE} | color ${colors[$COUNTER]}) & else tail -qf ${LOGIFLE} | color ${colors[$COUNTER]} fi let COUNTER=COUNTER+1 done ) | cat exit

quick'n'dirty smartctl/mdstat check

tnx 2

#!/bin/bash export LANG=CC SCRIPT=`basename "$0"` TIMESTAMP=`date +%Y%m%d%H%M%S` LOG_FILE_NAME="/var/log/${SCRIPT}.log" DISKS=`/sbin/fdisk -l | grep "^Disk /dev/[hsvx]"` ( exec 2>&1 echo "==================================================" echo -e "TIME : ${TIMESTAMP}" echo "--------------------------------------------------" echo -e "disks : \n" echo "${DISKS}" echo "--------------------------------------------------" echo -e "smartctl: \n" for DISK in $( echo "${DISKS}" | cut -d: -f1 | sed 's/^Disk //' | sort ); do ERR=`/usr/sbin/smartctl -x "${DISK}" | grep occurred | head -1` if [ "x${ERR}" != "x" ]; then echo -e "${DISK} ${ERR}" fi done echo "--------------------------------------------------" echo -e "mdstat :\n " cat /proc/mdstat echo "--------------------------------------------------" echo -e "smartd :\n " grep smartd /var/log/messages | grep -i -e unreadable -e uncorrectable -e error | cut -c 61- | sed 's/^\s//g' | cut -d: -f1 | sort -u ) >> ${LOG_FILE_NAME}

qick subnet inventory

tnx 2 molivier

fping -A -d -a -q -g -a -i 1 -r 0 192.168.0.0/24 | sed -e 's/ (/\t/' -e 's/)$//' arp -a -i eth0 | awk '{print $2"\t"$4}' | sed -e 's/)//' -e 's/(//'

Apache

snippets

### mobil provider bug fix / firefox bugfix # http://stuartroebuck.blogspot.com/2010/08/official-way-to-bypassing-data.html <Files ~ "\.(html|jsp)$"> Header add Cache-Control "no-transform" </Files> # https://support.mozilla.org/de/questions/916856 # http://stackoverflow.com/questions/18233115/to-avoid-cache-control-in-firefox <Files ~ "\.(xhtml)$"> ExpiresActive Off Header set Cache-Control "private, max-age=0, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate, no-transform" Header set Pragma "no-cache" #Expires: "-1" </Files> # http://www.igniti.de/2013/07/26/hinweise-zur-pagespeed-optimierung/ <IfModule mod_deflate.c> <FilesMatch "\\.(html|xhtml|css|js|xml|php|txt)$"> SetOutputFilter DEFLATE </FilesMatch> </IfModule> <IfModule mod_headers.c> Header set Connection keep-alive </ifModule>

Hardware stuff

atkbd serio0 - logfile flooding

on a DELL Vostro 1000 lots of messages floods /var/log/messages : ... atkbd serio0: Unknown key released (translated set 2, code 0x8d on isa0060/serio0). ... atkbd serio0: Use 'setkeycodes e00d <keycode>' to make it known.

solution 1

<a href='http://askubuntu.com/questions/116538/atkbd-c-spamming-the-logs-how-to-get-rid-what-is-this' class="ext" target="_blank" onfocus="this.blur()" title="">tnx 2 SirCharlo</a><p> - Shut down your laptop. - Unplug the power cord from your laptop, and unplug it also from the power outlet. - Remove the battery from your laptop. - Press and hold the Power button for 2 to 3 seconds. - Repeat this 2 to 3 times. - Reinstall the battery (at least 30 seconds should have gone by since you removed it). - Plug the power cord back into your laptop (while leaving the power cord unplugged from the wall outlet) - Press and hold the Power button again for 2 to 3 seconds. - Repeat this 2 to 3 times. - Plug the power cord into the wall outlet. - Start your laptop

solution 2

<a href='https://forum.ubuntuusers.de/topic/syslog-voll-mit-atkbd.c%3A-unknown-key-released/' class="ext" target="_blank" onfocus="this.blur()" title="">tnx 2 hw2</a><p> xmodmap -pke | grep =$ setkeycodes e00d 255 /etc/init.d/after.local : # fix atkbd serio0: Unknown key released /usr/bin/setkeycodes e00d 255

boot options / grub / grub2

GRUB2 KMS Kernel-Mode-Setting

/etc/default/grub : GRUB_CMDLINE_LINUX_DEFAULT=" nomodeset... " GRUB_TERMINAL=console

rescue: chroot mit cryptsetup LUKS und LVM

tnx 2 auf-nach-mallorca.info

tnx 2 therealjmc

tnx 2 ironfelixx

- run rescue system fdisk -l cryptsetup luksOpen /dev/sda5 sda5_crypt vgscan vgchange -a y mount /dev/mapper/system-rootpart /mnt mount /dev/sda2 /mnt/boot mount -t devtmpfs /dev /mnt/dev mount -t devpts /dev/pts /mnt/dev/pts mount -t sysfs /sys /mnt/sys mount -t proc /proc /mnt/proc chroot /mnt /bin/bash

fix grubloader on opensuse

if in /etc/default/grub_installdevice : /dev/disk/by-id... :
cp /etc/default/grub_installdevice /etc/default/grub_installdevice.orig /etc/default/grub_installdevice : /dev/sda3 activate generic_mbr zypper in plymouth mkinitrd grub2-install --force /dev/sda

security

rkhunter

/etc/rkhunter.conf.local : # # rkhunter.conf.local # last changed 2018-01-31 # #ALLOW_SSH_ROOT_USER=no #ALLOW_SSH_ROOT_USER=yes ALLOW_SSH_ROOT_USER=without-password #ALLOWPROMISCIF="eth0 eth1 vnet0 vnet1" ALLOWHIDDENDIR="/dev/.mdadm" ALLOWHIDDENDIR="/dev/.mount" ALLOWHIDDENDIR="/dev/.sysconfig" ALLOWDEVFILE="/dev/.sysconfig/network/config*" ALLOWDEVFILE="/dev/.sysconfig/network/if*" ALLOWDEVFILE="/dev/.sysconfig/network/new-stamp*" ALLOWDEVFILE="/dev/shm/initrd_exports.sh" ALLOWDEVFILE="/dev/shm/initrd.msg" ALLOWDEVFILE="/dev/tty10" ALLOWHIDDENFILE="/dev/.udev" ALLOWHIDDENFILE="/usr/bin/.fipscheck.hmac" ALLOWIPCPROC=/opt/zabbix/sbin/zabbix_agentd DISABLE_TESTS="avail_modules loaded_modules" WARN_ON_OS_CHANGE=0 UPDT_ON_OS_CHANGE=1 ##################################### rkhunter --update rkhunter --propupd rkhunter --check rkhunter --check --skip-keypress