remark :
runtime : 38
count : 2
previous date : 2010-06-28
previous time : 15.11.08
users - accounts - root
old: ssh known hosts: 192.168.178.45 ssh-rsa
new: ssh known hosts: 192.168.178.45 ssh-rsa
remark :
runtime : 42
count : 4
previous date : 2010-06-28
previous time : 15.02.20
software - installed-rpms - Utilities/System
old: scc:1.12-1
new: scc:1.13-12
software - rpm - imported keys - gpg-pubkey-e8562897-459f07a4
old: Install Date: Wed Apr 28 21:51:51 2010 Build Host: localhost
new: Install Date: Wed Apr 28 23:51:51 2010 Build Host: localhost
remark :
runtime : 47
count : 3
previous date : 2010-06-02
previous time : 10.57.56
hardware - biosdecode
old: Calling Interface Address: 0x000FC040
new: Calling Interface Address: 0x000FC0F0
hardware - disk - hda
new: hdparm: Checksum: correct
remark :
runtime : 51
count : 3
previous date : 2010-05-19
previous time : 18.39.35
network - ports
old: kpasswd 464
old: kerberos-adm 749
users - accounts - root
new: ssh known hosts: xs1.xs4all.nl,194.109.21.4 ssh-dss
remark :
runtime : 42
count : 11
previous date : 2010-05-19
previous time : 18.03.55
boot - sysconfig - /etc/sysconfig/ldap
new: export KRB5_KTNAME=/etc/openldap/keytab.ldap
software - ldap - /etc/openldap/slapd.conf
new: authz-regexp
new: uid=admin,cn=example.com,cn=gssapi,cn=auth
new: cn=admin,dc=example,dc=com
new: authz-regexp
new: uid=host/([^/\.]+).example.com,cn=example.com,cn=gssapi,cn=auth
new: cn=$1,ou=hosts,dc=example,dc=com
new: authz-regexp
new: uid=([^,]+),cn=example.com,cn=gssapi,cn=auth
new: uid=$1,ou=people,dc=example,dc=com
new: sasl-realm EXAMPLE.COM
remark : removed temporary disk after recovery
runtime : 48
count : 82
previous date : 2010-05-19
previous time : 14.11.01
boot - sysconfig - /etc/sysconfig/hwconf
old: class: HD
old: bus: IDE
old: detached: 0
old: device: hdb
old: desc: "VBOX HARDDISK"
old: physical: 16383/16/63
old: logical: 16644/16/63
old: -
boot - sysconfig - /etc/sysconfig/ldap
new: ULIMIT_SETTINGS=
new: STOP_DELAY=3s
new: SLAPD_LDAP=yes
new: SLAPD_LDAPS=no
new: SLAPD_LDAPI=no
hardware - disk - hdb
old: model: VBOX HARDDISK
old: driver: ide-disk version 1.18
old: geometry: physical 16383/16/63
old: geometry: logical 16644/16/63
hardware - disk - hdb1
old: id : ata-VBOX_HARDDISK_VBff94b4f0-b837e799-part1
old: path : pci-0000:00:01.1-ide-0:1-part1
old: uuid : e560e782-7f12-4eb1-9935-62144f73f6f5
hardware - disk - hdb2
old: id : ata-VBOX_HARDDISK_VBff94b4f0-b837e799-part2
old: path : pci-0000:00:01.1-ide-0:1-part2
hardware - disk - hdb
old: id : ata-VBOX_HARDDISK_VBff94b4f0-b837e799
old: path : pci-0000:00:01.1-ide-0:1
hardware - /etc/sysconfig/hwconf
old: class: HD
old: bus: IDE
old: detached: 0
old: device: hdb
old: desc: "VBOX HARDDISK"
old: physical: 16383/16/63
old: logical: 16644/16/63
network - ports
new: kpasswd 464
new: kerberos-adm 749
software - installed-rpms - Applications/Internet
old: openldap-clients:2.3.43-3.el5
new: openldap-clients:2.3.43-12.el5
software - installed-rpms - Development/Libraries
old: openldap-devel:2.3.43-3.el5
new: openldap-devel:2.3.43-12.el5
software - installed-rpms - System Environment/Daemons
old: openldap-servers:2.3.43-3.el5
old: openldap:2.3.43-3.el5
new: openldap-servers:2.3.43-12.el5
new: openldap:2.3.43-12.el5
software - installed-rpms - System Environment/Libraries
new: cyrus-sasl-gssapi:2.1.22-5.el5_4.3
software - ldap - /etc/openldap/slapd.conf
old: by dn="cn=Manager,dc=example,dc=com" write
new: by dn="cn=admin,dc=example,dc=com" write
old: by dn="cn=Manager,dc=example,dc=com" write
new: by dn="cn=admin,dc=example,dc=com" write
old: by dn="cn=Manager,dc=example,dc=com" write
new: by dn="cn=admin,dc=example,dc=com" write
old: by dn="cn=Manager,dc=example,dc=com" write
new: by dn="cn=admin,dc=example,dc=com" write
old: rootdn "cn=Manager,dc=example,dc=com"
new: rootdn "cn=admin,dc=example,dc=com"
system - security - Kerberos - /var/kerberos/krb5kdc/kdc.conf
new: [kdcdefaults]
new: kdc_ports = 750,88
new: [realms]
new: EXAMPLE.COM = {
new: database_name = /var/kerberos/krb5kdc/principal
new: admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
new: acl_file = /var/kerberos/krb5kdc/kadm5.acl
new: key_stash_file = /var/kerberos/krb5kdc/stash_dbmaster
new: kdc_ports = 750,88
new: max_life = 1d 0h 0m 0s
new: max_renewable_life = 90d 0h 0m 0s
new: master_key_type = des3-hmac-sha1
new: supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
new: default_principal_flags = +preauth
new: }
system - security - Kerberos - /var/kerberos/krb5kdc/kadm5.acl
new: */admin *
new: admin *
new: Manager *
system - security - SASL plugins - client
old: LOGIN ANONYMOUS PLAIN EXTERNAL
new: LOGIN ANONYMOUS PLAIN GSSAPI EXTERNAL
new: Plugin "gssapiv2" [loaded], API version: 4
new: SASL mechanism: GSSAPI, best SSF: 56
new: security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
new: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN
system - security - SASL plugins - server
old: LOGIN ANONYMOUS PLAIN EXTERNAL
new: LOGIN ANONYMOUS PLAIN GSSAPI EXTERNAL
new: Plugin "gssapiv2" [loaded], API version: 4
new: SASL mechanism: GSSAPI, best SSF: 56, supports setpass: no
new: security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
new: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
remark : added temporary virtual disk to transfer software without network
runtime : 39
count : 163
previous date : 2010-05-12
previous time : 04.40.17
boot - sysconfig - /etc/sysconfig/hwconf
new: class: HD
new: bus: IDE
new: detached: 0
new: device: hdb
new: desc: "VBOX HARDDISK"
new: physical: 16383/16/63
new: logical: 16644/16/63
new: -
hardware - disk - hdb
new: model: VBOX HARDDISK
new: driver: ide-disk version 1.18
new: geometry: physical 16383/16/63
new: geometry: logical 16644/16/63
hardware - disk - hdb1
new: id : ata-VBOX_HARDDISK_VBff94b4f0-b837e799-part1
new: path : pci-0000:00:01.1-ide-0:1-part1
new: uuid : e560e782-7f12-4eb1-9935-62144f73f6f5
hardware - disk - hdb2
new: id : ata-VBOX_HARDDISK_VBff94b4f0-b837e799-part2
new: path : pci-0000:00:01.1-ide-0:1-part2
hardware - disk - hdb
new: id : ata-VBOX_HARDDISK_VBff94b4f0-b837e799
new: path : pci-0000:00:01.1-ide-0:1
hardware - /etc/sysconfig/hwconf
new: class: HD
new: bus: IDE
new: detached: 0
new: device: hdb
new: desc: "VBOX HARDDISK"
new: physical: 16383/16/63
new: logical: 16644/16/63
network - ports
old: http 80
software - installed-rpms - System Environment/Libraries
new: krb5-libs:1.6.1-36.el5
software - ldap - /etc/openldap/slapd.conf
old: allow bind_v2
old: access to dn.base=""
old: by * read
old: access to dn.base="cn=Subschema"
old: by * read
old: access to attrs=userPassword,userPKCS12
old: by self write
old: by * auth
old: access to attrs=shadowLastChange
old: by self write
old: by * read
new: access to attrs=userPassword,shadowLastChange
new: by dn="cn=Manager,dc=example,dc=com" write
new: by anonymous auth
new: by * none
old: by dn.exact="cn=kdc-service,ou=kerberos,dc=example,dc=com" read
old: by dn.exact="cn=kadm-service,ou=kerberos,dc=example,dc=com" write
old: by * none
new: by dn="cn=Manager,dc=example,dc=com" write
new: by dn="cn=kadm-service,ou=kerberos,dc=example,dc=com" write
new: by dn="cn=kdc-service,ou=kerberos,dc=example,dc=com" read
new: by * none
new: access to attrs=loginShell
new: by dn="cn=Manager,dc=example,dc=com" write
new: by self write
new: by * none
new: access to dn.base=""
new: by * read
old: by * read
new: by dn="cn=Manager,dc=example,dc=com" write
new: by users read
new: by * none
software - sendmail - options
new: Version 8.13.8
new: Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
new: MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
new: NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
new: TCPWRAPPERS USERDB USE_LDAP_INIT
new: setoption SevenBitInput (7)=False
new: setoption AliasWait (a)=10
new: setoption AliasFile (A)=/etc/aliases
new: setoption MinFreeBlocks (b)=100
new: setoption BlankSub (B)=.
new: setoption HoldExpensive (c)=False
new: setoption DeliveryMode (d)=background
new: setoption TempFileMode (F)=0600
new: setoption HelpFile (H)=/etc/mail/helpfile
new: setoption SendMimeErrors (j)=True
new: setoption ForwardPath (J)=$z/.forward.$w:$z/.forward
new: setoption ConnectionCacheSize (k)=2
new: setoption ConnectionCacheTimeout (K)=5m
new: setoption UseErrorsTo (l)=False
new: setoption LogLevel (L)=9
new: setoption CheckAliases (n)=False
new: setoption OldStyleHeaders (o)=True
new: setoption DaemonPortOptions (O)=Port=smtp,Addr=127.0.0.1, Name=MTA
new: Daemon MTA flags:
new: setoption PrivacyOptions (p)=authwarnings,novrfy,noexpn,restrictqrun
new: setoption QueueDirectory (Q)=/var/spool/mqueue
new: setoption Timeout (r).connect=1m
new: setoption Timeout (r).ident=0
new: setoption Timeout (r).queuereturn=5d
new: setoption Timeout (r).queuewarn=4h
new: setoption SuperSafe (s)=True
new: setoption StatusFile (S)=/var/log/mail/statistics
new: setoption DefaultUser (u)=8:12
new: setoption UserDatabaseSpec (U)=/etc/mail/userdb.db
new: setoption TryNullMXList (w)=True
new: setoption SmtpGreetingMessage (0x90)=$j Sendmail $v/$Z; $b
new: setoption UnixFromLine (0x91)=From $g $d
new: setoption OperatorChars (0x92)=.:%@!^/[]+
new: setoption DontProbeInterfaces (0xa1)=True
new: setoption AuthOptions (0xbd)=A
new: getauthinfo: root@localhost
new: ============ SYSTEM IDENTITY (after readcf) ============
new: (short domain name) $w = centos54
new: (canonical domain name) $j = centos54.local.nl
new: (subdomain name) $m = local.nl
new: (node name) $k = centos54.local.nl
new: ========================================================
new: setoption HoldExpensive (c)=F
new: setoption DeliveryMode (d)=
new: ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
new: Enter <ruleset> <address>
new: > >
new: ====finis: stat 0 e_id=NOQUEUE e_flags=4001<OLDSTYLE,METOO>
system - ld - ldconfig - /usr/lib
new: libdes425.so.3 -> libdes425.so.3.0
new: libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2
new: libgssrpc.so.4 -> libgssrpc.so.4.0
new: libk5crypto.so.3 -> libk5crypto.so.3.1
new: libkadm5clnt.so.5 -> libkadm5clnt.so.5.1
new: libkadm5srv.so.5 -> libkadm5srv.so.5.1
new: libkdb5.so.4 -> libkdb5.so.4.0
new: libkrb4.so.2 -> libkrb4.so.2.0
new: libkrb5.so.3 -> libkrb5.so.3.3
new: libkrb5support.so.0 -> libkrb5support.so.0.1
system - security - SASL plugins - auxprop
new: Installed auxprop mechanisms are:
new: sasldb
new: List of auxprop plugins follows
new: Plugin "sasldb" , API version: 4
new: supports store: yes
new:
system - security - SASL plugins - client
new: Installed SASL (client side) mechanisms are:
new: LOGIN ANONYMOUS PLAIN EXTERNAL
new: List of client plugins follows
new: Plugin "login" [loaded], API version: 4
new: SASL mechanism: LOGIN, best SSF: 0
new: security flags: NO_ANONYMOUS
new: features: SERVER_FIRST
new: Plugin "anonymous" [loaded], API version: 4
new: SASL mechanism: ANONYMOUS, best SSF: 0
new: security flags: NO_PLAINTEXT
new: features: WANT_CLIENT_FIRST
new: Plugin "plain" [loaded], API version: 4
new: SASL mechanism: PLAIN, best SSF: 0
new: security flags: NO_ANONYMOUS
new: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
new: Plugin "EXTERNAL" [loaded], API version: 4
new: SASL mechanism: EXTERNAL, best SSF: 0
new: security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
new: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
system - security - SASL plugins - server
new: Installed SASL (server side) mechanisms are:
new: LOGIN ANONYMOUS PLAIN EXTERNAL
new: List of server plugins follows
new: Plugin "login" [loaded], API version: 4
new: SASL mechanism: LOGIN, best SSF: 0, supports setpass: no
new: security flags: NO_ANONYMOUS
new: features:
new: Plugin "anonymous" [loaded], API version: 4
new: SASL mechanism: ANONYMOUS, best SSF: 0, supports setpass: no
new: security flags: NO_PLAINTEXT
new: features: WANT_CLIENT_FIRST
new: Plugin "plain" [loaded], API version: 4
new: SASL mechanism: PLAIN, best SSF: 0, supports setpass: no
new: security flags: NO_ANONYMOUS
new: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
remark : Remove redhat kerberos.
runtime : 39
count : 256
previous date : 2010-05-11
previous time : 17.20.15
boot - sysconfig - /etc/sysconfig/kadmin
old: KADMIND_ARGS=
old: KRB5REALM=
boot - sysconfig - /etc/sysconfig/krb524
old: KRB524D_ARGS=-m
boot - sysconfig - /etc/sysconfig/krb5kdc
old: KRB5KDC_ARGS=
old: KRB5REALM=
boot - run level - /etc/rc.d/rc0.d
old: K65kadmin -> ../init.d/kadmin
old: K65kprop -> ../init.d/kprop
old: K65krb524 -> ../init.d/krb524
old: K65krb5kdc -> ../init.d/krb5kdc
boot - run level - /etc/rc.d/rc1.d
old: K65kadmin -> ../init.d/kadmin
old: K65kprop -> ../init.d/kprop
old: K65krb524 -> ../init.d/krb524
old: K65krb5kdc -> ../init.d/krb5kdc
boot - run level - /etc/rc.d/rc2.d
old: K65kadmin -> ../init.d/kadmin
old: K65kprop -> ../init.d/kprop
old: K65krb524 -> ../init.d/krb524
old: K65krb5kdc -> ../init.d/krb5kdc
boot - run level - /etc/rc.d/rc3.d
old: K65kadmin -> ../init.d/kadmin
old: K65kprop -> ../init.d/kprop
old: K65krb524 -> ../init.d/krb524
old: K65krb5kdc -> ../init.d/krb5kdc
boot - run level - /etc/rc.d/rc4.d
old: K65kadmin -> ../init.d/kadmin
old: K65kprop -> ../init.d/kprop
old: K65krb524 -> ../init.d/krb524
old: K65krb5kdc -> ../init.d/krb5kdc
boot - run level - /etc/rc.d/rc5.d
old: K65kadmin -> ../init.d/kadmin
old: K65kprop -> ../init.d/kprop
old: K65krb524 -> ../init.d/krb524
old: K65krb5kdc -> ../init.d/krb5kdc
boot - run level - /etc/rc.d/rc6.d
old: K65kadmin -> ../init.d/kadmin
old: K65kprop -> ../init.d/kprop
old: K65krb524 -> ../init.d/krb524
old: K65krb5kdc -> ../init.d/krb5kdc
boot - run level - chkconfig
old: kadmin 0:off 1:off 2:off 3:off 4:off 5:off 6:off
old: kprop 0:off 1:off 2:off 3:off 4:off 5:off 6:off
old: krb524 0:off 1:off 2:off 3:off 4:off 5:off 6:off
old: krb5kdc 0:off 1:off 2:off 3:off 4:off 5:off 6:off
software - cron - /etc/cron.hourly/gdl-update
old: #!/bin/bash
old: CACHE_DIR="/var/cache/google/desktop"
old: PREFIX="/opt/google/desktop"
old: GDL_UPDATE="/opt/google/desktop/bin/gdl_update"
old: PKG_FORMAT="rpm"
old: PKG_UPGRADE_CMD="rpm -U --nodeps"
old: TIMESTAMP_FILE="/var/cache/google/desktop/update_timestamp"
old: ID_FILE="/var/cache/google/desktop/id"
old: PATH=/sbin:/usr/sbin:/bin:/usr/bin:$PATH
old: if [ ! -x "$GDL_UPDATE" ]; then
old: echo "gdl_update is not available."
old: exit 1
old: fi
old: export PATH
old: DO_UPDATE=no
old: if [ ! -e $TIMESTAMP_FILE ]; then
old: if touch $TIMESTAMP_FILE; then
old: DO_UPDATE=yes
old: else
old: echo "Failed to create timestamp file."
old: fi
old: else
old: LAST=`date -u -r $TIMESTAMP_FILE +%s`
old: NOW=`date -u +%s`
old: DELAY=`expr 86400 + $RANDOM % 21600`
old: DIFF=`expr $NOW - $LAST`
old: if [ $DIFF -gt $DELAY ]; then
old: if touch $TIMESTAMP_FILE; then
old: DO_UPDATE=yes
old: else
old: echo "Failed to update timestamp file."
old: fi
old: fi
old: fi
old: if [ "$DO_UPDATE" != "yes" ]; then
old: exit 0
old: fi
old: UUID=""
old: if [ ! -f "$ID_FILE" ]; then
old: UUIDGEN=`which uuidgen`
old: if [ -n "$UUIDGEN" -a -x "$UUIDGEN" ]; then
old: $UUIDGEN > $ID_FILE
old: chmod 644 $ID_FILE
old: fi
old: fi
old: UUID=`cat $ID_FILE`
old: if [ "$UUID" = "" ]; then
old: UUID="0"
old: fi
old: NEW_PKG=`LD_LIBRARY_PATH="/opt/google/desktop/lib:$LD_LIBRARY_PATH" $GDL_UPDATE "rpm" "$UUID"`
old: if [ $? -eq 0 ] && [ -f "$NEW_PKG" ]; then
old: rpm -U --nodeps "$NEW_PKG"
old: if [ $? -eq 0 ]; then
old: echo "Updated successfully."
old: else
old: echo "Update failed."
old: fi
old: rm -f "$NEW_PKG"
old: fi
software - installed-rpms - Productivity/Other
old: google-desktop-linux:1.2.0-0088
software - installed-rpms - System Environment/Base
old: krb5-workstation:1.6.1-36.el5_4.1
software - installed-rpms - System Environment/Daemons
old: krb5-server:1.6.1-36.el5_4.1
software - installed-rpms - System Environment/Libraries
old: krb5-libs:1.6.1-36.el5_4.1
software - pam - /etc/pam.d/ekshell
old: auth required pam_nologin.so
old: auth required pam_securetty.so
old: auth required pam_env.so
old: auth required pam_rhosts_auth.so
old: account include system-auth
old: session optional pam_keyinit.so force revoke
old: session include system-auth
software - pam - /etc/pam.d/gssftp
old: auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
old: auth required pam_shells.so
old: auth include system-auth
old: account required pam_nologin.so
old: account include system-auth
old: session optional pam_keyinit.so force revoke
old: session include system-auth
old: session required pam_loginuid.so
software - pam - /etc/pam.d/kshell
old: auth required pam_nologin.so
old: auth required pam_securetty.so
old: auth required pam_env.so
old: auth required pam_rhosts_auth.so
old: account include system-auth
old: session optional pam_keyinit.so force revoke
old: session include system-auth
software - pam - /etc/pam.d/ksu
old: auth include su
old: account include su
old: session include su
software - sendmail - options
old: Version 8.13.8
old: Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
old: MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
old: NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS
old: TCPWRAPPERS USERDB USE_LDAP_INIT
old: setoption SevenBitInput (7)=False
old: setoption AliasWait (a)=10
old: setoption AliasFile (A)=/etc/aliases
old: setoption MinFreeBlocks (b)=100
old: setoption BlankSub (B)=.
old: setoption HoldExpensive (c)=False
old: setoption DeliveryMode (d)=background
old: setoption TempFileMode (F)=0600
old: setoption HelpFile (H)=/etc/mail/helpfile
old: setoption SendMimeErrors (j)=True
old: setoption ForwardPath (J)=$z/.forward.$w:$z/.forward
old: setoption ConnectionCacheSize (k)=2
old: setoption ConnectionCacheTimeout (K)=5m
old: setoption UseErrorsTo (l)=False
old: setoption LogLevel (L)=9
old: setoption CheckAliases (n)=False
old: setoption OldStyleHeaders (o)=True
old: setoption DaemonPortOptions (O)=Port=smtp,Addr=127.0.0.1, Name=MTA
old: Daemon MTA flags:
old: setoption PrivacyOptions (p)=authwarnings,novrfy,noexpn,restrictqrun
old: setoption QueueDirectory (Q)=/var/spool/mqueue
old: setoption Timeout (r).connect=1m
old: setoption Timeout (r).ident=0
old: setoption Timeout (r).queuereturn=5d
old: setoption Timeout (r).queuewarn=4h
old: setoption SuperSafe (s)=True
old: setoption StatusFile (S)=/var/log/mail/statistics
old: setoption DefaultUser (u)=8:12
old: setoption UserDatabaseSpec (U)=/etc/mail/userdb.db
old: setoption TryNullMXList (w)=True
old: setoption SmtpGreetingMessage (0x90)=$j Sendmail $v/$Z; $b
old: setoption UnixFromLine (0x91)=From $g $d
old: setoption OperatorChars (0x92)=.:%@!^/[]+
old: setoption DontProbeInterfaces (0xa1)=True
old: setoption AuthOptions (0xbd)=A
old: getauthinfo: root@localhost
old: ============ SYSTEM IDENTITY (after readcf) ============
old: (short domain name) $w = centos54
old: (canonical domain name) $j = centos54.local.nl
old: (subdomain name) $m = local.nl
old: (node name) $k = centos54.local.nl
old: ========================================================
old: setoption HoldExpensive (c)=F
old: setoption DeliveryMode (d)=
old: ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
old: Enter <ruleset> <address>
old: > >
old: ====finis: stat 0 e_id=NOQUEUE e_flags=4001<OLDSTYLE,METOO>
system - login - /etc/profile.d/krb5-workstation.csh
old: if ( "${path}" !~ */usr/kerberos/bin* ) then
old: set path = ( /usr/kerberos/bin $path )
old: endif
old: if ( "${path}" !~ */usr/kerberos/sbin* ) then
old: if ( `id -u` == 0 ) then
old: set path = ( /usr/kerberos/sbin $path )
old: endif
old: endif
system - login - /etc/profile.d/krb5-workstation.sh
old: if ! echo ${PATH} | /bin/grep -q /usr/kerberos/bin ; then
old: PATH=/usr/kerberos/bin:${PATH}
old: fi
old: if ! echo ${PATH} | /bin/grep -q /usr/kerberos/sbin ; then
old: if [ `/usr/bin/id -u` = 0 ] ; then
old: PATH=/usr/kerberos/sbin:${PATH}
old: fi
old: fi
system - security - Kerberos - /var/kerberos/krb5kdc/kdc.conf
old: [kdcdefaults]
old: v4_mode = nopreauth
old: kdc_tcp_ports = 88
old: [realms]
old: EXAMPLE.COM = {
old: acl_file = /var/kerberos/krb5kdc/kadm5.acl
old: dict_file = /usr/share/dict/words
old: admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
old: key_stash_file = /var/kerberos/krb5kdc/stash_dbmaster
old: supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
old: }
system - security - Kerberos - /var/kerberos/krb5kdc/kadm5.acl
old: */admin@EXAMPLE.COM *
system - ld - ldconfig - /usr/lib
old: libdes425.so.3 -> libdes425.so.3.0
old: libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2
old: libgssrpc.so.4 -> libgssrpc.so.4.0
old: libk5crypto.so.3 -> libk5crypto.so.3.1
old: libkadm5clnt.so.5 -> libkadm5clnt.so.5.1
old: libkadm5srv.so.5 -> libkadm5srv.so.5.1
old: libkdb5.so.4 -> libkdb5.so.4.0
old: libkrb4.so.2 -> libkrb4.so.2.0
old: libkrb5.so.3 -> libkrb5.so.3.3
old: libkrb5support.so.0 -> libkrb5support.so.0.1
system - security - SASL plugins - auxprop
old: Installed auxprop mechanisms are:
old: sasldb
old: List of auxprop plugins follows
old: Plugin "sasldb" , API version: 4
old: supports store: yes
old:
system - security - SASL plugins - client
old: Installed SASL (client side) mechanisms are:
old: LOGIN ANONYMOUS PLAIN EXTERNAL
old: List of client plugins follows
old: Plugin "login" [loaded], API version: 4
old: SASL mechanism: LOGIN, best SSF: 0
old: security flags: NO_ANONYMOUS
old: features: SERVER_FIRST
old: Plugin "anonymous" [loaded], API version: 4
old: SASL mechanism: ANONYMOUS, best SSF: 0
old: security flags: NO_PLAINTEXT
old: features: WANT_CLIENT_FIRST
old: Plugin "plain" [loaded], API version: 4
old: SASL mechanism: PLAIN, best SSF: 0
old: security flags: NO_ANONYMOUS
old: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
old: Plugin "EXTERNAL" [loaded], API version: 4
old: SASL mechanism: EXTERNAL, best SSF: 0
old: security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
old: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
system - security - SASL plugins - server
old: Installed SASL (server side) mechanisms are:
old: LOGIN ANONYMOUS PLAIN EXTERNAL
old: List of server plugins follows
old: Plugin "login" [loaded], API version: 4
old: SASL mechanism: LOGIN, best SSF: 0, supports setpass: no
old: security flags: NO_ANONYMOUS
old: features:
old: Plugin "anonymous" [loaded], API version: 4
old: SASL mechanism: ANONYMOUS, best SSF: 0, supports setpass: no
old: security flags: NO_PLAINTEXT
old: features: WANT_CLIENT_FIRST
old: Plugin "plain" [loaded], API version: 4
old: SASL mechanism: PLAIN, best SSF: 0, supports setpass: no
old: security flags: NO_ANONYMOUS
old: features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
remark :
runtime : 41
count : 60
previous date : 2010-05-11
previous time : 16.42.54
software - cron - /etc/cron.hourly/gdl-update
new: #!/bin/bash
new: CACHE_DIR="/var/cache/google/desktop"
new: PREFIX="/opt/google/desktop"
new: GDL_UPDATE="/opt/google/desktop/bin/gdl_update"
new: PKG_FORMAT="rpm"
new: PKG_UPGRADE_CMD="rpm -U --nodeps"
new: TIMESTAMP_FILE="/var/cache/google/desktop/update_timestamp"
new: ID_FILE="/var/cache/google/desktop/id"
new: PATH=/sbin:/usr/sbin:/bin:/usr/bin:$PATH
new: if [ ! -x "$GDL_UPDATE" ]; then
new: echo "gdl_update is not available."
new: exit 1
new: fi
new: export PATH
new: DO_UPDATE=no
new: if [ ! -e $TIMESTAMP_FILE ]; then
new: if touch $TIMESTAMP_FILE; then
new: DO_UPDATE=yes
new: else
new: echo "Failed to create timestamp file."
new: fi
new: else
new: LAST=`date -u -r $TIMESTAMP_FILE +%s`
new: NOW=`date -u +%s`
new: DELAY=`expr 86400 + $RANDOM % 21600`
new: DIFF=`expr $NOW - $LAST`
new: if [ $DIFF -gt $DELAY ]; then
new: if touch $TIMESTAMP_FILE; then
new: DO_UPDATE=yes
new: else
new: echo "Failed to update timestamp file."
new: fi
new: fi
new: fi
new: if [ "$DO_UPDATE" != "yes" ]; then
new: exit 0
new: fi
new: UUID=""
new: if [ ! -f "$ID_FILE" ]; then
new: UUIDGEN=`which uuidgen`
new: if [ -n "$UUIDGEN" -a -x "$UUIDGEN" ]; then
new: $UUIDGEN > $ID_FILE
new: chmod 644 $ID_FILE
new: fi
new: fi
new: UUID=`cat $ID_FILE`
new: if [ "$UUID" = "" ]; then
new: UUID="0"
new: fi
new: NEW_PKG=`LD_LIBRARY_PATH="/opt/google/desktop/lib:$LD_LIBRARY_PATH" $GDL_UPDATE "rpm" "$UUID"`
new: if [ $? -eq 0 ] && [ -f "$NEW_PKG" ]; then
new: rpm -U --nodeps "$NEW_PKG"
new: if [ $? -eq 0 ]; then
new: echo "Updated successfully."
new: else
new: echo "Update failed."
new: fi
new: rm -f "$NEW_PKG"
new: fi
software - installed-rpms - Productivity/Other
new: google-desktop-linux:1.2.0-0088
remark : Install and activate apache
runtime : 40
count : 281
previous date : 2010-05-11
previous time : 14.39.41
boot - sysconfig - /etc/sysconfig/ip6tables
new: -A RH-Firewall-1-INPUT -m tcp -p tcp --dport 80 -j ACCEPT
boot - sysconfig - /etc/sysconfig/iptables
new: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
boot - run level - /etc/rc.d/rc0.d
new: K15httpd -> ../init.d/httpd
boot - run level - /etc/rc.d/rc1.d
new: K15httpd -> ../init.d/httpd
boot - run level - /etc/rc.d/rc2.d
new: K15httpd -> ../init.d/httpd
boot - run level - /etc/rc.d/rc3.d
new: K15httpd -> ../init.d/httpd
boot - run level - /etc/rc.d/rc4.d
new: K15httpd -> ../init.d/httpd
boot - run level - /etc/rc.d/rc5.d
new: K15httpd -> ../init.d/httpd
boot - run level - /etc/rc.d/rc6.d
new: K15httpd -> ../init.d/httpd
boot - run level - chkconfig
new: httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
network - ports
new: http 80
software - Apache - /usr/sbin/httpd
new: -D APACHE_MPM_DIR="server/mpm/prefork"
new: -D APR_HAVE_IPV6 (IPv4-mapped addresses
new: -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
new: -D AP_HAVE_RELIABLE_PIPED_LOGS
new: -D SUEXEC_BIN="/usr/sbin/suexec"
new: -D DEFAULT_PIDLOG="logs/httpd.pid"
new: -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
new: -D DEFAULT_LOCKFILE="logs/accept.lock"
new: -D DEFAULT_ERRORLOG="logs/error_log"
new: -D AP_TYPES_CONFIG_FILE="conf/mime.types"
new: -D SERVER_CONFIG_FILE="conf/httpd.conf"
new: -D APR_HAS_SENDFILE
new: -D APR_HAS_MMAP
new: -D APR_USE_SYSVSEM_SERIALIZE
new: -D APR_USE_PTHREAD_SERIALIZE
new: -D APR_HAS_OTHER_CHILD
new: -D DYNAMIC_MODULE_LIMIT=%ld
new: -D HTTPD_ROOT="/etc/httpd"
software - Apache - /etc/httpd/conf/httpd.conf
new: ServerTokens OS
new: ServerRoot "/etc/httpd"
new: PidFile run/httpd.pid
new: Timeout 120
new: KeepAlive Off
new: MaxKeepAliveRequests 100
new: KeepAliveTimeout 15
new: <IfModule prefork.c>
new: StartServers 8
new: MinSpareServers 5
new: MaxSpareServers 20
new: ServerLimit 256
new: MaxClients 256
new: MaxRequestsPerChild 4000
new: </IfModule>
new: <IfModule worker.c>
new: StartServers 2
new: MaxClients 150
new: MinSpareThreads 25
new: MaxSpareThreads 75
new: ThreadsPerChild 25
new: MaxRequestsPerChild 0
new: </IfModule>
new: Listen 80
new: LoadModule auth_basic_module modules/mod_auth_basic.so
new: LoadModule auth_digest_module modules/mod_auth_digest.so
new: LoadModule authn_file_module modules/mod_authn_file.so
new: LoadModule authn_alias_module modules/mod_authn_alias.so
new: LoadModule authn_anon_module modules/mod_authn_anon.so
new: LoadModule authn_dbm_module modules/mod_authn_dbm.so
new: LoadModule authn_default_module modules/mod_authn_default.so
new: LoadModule authz_host_module modules/mod_authz_host.so
new: LoadModule authz_user_module modules/mod_authz_user.so
new: LoadModule authz_owner_module modules/mod_authz_owner.so
new: LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
new: LoadModule authz_dbm_module modules/mod_authz_dbm.so
new: LoadModule authz_default_module modules/mod_authz_default.so
new: LoadModule ldap_module modules/mod_ldap.so
new: LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
new: LoadModule include_module modules/mod_include.so
new: LoadModule log_config_module modules/mod_log_config.so
new: LoadModule logio_module modules/mod_logio.so
new: LoadModule env_module modules/mod_env.so
new: LoadModule ext_filter_module modules/mod_ext_filter.so
new: LoadModule mime_magic_module modules/mod_mime_magic.so
new: LoadModule expires_module modules/mod_expires.so
new: LoadModule deflate_module modules/mod_deflate.so
new: LoadModule headers_module modules/mod_headers.so
new: LoadModule usertrack_module modules/mod_usertrack.so
new: LoadModule setenvif_module modules/mod_setenvif.so
new: LoadModule mime_module modules/mod_mime.so
new: LoadModule dav_module modules/mod_dav.so
new: LoadModule status_module modules/mod_status.so
new: LoadModule autoindex_module modules/mod_autoindex.so
new: LoadModule info_module modules/mod_info.so
new: LoadModule dav_fs_module modules/mod_dav_fs.so
new: LoadModule vhost_alias_module modules/mod_vhost_alias.so
new: LoadModule negotiation_module modules/mod_negotiation.so
new: LoadModule dir_module modules/mod_dir.so
new: LoadModule actions_module modules/mod_actions.so
new: LoadModule speling_module modules/mod_speling.so
new: LoadModule userdir_module modules/mod_userdir.so
new: LoadModule alias_module modules/mod_alias.so
new: LoadModule rewrite_module modules/mod_rewrite.so
new: LoadModule proxy_module modules/mod_proxy.so
new: LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
new: LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
new: LoadModule proxy_http_module modules/mod_proxy_http.so
new: LoadModule proxy_connect_module modules/mod_proxy_connect.so
new: LoadModule cache_module modules/mod_cache.so
new: LoadModule suexec_module modules/mod_suexec.so
new: LoadModule disk_cache_module modules/mod_disk_cache.so
new: LoadModule file_cache_module modules/mod_file_cache.so
new: LoadModule mem_cache_module modules/mod_mem_cache.so
new: LoadModule cgi_module modules/mod_cgi.so
new: LoadModule version_module modules/mod_version.so
new: Include conf.d/*.conf
new: User apache
new: Group apache
new: ServerAdmin root@localhost
new: UseCanonicalName Off
new: DocumentRoot "/var/www/html"
new: <Directory />
new: Options FollowSymLinks
new: AllowOverride None
new: </Directory>
new: <Directory "/var/www/html">
new: Options Indexes FollowSymLinks
new: AllowOverride None
new: Order allow,deny
new: Allow from all
new: </Directory>
new: <IfModule mod_userdir.c>
new: UserDir disable
new: </IfModule>
new: DirectoryIndex index.html index.html.var
new: AccessFileName .htaccess
new: <Files ~ "^\.ht">
new: Order allow,deny
new: Deny from all
new: </Files>
new: TypesConfig /etc/mime.types
new: DefaultType text/plain
new: <IfModule mod_mime_magic.c>
new: MIMEMagicFile conf/magic
new: </IfModule>
new: HostnameLookups Off
new: ErrorLog logs/error_log
new: LogLevel warn
new: LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
new: LogFormat "%h %l %u %t \"%r\" %>s %b" common
new: LogFormat "%{Referer}i -> %U" referer
new: LogFormat "%{User-agent}i" agent
new: CustomLog logs/access_log combined
new: ServerSignature On
new: Alias /icons/ "/var/www/icons/"
new: <Directory "/var/www/icons">
new: Options Indexes MultiViews
new: AllowOverride None
new: Order allow,deny
new: Allow from all
new: </Directory>
new: <IfModule mod_dav_fs.c>
new: DAVLockDB /var/lib/dav/lockdb
new: </IfModule>
new: ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
new: <Directory "/var/www/cgi-bin">
new: AllowOverride None
new: Options None
new: Order allow,deny
new: Allow from all
new: </Directory>
new: IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
new: AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
new: AddIconByType (TXT,/icons/text.gif) text/*
new: AddIconByType (IMG,/icons/image2.gif) image/*
new: AddIconByType (SND,/icons/sound2.gif) audio/*
new: AddIconByType (VID,/icons/movie.gif) video/*
new: AddIcon /icons/binary.gif .bin .exe
new: AddIcon /icons/binhex.gif .hqx
new: AddIcon /icons/tar.gif .tar
new: AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
new: AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
new: AddIcon /icons/a.gif .ps .ai .eps
new: AddIcon /icons/layout.gif .html .shtml .htm .pdf
new: AddIcon /icons/text.gif .txt
new: AddIcon /icons/c.gif .c
new: AddIcon /icons/p.gif .pl .py
new: AddIcon /icons/f.gif .for
new: AddIcon /icons/dvi.gif .dvi
new: AddIcon /icons/uuencoded.gif .uu
new: AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
new: AddIcon /icons/tex.gif .tex
new: AddIcon /icons/bomb.gif core
new: AddIcon /icons/back.gif ..
new: AddIcon /icons/hand.right.gif README
new: AddIcon /icons/folder.gif ^^DIRECTORY^^
new: AddIcon /icons/blank.gif ^^BLANKICON^^
new: DefaultIcon /icons/unknown.gif
new: ReadmeName README.html
new: HeaderName HEADER.html
new: IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
new: AddLanguage ca .ca
new: AddLanguage cs .cz .cs
new: AddLanguage da .dk
new: AddLanguage de .de
new: AddLanguage el .el
new: AddLanguage en .en
new: AddLanguage eo .eo
new: AddLanguage es .es
new: AddLanguage et .et
new: AddLanguage fr .fr
new: AddLanguage he .he
new: AddLanguage hr .hr
new: AddLanguage it .it
new: AddLanguage ja .ja
new: AddLanguage ko .ko
new: AddLanguage ltz .ltz
new: AddLanguage nl .nl
new: AddLanguage nn .nn
new: AddLanguage no .no
new: AddLanguage pl .po
new: AddLanguage pt .pt
new: AddLanguage pt-BR .pt-br
new: AddLanguage ru .ru
new: AddLanguage sv .sv
new: AddLanguage zh-CN .zh-cn
new: AddLanguage zh-TW .zh-tw
new: LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
new: ForceLanguagePriority Prefer Fallback
new: AddDefaultCharset UTF-8
new: AddType application/x-compress .Z
new: AddType application/x-gzip .gz .tgz
new: AddHandler type-map var
new: AddType text/html .shtml
new: AddOutputFilter INCLUDES .shtml
new: Alias /error/ "/var/www/error/"
new: <IfModule mod_negotiation.c>
new: <IfModule mod_include.c>
new: <Directory "/var/www/error">
new: AllowOverride None
new: Options IncludesNoExec
new: AddOutputFilter Includes html
new: AddHandler type-map var
new: Order allow,deny
new: Allow from all
new: LanguagePriority en es de fr
new: ForceLanguagePriority Prefer Fallback
new: </Directory>
new: </IfModule>
new: </IfModule>
new: BrowserMatch "Mozilla/2" nokeepalive
new: BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
new: BrowserMatch "RealPlayer 4\.0" force-response-1.0
new: BrowserMatch "Java/1\.0" force-response-1.0
new: BrowserMatch "JDK/1\.0" force-response-1.0
new: BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
new: BrowserMatch "MS FrontPage" redirect-carefully
new: BrowserMatch "^WebDrive" redirect-carefully
new: BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
new: BrowserMatch "^gnome-vfs/1.0" redirect-carefully
new: BrowserMatch "^XML Spy" redirect-carefully
new: BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
software - Apache - /etc/httpd/conf/httpd.conf include - /etc/httpd/conf.d/proxy_ajp.conf
new: LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
software - Apache - /etc/httpd/conf/httpd.conf include - /etc/httpd/conf.d/welcome.conf
new: <LocationMatch "^/+$">
new: Options -Indexes
new: ErrorDocument 403 /error/noindex.html
new: </LocationMatch>
software - installed-rpms - Applications/Databases
new: postgresql-libs:8.1.18-2.el5_4.1
software - installed-rpms - System Environment/Daemons
new: httpd:2.2.3-31.el5.centos.4
software - installed-rpms - System Environment/Libraries
new: apr-util:1.2.7-7.el5_3.2
new: apr:1.2.7-11.el5_3.1
software - installed-rpms - Utilities/System
old: scc:1.11-20
new: scc:1.12-1
software - iptables - rules
new: -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
software - iptables - list
new: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
software - logrotate - /etc/logrotate.conf include - /etc/logrotate.d/httpd
new: /var/log/httpd/*log {
new: missingok
new: notifempty
new: sharedscripts
new: postrotate
new: /sbin/service httpd reload > /dev/null 2>/dev/null || true
new: endscript
new: }
system - ld - ldconfig - /usr/lib
new: libapr-1.so.0 -> libapr-1.so.0.2.7
new: libaprutil-1.so.0 -> libaprutil-1.so.0.2.7
new: libecpg.so.5 -> libecpg.so.5.1
new: libecpg_compat.so.2 -> libecpg_compat.so.2.1
new: libpgtypes.so.2 -> libpgtypes.so.2.1
new: libpq.so.4 -> libpq.so.4.1
users - /etc/passwd
new: apache:x:48:48:Apache:/var/www:/sbin/nologin
users - /etc/group
new: apache:48:
remark :
runtime : 40
count : 6
previous date : 2010-05-10
previous time : 10.59.58
software - ldap - /etc/openldap/slapd.conf
old: access to dn.subtree="cn=kerberos,dc=example,dc=com"
old: by dn.exact="cn=kdc-service,dc=example,dc=com" read
old: by dn.exact="cn=adm-service,dc=example,dc=com" write
new: access to dn.subtree="ou=kerberos,dc=example,dc=com"
new: by dn.exact="cn=kdc-service,ou=kerberos,dc=example,dc=com" read
new: by dn.exact="cn=kadm-service,ou=kerberos,dc=example,dc=com" write
remark :
runtime : 52
count : 25
previous date : 2010-05-04
previous time : 13.38.52
kernel - modules - ip6_tables
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6_tables.ko
old: description: IPv6 packet filter
old: author: Netfilter Core Team <coreteam@netfilter.org>
old: license: GPL
old: srcversion: 680DDC96C21815AD53C75E5
old: depends: x_tables
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7841581431131ff6a5271128d430a0d9cc32b46bff72259037fdad18b44146c173f7d20a0b56980e242b3dacf5212493a83e0541fc4bb67
kernel - modules - ip6t_REJECT
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6t_REJECT.ko
old: license: GPL
old: description: IP6 tables REJECT target module
old: author: Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
old: srcversion: 34EB18CDF9552C0922B414F
old: depends: ipv6,x_tables
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7841581431131ff6a527112a5d30a0a44b6ac4a0885c19c9810216852ec2b4c71a4909f66c4f8cf6e1bf9ced1d4756da86760cbcaec5ba2
kernel - modules - ip6table_filter
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6table_filter.ko
old: description: ip6tables filter table
old: author: Netfilter Core Team <coreteam@netfilter.org>
old: license: GPL
old: srcversion: 3E091BB0E38F4A546A76F4A
old: depends: ip6_tables
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: parm: forward:bool
old: module_sig: 883f3504a9f7841581431131ff6a527112a5da0a0914bfb882962b6764d3d7d6a48111c3f82b8dc0a0bba72caaac7b67cb2c28f99dfe925f48de37c
remark : configured LDAP and added Keberos schema
runtime : 40
count : 286
previous date : 2010-05-03
previous time : 14.28.20
software - installed-rpms - Applications/System
new: nmap:4.11-1.1
software - installed-rpms - Development/Debuggers
new: strace:4.5.18-5.el5_4.4
software - ldap - /etc/openldap/ldap.conf
old: URI ldap://192.168.178.22
new: URI ldap://192.168.178.222
software - ldap - /etc/openldap/slapd.conf
new: include /etc/openldap/schema/kerberos.schema
new: access to dn.base=""
new: by * read
new: access to dn.base="cn=Subschema"
new: by * read
new: access to attrs=userPassword,userPKCS12
new: by self write
new: by * auth
new: access to attrs=shadowLastChange
new: by self write
new: by * read
new: access to dn.subtree="cn=kerberos,dc=example,dc=com"
new: by dn.exact="cn=kdc-service,dc=example,dc=com" read
new: by dn.exact="cn=adm-service,dc=example,dc=com" write
new: by * none
new: access to *
new: by * read
software - ldap - /etc/openldap/schema/kerberos.schema
new: attributetype ( 2.16.840.1.113719.1.301.4.1.1
new: NAME 'krbPrincipalName'
new: EQUALITY caseExactIA5Match
new: SUBSTR caseExactSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
new: attributetype ( 1.2.840.113554.1.4.1.6.1
new: NAME 'krbCanonicalName'
new: EQUALITY caseExactIA5Match
new: SUBSTR caseExactSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.3.1
new: NAME 'krbPrincipalType'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.5.1
new: NAME 'krbUPEnabled'
new: DESC 'Boolean'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.6.1
new: NAME 'krbPrincipalExpiration'
new: EQUALITY generalizedTimeMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.8.1
new: NAME 'krbTicketFlags'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.9.1
new: NAME 'krbMaxTicketLife'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.10.1
new: NAME 'krbMaxRenewableAge'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.14.1
new: NAME 'krbRealmReferences'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 2.16.840.1.113719.1.301.4.15.1
new: NAME 'krbLdapServers'
new: EQUALITY caseIgnoreMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
new: attributetype ( 2.16.840.1.113719.1.301.4.17.1
new: NAME 'krbKdcServers'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 2.16.840.1.113719.1.301.4.18.1
new: NAME 'krbPwdServers'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 2.16.840.1.113719.1.301.4.24.1
new: NAME 'krbHostServer'
new: EQUALITY caseExactIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
new: attributetype ( 2.16.840.1.113719.1.301.4.25.1
new: NAME 'krbSearchScope'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.26.1
new: NAME 'krbPrincipalReferences'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 2.16.840.1.113719.1.301.4.28.1
new: NAME 'krbPrincNamingAttr'
new: EQUALITY caseIgnoreMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.29.1
new: NAME 'krbAdmServers'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 2.16.840.1.113719.1.301.4.30.1
new: NAME 'krbMaxPwdLife'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.31.1
new: NAME 'krbMinPwdLife'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.32.1
new: NAME 'krbPwdMinDiffChars'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.33.1
new: NAME 'krbPwdMinLength'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.34.1
new: NAME 'krbPwdHistoryLength'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 1.3.6.1.4.1.5322.21.2.1
new: NAME 'krbPwdMaxFailure'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 1.3.6.1.4.1.5322.21.2.2
new: NAME 'krbPwdFailureCountInterval'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 1.3.6.1.4.1.5322.21.2.3
new: NAME 'krbPwdLockoutDuration'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.36.1
new: NAME 'krbPwdPolicyReference'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.37.1
new: NAME 'krbPasswordExpiration'
new: EQUALITY generalizedTimeMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.39.1
new: NAME 'krbPrincipalKey'
new: EQUALITY octetStringMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
new: attributetype ( 2.16.840.1.113719.1.301.4.40.1
new: NAME 'krbTicketPolicyReference'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.41.1
new: NAME 'krbSubTrees'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 2.16.840.1.113719.1.301.4.42.1
new: NAME 'krbDefaultEncSaltTypes'
new: EQUALITY caseIgnoreMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
new: attributetype ( 2.16.840.1.113719.1.301.4.43.1
new: NAME 'krbSupportedEncSaltTypes'
new: EQUALITY caseIgnoreMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
new: attributetype ( 2.16.840.1.113719.1.301.4.44.1
new: NAME 'krbPwdHistory'
new: EQUALITY octetStringMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
new: attributetype ( 2.16.840.1.113719.1.301.4.45.1
new: NAME 'krbLastPwdChange'
new: EQUALITY generalizedTimeMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.46.1
new: NAME 'krbMKey'
new: EQUALITY octetStringMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
new: attributetype ( 2.16.840.1.113719.1.301.4.47.1
new: NAME 'krbPrincipalAliases'
new: EQUALITY caseExactIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
new: attributetype ( 2.16.840.1.113719.1.301.4.48.1
new: NAME 'krbLastSuccessfulAuth'
new: EQUALITY generalizedTimeMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.49.1
new: NAME 'krbLastFailedAuth'
new: EQUALITY generalizedTimeMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.50.1
new: NAME 'krbLoginFailedCount'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
new: SINGLE-VALUE)
new: attributetype ( 2.16.840.1.113719.1.301.4.51.1
new: NAME 'krbExtraData'
new: EQUALITY octetStringMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
new: attributetype ( 2.16.840.1.113719.1.301.4.52.1
new: NAME 'krbObjectReferences'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 2.16.840.1.113719.1.301.4.53.1
new: NAME 'krbPrincContainerRef'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
new: attributetype ( 1.3.6.1.4.1.5322.21.2.4
new: NAME 'krbAllowedToDelegateTo'
new: EQUALITY caseExactIA5Match
new: SUBSTR caseExactSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
new: objectclass ( 2.16.840.1.113719.1.301.6.1.1
new: NAME 'krbContainer'
new: SUP top
new: STRUCTURAL
new: MUST ( cn ) )
new: objectclass ( 2.16.840.1.113719.1.301.6.2.1
new: NAME 'krbRealmContainer'
new: SUP top
new: STRUCTURAL
new: MUST ( cn )
new: MAY ( krbMKey $ krbUPEnabled $ krbSubTrees $ krbSearchScope $ krbLdapServers $ krbSupportedEncSaltTypes $ krbDefaultEncSaltTypes $ krbTicketPolicyReference $ krbKdcServers $ krbPwdServers $ krbAdmServers $ krbPrincNamingAttr $ krbPwdPolicyReference $ krbPrincContainerRef ) )
new: objectclass ( 2.16.840.1.113719.1.301.6.3.1
new: NAME 'krbService'
new: SUP top
new: ABSTRACT
new: MUST ( cn )
new: MAY ( krbHostServer $ krbRealmReferences ) )
new: objectclass ( 2.16.840.1.113719.1.301.6.4.1
new: NAME 'krbKdcService'
new: SUP krbService
new: STRUCTURAL )
new: objectclass ( 2.16.840.1.113719.1.301.6.5.1
new: NAME 'krbPwdService'
new: SUP krbService
new: STRUCTURAL )
new: objectclass ( 2.16.840.1.113719.1.301.6.8.1
new: NAME 'krbPrincipalAux'
new: SUP top
new: AUXILIARY
new: MAY ( krbPrincipalName $ krbCanonicalName $ krbUPEnabled $ krbPrincipalKey $ krbTicketPolicyReference $ krbPrincipalExpiration $ krbPasswordExpiration $ krbPwdPolicyReference $ krbPrincipalType $ krbPwdHistory $ krbLastPwdChange $ krbPrincipalAliases $ krbLastSuccessfulAuth $ krbLastFailedAuth $ krbLoginFailedCount $ krbExtraData $ krbAllowedToDelegateTo ) )
new: objectclass ( 2.16.840.1.113719.1.301.6.9.1
new: NAME 'krbPrincipal'
new: SUP top
new: MUST ( krbPrincipalName )
new: MAY ( krbObjectReferences ) )
new: objectclass ( 2.16.840.1.113719.1.301.6.11.1
new: NAME 'krbPrincRefAux'
new: SUP top
new: AUXILIARY
new: MAY krbPrincipalReferences )
new: objectclass ( 2.16.840.1.113719.1.301.6.13.1
new: NAME 'krbAdmService'
new: SUP krbService
new: STRUCTURAL )
new: objectclass ( 2.16.840.1.113719.1.301.6.14.1
new: NAME 'krbPwdPolicy'
new: SUP top
new: MUST ( cn )
new: MAY ( krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration ) )
new: objectclass ( 2.16.840.1.113719.1.301.6.16.1
new: NAME 'krbTicketPolicyAux'
new: SUP top
new: AUXILIARY
new: MAY ( krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge ) )
new: objectclass ( 2.16.840.1.113719.1.301.6.17.1
new: NAME 'krbTicketPolicy'
new: SUP top
new: MUST ( cn ) )
system - security - Kerberos - /var/kerberos/krb5kdc/kdc.conf
old: [dbmodules]
old: db_library = kldap
old: ldap_kerberos_container_dn = dn=Krb5Realms,dc=example,dc=com
old: ldap_kdc_dn = dn=krbadmin,dc=example,dc=com
old: ldap_kadmind_dn = dn=krbadmin,dc=example,dc=com
old: ldap_service_passwd_file = stash_file
old: ldap_server = ldap://centos54.local.nl
new: key_stash_file = /var/kerberos/krb5kdc/stash_dbmaster
remark : installed software to provide ldap.h for compiling kerberos --with-ldap
runtime : 43
count : 14
previous date : 2010-05-03
previous time : 12.13.21
software - installed-rpms - Development/Libraries
new: cyrus-sasl-devel:2.1.22-5.el5_4.3
new: openldap-devel:2.3.43-3.el5
software - installed-rpms - System Environment/Libraries
old: cyrus-sasl-lib:2.1.22-5.el5
old: cyrus-sasl-plain:2.1.22-5.el5
old: cyrus-sasl:2.1.22-5.el5
new: cyrus-sasl-lib:2.1.22-5.el5_4.3
new: cyrus-sasl-plain:2.1.22-5.el5_4.3
new: cyrus-sasl:2.1.22-5.el5_4.3
system - ld - ldconfig - /usr/lib
old: liblber-2.3.so.0 -> liblber-2.3.so.0.2.31
old: libldap-2.3.so.0 -> libldap-2.3.so.0.2.31
old: libldap_r-2.3.so.0 -> libldap_r-2.3.so.0.2.31
new: liblber-2.3.so.0 -> liblber.so
new: libldap-2.3.so.0 -> libldap.so
new: libldap_r-2.3.so.0 -> libldap_r.so
remark :
runtime : 39
count : 30
previous date : 2010-05-03
previous time : 11.54.17
boot - sysconfig - /etc/sysconfig/ip6tables
new: -A RH-Firewall-1-INPUT -m tcp -p tcp --dport 389 -j ACCEPT
boot - sysconfig - /etc/sysconfig/iptables
new: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT
boot - sysconfig - /etc/sysconfig/system-config-securitylevel
new: --port=389:tcp
kernel - modules - ip6_tables
new: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6_tables.ko
new: description: IPv6 packet filter
new: author: Netfilter Core Team <coreteam@netfilter.org>
new: license: GPL
new: srcversion: 680DDC96C21815AD53C75E5
new: depends: x_tables
new: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
new: module_sig: 883f3504a9f7841581431131ff6a5271128d430a0d9cc32b46bff72259037fdad18b44146c173f7d20a0b56980e242b3dacf5212493a83e0541fc4bb67
kernel - modules - ip6t_REJECT
new: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6t_REJECT.ko
new: license: GPL
new: description: IP6 tables REJECT target module
new: author: Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
new: srcversion: 34EB18CDF9552C0922B414F
new: depends: ipv6,x_tables
new: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
new: module_sig: 883f3504a9f7841581431131ff6a527112a5d30a0a44b6ac4a0885c19c9810216852ec2b4c71a4909f66c4f8cf6e1bf9ced1d4756da86760cbcaec5ba2
kernel - modules - ip6table_filter
new: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6table_filter.ko
new: description: ip6tables filter table
new: author: Netfilter Core Team <coreteam@netfilter.org>
new: license: GPL
new: srcversion: 3E091BB0E38F4A546A76F4A
new: depends: ip6_tables
new: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
new: parm: forward:bool
new: module_sig: 883f3504a9f7841581431131ff6a527112a5da0a0914bfb882962b6764d3d7d6a48111c3f82b8dc0a0bba72caaac7b67cb2c28f99dfe925f48de37c
software - iptables - rules
new: -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 389 -j ACCEPT
software - iptables - list
new: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:389
remark : gcc and yacc installed to compile kerberos
runtime : 52
count : 107
previous date : 2010-04-29
previous time : 18.51.53
kernel - modules - ip_conntrack
new: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv4/netfilter/ip_conntrack.ko
new: license: GPL
new: srcversion: 0C75F64B26F49D9D9027A01
new: depends: nfnetlink
new: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
new: module_sig: 883f3504a9f7848581431131ff6a527112478309d12def4631a60fbcfcfc232d58331e9479737facd0a09d76452a198339ae4a50ac5c7ba9825b8281784
kernel - modules - ip_conntrack_netbios_ns
new: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv4/netfilter/ip_conntrack_netbios_ns.ko
new: license: GPL
new: description: NetBIOS name service broadcast connection tracking helper
new: author: Patrick McHardy <kaber@trash.net>
new: srcversion: 2CD3536046C4DF7C8FE4921
new: depends: ip_conntrack
new: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
new: parm: timeout:timeout for master connection/replies in seconds (uint)
new: module_sig: 883f3504a9f7847581431131ff6a5271124f8c0a09e6f445ad778ddb0b4896ee84e8d522e8c17f0a0b6273632c1df6a968290ffcec989d4d1776fd854
kernel - modules - nfnetlink
new: filename: /lib/modules/2.6.18-164.el5/kernel/net/netfilter/nfnetlink.ko
new: author: Harald Welte <laforge@netfilter.org>
new: license: GPL
new: srcversion: 534CCF99A5723062787C661
new: depends:
new: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
new: module_sig: 883f3504a9f7846581431131ff6a527112b0e409f6e0964817386ffc36b21220bda61abf63c39be10a081ff7d7b12526cfbc0a2b026d14bdef2f5642b
kernel - modules - xt_state
new: filename: /lib/modules/2.6.18-164.el5/kernel/net/netfilter/xt_state.ko
new: description: ip[6]_tables connection tracking state match module
new: author: Rusty Russell <rusty@rustcorp.com.au>
new: license: GPL
new: srcversion: F6B91ACBD0E26C745A2ECB5
new: depends: x_tables,ip_conntrack
new: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
new: module_sig: 883f3504a9f7845581431131ff6a5271125d60a0eb7ca8e9d0793b7d3e4134829f4ee3f61b39420a0e2aa8bf77eeaf0d5dba06620a09f2f2d88c51a40
network - file - /etc/nsswitch.conf
old: hosts: files
new: hosts: files dns
network - sysctl
new: net.ipv4.ip_conntrack_max = 32760
new: net.ipv4.netfilter.ip_conntrack_buckets = 4095
new: net.ipv4.netfilter.ip_conntrack_checksum = 1
new: net.ipv4.netfilter.ip_conntrack_generic_timeout = 600
new: net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30
new: net.ipv4.netfilter.ip_conntrack_log_invalid = 0
new: net.ipv4.netfilter.ip_conntrack_max = 32760
new: net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 0
new: net.ipv4.netfilter.ip_conntrack_tcp_loose = 1
new: net.ipv4.netfilter.ip_conntrack_tcp_max_retrans = 3
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_max_retrans = 300
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120
new: net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120
new: net.ipv4.netfilter.ip_conntrack_udp_timeout = 30
new: net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180
network - ip
new: ip_conntrack_max: 32760
network - netstat-route
old: default:192.168.178.1:0.0.0.0:ug:0:eth0
new: default:fritz.box:0.0.0.0:ug:0:eth0
software - installed-rpms - Development/Languages
new: cpp:4.1.2-46.el5_4.2
new: gcc:4.1.2-46.el5_4.2
software - installed-rpms - Development/Libraries
new: glibc-devel:2.5-42.el5_4.3
new: glibc-headers:2.5-42.el5_4.3
software - installed-rpms - Development/System
new: kernel-headers:2.6.18-164.15.1.el5
software - installed-rpms - Development/Tools
new: byacc:1.9-29.2.2
software - installed-rpms - System Environment/Base
old: glibc-common:2.5-42
new: glibc-common:2.5-42.el5_4.3
software - installed-rpms - System Environment/Daemons
old: nscd:2.5-42
new: nscd:2.5-42.el5_4.3
software - installed-rpms - System Environment/Libraries
old: glibc:2.5-42
new: glibc:2.5-42.el5_4.3
old: libgcc:4.1.2-46.el5
new: libgcc:4.1.2-46.el5_4.2
new: libgomp:4.4.0-6.el5
software - iptables - rules
new: :RH-Firewall-1-INPUT -
new: -A INPUT -j RH-Firewall-1-INPUT
new: -A FORWARD -j RH-Firewall-1-INPUT
new: -A RH-Firewall-1-INPUT -i lo -j ACCEPT
new: -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
new: -A RH-Firewall-1-INPUT -p esp -j ACCEPT
new: -A RH-Firewall-1-INPUT -p ah -j ACCEPT
new: -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
new: -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
new: -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
new: -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
new: -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
new: -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
software - iptables - list
new: RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
new: RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
new:
new: Chain RH-Firewall-1-INPUT (2 references)
new: target prot opt source destination
new: ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
new: ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
new: ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
new: ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
new: ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
new: ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
new: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
new: ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
new: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
new: REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
system - security - Kerberos - /var/kerberos/krb5kdc/kdc.conf
new: [dbmodules]
new: db_library = kldap
new: ldap_kerberos_container_dn = dn=Krb5Realms,dc=example,dc=com
new: ldap_kdc_dn = dn=krbadmin,dc=example,dc=com
new: ldap_kadmind_dn = dn=krbadmin,dc=example,dc=com
new: ldap_service_passwd_file = stash_file
new: ldap_server = ldap://centos54.local.nl
system - ld - ldconfig - /usr/lib
new: libgomp.so.1 -> libgomp.so.1.0.0
remark : extra krb5kdc directory to check
runtime : 39
count : 11
previous date : 2010-04-29
previous time : 18.46.18
system - security - Kerberos - /var/kerberos/krb5kdc/kdc.conf
new: [kdcdefaults]
new: v4_mode = nopreauth
new: kdc_tcp_ports = 88
new: [realms]
new: EXAMPLE.COM = {
new: acl_file = /var/kerberos/krb5kdc/kadm5.acl
new: dict_file = /usr/share/dict/words
new: admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
new: supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
new: }
system - security - Kerberos - /var/kerberos/krb5kdc/kadm5.acl
new: */admin@EXAMPLE.COM *
remark : avoid duplicate IP asdress
runtime : 38
count : 29
previous date : 2010-04-29
previous time : 18.25.00
general
old: hostid:a8c016b2
new: hostid:a8c0deb2
boot - sysconfig - /etc/sysconfig/networking/devices/ifcfg-eth0
new: TYPE=Ethernet
old: BOOTPROTO=none
new: BOOTPROTO=
new: IPADDR=192.168.178.222
new: NETMASK=255.255.255.0
old: NETMASK=255.255.255.0
old: IPADDR=192.168.178.22
boot - sysconfig - /etc/sysconfig/networking/profiles/default/hosts
old: 192.168.178.22 centos54.local.nl centos54
new: 192.168.178.222 centos54.local.nl centos54
boot - sysconfig - /etc/sysconfig/networking/profiles/default/ifcfg-eth0
new: TYPE=Ethernet
old: BOOTPROTO=none
new: BOOTPROTO=
new: IPADDR=192.168.178.222
new: NETMASK=255.255.255.0
old: NETMASK=255.255.255.0
old: IPADDR=192.168.178.22
network - file - /etc/hosts
old: 192.168.178.22 centos54.local.nl centos54
new: 192.168.178.222 centos54.local.nl centos54
network - lan - eth0
new: network-script: TYPE=Ethernet
old: network-script: BOOTPROTO=none
new: network-script: BOOTPROTO=
new: network-script: IPADDR=192.168.178.222
new: network-script: NETMASK=255.255.255.0
old: network-script: NETMASK=255.255.255.0
old: network-script: IPADDR=192.168.178.22
old: ifconfig: inet addr:192.168.178.22 Bcast:192.168.178.255 Mask:255.255.255.0
new: ifconfig: inet addr:192.168.178.222 Bcast:192.168.178.255 Mask:255.255.255.0
remark : fixed ip address and resolving via /etc/hosts.
runtime : 49
count : 44
previous date : 2010-04-29
previous time : 15.55.13
general
old: hostid:007f0100
new: hostid:a8c016b2
boot - sysconfig - /etc/sysconfig/networking/devices/ifcfg-eth0
old: BOOTPROTO=dhcp
new: BOOTPROTO=none
old: DHCP_HOSTNAME=centos54.local.nl
boot - sysconfig - /etc/sysconfig/networking/profiles/default/hosts
old: 127.0.0.1 centos54.local.nl centos54 localhost.localdomain localhost
boot - sysconfig - /etc/sysconfig/networking/devices/ifcfg-eth0
new: NETMASK=255.255.255.0
new: IPADDR=192.168.178.22
new: GATEWAY=192.168.178.1
boot - sysconfig - /etc/sysconfig/networking/profiles/default/hosts
new: 127.0.0.1 centos55.local.nl centos55 localhost.localdomain localhost
new: 192.168.178.22 centos54.local.nl centos54
boot - sysconfig - /etc/sysconfig/networking/profiles/default/ifcfg-eth0
old: BOOTPROTO=dhcp
new: BOOTPROTO=none
old: DHCP_HOSTNAME=centos54.local.nl
boot - sysconfig - /etc/sysconfig/networking/profiles/default/resolv.conf
old: ; generated by /sbin/dhclient-script
boot - sysconfig - /etc/sysconfig/networking/profiles/default/ifcfg-eth0
new: NETMASK=255.255.255.0
new: IPADDR=192.168.178.22
new: GATEWAY=192.168.178.1
network - file - /etc/hosts
old: 127.0.0.1 centos54.local.nl centos54 localhost.localdomain localhost
new: 127.0.0.1 centos55.local.nl centos55 localhost.localdomain localhost
new: 192.168.178.22 centos54.local.nl centos54
network - file - /etc/nsswitch.conf
old: hosts: files dns
new: hosts: files
network - file - /etc/resolv.conf
old: 0001: ; generated by /sbin/dhclient-script
old: 0002: search fritz.box
old: 0003: nameserver 192.168.178.1
new: 0001: search fritz.box
new: 0002: nameserver 192.168.178.1
network - lan - eth0
old: network-script: BOOTPROTO=dhcp
new: network-script: BOOTPROTO=none
old: network-script: DHCP_HOSTNAME=centos54.local.nl
new: network-script: NETMASK=255.255.255.0
new: network-script: IPADDR=192.168.178.22
new: network-script: GATEWAY=192.168.178.1
new: ifconfig: eth0 Link encap:Ethernet HWaddr 08:00:27:7F:64:73
new: ifconfig: inet addr:192.168.178.22 Bcast:192.168.178.255 Mask:255.255.255.0
new: ifconfig: inet6 addr: fe80::a00:27ff:fe7f:6473/64 Scope:Link
new: ifconfig: UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
network - netstat-route
old: default:fritz.box:0.0.0.0:ug:0:eth0
new: default:192.168.178.1:0.0.0.0:ug:0:eth0
software - ldap - /etc/openldap/ldap.conf
old: URI ldap://192.168.178.67
new: URI ldap://192.168.178.22
users - accounts - root
new: ssh known hosts: 192.168.178.22 ssh-rsa
new: ssh known hosts: centos54.local.nl ssh-rsa
remark : Login via ssh is ok, changing password fails.
runtime : 38
count : 3
previous date : 2010-04-29
previous time : 13.42.51
software - pam - /etc/pam.d/sshd
new: auth sufficient pam_ldap.so
new: password sufficient pam_ldap.so
new: session required pam_mkhomedir.so umask=0077 skel=/etc/skel
remark : ldap populated, getent passwd works
runtime : 37
count : 114
previous date : 2010-04-29
previous time : 10.24.34
kernel - modules - ip_conntrack
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv4/netfilter/ip_conntrack.ko
old: license: GPL
old: srcversion: 0C75F64B26F49D9D9027A01
old: depends: nfnetlink
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7848581431131ff6a527112478309d12def4631a60fbcfcfc232d58331e9479737facd0a09d76452a198339ae4a50ac5c7ba9825b8281784
kernel - modules - ip_conntrack_netbios_ns
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv4/netfilter/ip_conntrack_netbios_ns.ko
old: license: GPL
old: description: NetBIOS name service broadcast connection tracking helper
old: author: Patrick McHardy <kaber@trash.net>
old: srcversion: 2CD3536046C4DF7C8FE4921
old: depends: ip_conntrack
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: parm: timeout:timeout for master connection/replies in seconds (uint)
old: module_sig: 883f3504a9f7847581431131ff6a5271124f8c0a09e6f445ad778ddb0b4896ee84e8d522e8c17f0a0b6273632c1df6a968290ffcec989d4d1776fd854
kernel - modules - nfnetlink
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/netfilter/nfnetlink.ko
old: author: Harald Welte <laforge@netfilter.org>
old: license: GPL
old: srcversion: 534CCF99A5723062787C661
old: depends:
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7846581431131ff6a527112b0e409f6e0964817386ffc36b21220bda61abf63c39be10a081ff7d7b12526cfbc0a2b026d14bdef2f5642b
kernel - modules - xt_state
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/netfilter/xt_state.ko
old: description: ip[6]_tables connection tracking state match module
old: author: Rusty Russell <rusty@rustcorp.com.au>
old: license: GPL
old: srcversion: F6B91ACBD0E26C745A2ECB5
old: depends: x_tables,ip_conntrack
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7845581431131ff6a5271125d60a0eb7ca8e9d0793b7d3e4134829f4ee3f61b39420a0e2aa8bf77eeaf0d5dba06620a09f2f2d88c51a40
network - file - /etc/nsswitch.conf
old: passwd: files
old: shadow: files
old: group: files
new: passwd: files ldap
new: shadow: files ldap
new: group: files ldap
network - sysctl
old: net.ipv4.ip_conntrack_max = 32760
old: net.ipv4.netfilter.ip_conntrack_buckets = 4095
old: net.ipv4.netfilter.ip_conntrack_checksum = 1
old: net.ipv4.netfilter.ip_conntrack_generic_timeout = 600
old: net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30
old: net.ipv4.netfilter.ip_conntrack_log_invalid = 0
old: net.ipv4.netfilter.ip_conntrack_max = 32760
old: net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 0
old: net.ipv4.netfilter.ip_conntrack_tcp_loose = 1
old: net.ipv4.netfilter.ip_conntrack_tcp_max_retrans = 3
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_max_retrans = 300
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120
old: net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120
old: net.ipv4.netfilter.ip_conntrack_udp_timeout = 30
old: net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180
network - ip
old: ip_conntrack_max: 32760
software - iptables - rules
old: :RH-Firewall-1-INPUT -
old: -A INPUT -j RH-Firewall-1-INPUT
old: -A FORWARD -j RH-Firewall-1-INPUT
old: -A RH-Firewall-1-INPUT -i lo -j ACCEPT
old: -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
old: -A RH-Firewall-1-INPUT -p esp -j ACCEPT
old: -A RH-Firewall-1-INPUT -p ah -j ACCEPT
old: -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
old: -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
old: -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
old: -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
old: -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
old: -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
software - iptables - list
old: RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
old: RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
old:
old: Chain RH-Firewall-1-INPUT (2 references)
old: target prot opt source destination
old: ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
old: ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
old: ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
old: ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
old: ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
old: ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
old: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
old: ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
old: ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
old: REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
software - ldap - /etc/openldap/ldap.conf
new: BASE dc=example,dc=com
new: URI ldap://192.168.178.67
software - ldap - /etc/openldap/slapd.conf
new: include /etc/openldap/schema/openldap.schema
software - ldap - /etc/openldap/schema/openldap.schema
new: objectIdentifier OpenLDAProot 1.3.6.1.4.1.4203
new: objectIdentifier OpenLDAP OpenLDAProot:1
new: objectIdentifier OpenLDAPattributeType OpenLDAP:3
new: objectIdentifier OpenLDAPobjectClass OpenLDAP:4
new: objectClass ( OpenLDAPobjectClass:3
new: NAME 'OpenLDAPorg'
new: DESC 'OpenLDAP Organizational Object'
new: SUP organization
new: MAY ( buildingName $ displayName $ labeledURI ) )
new: objectClass ( OpenLDAPobjectClass:4
new: NAME 'OpenLDAPou'
new: DESC 'OpenLDAP Organizational Unit Object'
new: SUP organizationalUnit
new: MAY ( buildingName $ displayName $ labeledURI $ o ) )
new: objectClass ( OpenLDAPobjectClass:5
new: NAME 'OpenLDAPperson'
new: DESC 'OpenLDAP Person'
new: SUP ( pilotPerson $ inetOrgPerson )
new: MUST ( uid $ cn )
new: MAY ( givenName $ labeledURI $ o ) )
new: objectClass ( OpenLDAPobjectClass:6
new: NAME 'OpenLDAPdisplayableObject'
new: DESC 'OpenLDAP Displayable Object'
new: MAY displayName AUXILIARY )
users - accounts - root
new: ssh known hosts: localhost ssh-rsa
remark :
runtime : 45
count : 1
previous date : 2010-04-29
previous time : 00.09.35
software - installed-rpms - Applications/Internet
new: openldap-clients:2.3.43-3.el5
remark : Configure and start slapd
runtime : 43
count : 16
previous date : 2010-04-28
previous time : 23.53.04
boot - run level - /etc/rc.d/rc2.d
old: K73ldap -> ../init.d/ldap
new: S27ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc3.d
old: K73ldap -> ../init.d/ldap
new: S27ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc4.d
old: K73ldap -> ../init.d/ldap
new: S27ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc5.d
old: K73ldap -> ../init.d/ldap
new: S27ldap -> ../init.d/ldap
boot - run level - chkconfig
old: ldap 0:off 1:off 2:off 3:off 4:off 5:off 6:off
new: ldap 0:off 1:off 2:on 3:on 4:on 5:on 6:off
network - ports
new: ldap 389
software - ldap - /etc/openldap/slapd.conf
old: suffix "dc=my-domain,dc=com"
old: rootdn "cn=Manager,dc=my-domain,dc=com"
new: suffix "dc=example,dc=com"
new: rootdn "cn=Manager,dc=example,dc=com"
new: rootpw dacbaa6c74bd702558c71f3eb52d3dfd
remark : openldap installed
runtime : 45
count : 973
previous date : 2010-04-28
previous time : 23.42.26
boot - sysconfig - /etc/sysconfig/kadmin
new: KADMIND_ARGS=
new: KRB5REALM=
boot - sysconfig - /etc/sysconfig/krb5kdc
new: KRB5KDC_ARGS=
new: KRB5REALM=
boot - run level - /etc/rc.d/rc0.d
new: K65kadmin -> ../init.d/kadmin
new: K65kprop -> ../init.d/kprop
new: K65krb524 -> ../init.d/krb524
new: K65krb5kdc -> ../init.d/krb5kdc
new: K73ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc1.d
new: K65kadmin -> ../init.d/kadmin
new: K65kprop -> ../init.d/kprop
new: K65krb524 -> ../init.d/krb524
new: K65krb5kdc -> ../init.d/krb5kdc
new: K73ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc2.d
new: K65kadmin -> ../init.d/kadmin
new: K65kprop -> ../init.d/kprop
new: K65krb524 -> ../init.d/krb524
new: K65krb5kdc -> ../init.d/krb5kdc
new: K73ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc3.d
new: K65kadmin -> ../init.d/kadmin
new: K65kprop -> ../init.d/kprop
new: K65krb524 -> ../init.d/krb524
new: K65krb5kdc -> ../init.d/krb5kdc
new: K73ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc4.d
new: K65kadmin -> ../init.d/kadmin
new: K65kprop -> ../init.d/kprop
new: K65krb524 -> ../init.d/krb524
new: K65krb5kdc -> ../init.d/krb5kdc
new: K73ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc5.d
new: K65kadmin -> ../init.d/kadmin
new: K65kprop -> ../init.d/kprop
new: K65krb524 -> ../init.d/krb524
new: K65krb5kdc -> ../init.d/krb5kdc
new: K73ldap -> ../init.d/ldap
boot - run level - /etc/rc.d/rc6.d
new: K65kadmin -> ../init.d/kadmin
new: K65kprop -> ../init.d/kprop
new: K65krb524 -> ../init.d/krb524
new: K65krb5kdc -> ../init.d/krb5kdc
new: K73ldap -> ../init.d/ldap
boot - run level - chkconfig
new: kadmin 0:off 1:off 2:off 3:off 4:off 5:off 6:off
new: kprop 0:off 1:off 2:off 3:off 4:off 5:off 6:off
new: krb524 0:off 1:off 2:off 3:off 4:off 5:off 6:off
new: krb5kdc 0:off 1:off 2:off 3:off 4:off 5:off 6:off
new: ldap 0:off 1:off 2:off 3:off 4:off 5:off 6:off
hardware - /proc/devices
old: 216 rfcomm
kernel - modules - autofs4
old: filename: /lib/modules/2.6.18-164.el5/kernel/fs/autofs4/autofs4.ko
old: license: GPL
old: srcversion: 04A6085614E690A92DEC441
old: depends:
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f784f581431131ff6a52711253510a0d23f428feccae815a6e244bc7a3531e1bfcec4c09d18a825d4673dc5841ff170e04cc2477eaeacc220
kernel - modules - ip6_tables
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6_tables.ko
old: description: IPv6 packet filter
old: author: Netfilter Core Team <coreteam@netfilter.org>
old: license: GPL
old: srcversion: 680DDC96C21815AD53C75E5
old: depends: x_tables
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7841581431131ff6a5271128d430a0d9cc32b46bff72259037fdad18b44146c173f7d20a0b56980e242b3dacf5212493a83e0541fc4bb67
kernel - modules - ip6t_REJECT
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6t_REJECT.ko
old: license: GPL
old: description: IP6 tables REJECT target module
old: author: Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
old: srcversion: 34EB18CDF9552C0922B414F
old: depends: ipv6,x_tables
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7841581431131ff6a527112a5d30a0a44b6ac4a0885c19c9810216852ec2b4c71a4909f66c4f8cf6e1bf9ced1d4756da86760cbcaec5ba2
kernel - modules - ip6table_filter
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/ipv6/netfilter/ip6table_filter.ko
old: description: ip6tables filter table
old: author: Netfilter Core Team <coreteam@netfilter.org>
old: license: GPL
old: srcversion: 3E091BB0E38F4A546A76F4A
old: depends: ip6_tables
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: parm: forward:bool
old: module_sig: 883f3504a9f7841581431131ff6a527112a5da0a0914bfb882962b6764d3d7d6a48111c3f82b8dc0a0bba72caaac7b67cb2c28f99dfe925f48de37c
kernel - modules - lockd
old: filename: /lib/modules/2.6.18-164.el5/kernel/fs/lockd/lockd.ko
old: license: GPL
old: description: NFS file locking service version 0.5.
old: author: Olaf Kirch <okir@monad.swb.de>
old: srcversion: 5AB38783DF566BC39C8C6D4
old: depends: sunrpc
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: parm: nlm_max_connections:uint
old: module_sig: 883f3504a9f784e581431131ff6a527112e02f0a0bd069922aec5c446c49cc84ac96b8b64838ae409f5be84332b89c102bdd2c11f3fa177752f7f55d
kernel - modules - rfcomm
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/bluetooth/rfcomm/rfcomm.ko
old: license: GPL
old: version: 1.8
old: description: Bluetooth RFCOMM ver 1.8
old: author: Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>
old: srcversion: B0858FE8F5FC885ACCBF6DD
old: depends: bluetooth,l2cap
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: parm: disable_cfc:Disable credit based flow control (bool)
old: parm: channel_mtu:Default MTU for the RFCOMM channel (int)
old: parm: l2cap_mtu:Default MTU for the L2CAP connection (uint)
old: module_sig: 883f3504a9f7849581431131ff6a527112b9a009f7cd4daeaeab7135c19d0de957677072fb3056d70a0af86be7d03813322fbbc9e15ef28f16bbb187d
kernel - modules - sunrpc
old: filename: /lib/modules/2.6.18-164.el5/kernel/net/sunrpc/sunrpc.ko
old: license: GPL
old: srcversion: 45C4E9A315EB50E3ACC141E
old: depends:
old: vermagic: 2.6.18-164.el5 SMP mod_unload 686 REGPARM 4KSTACKS gcc-4.1
old: module_sig: 883f3504a9f7840581431131ff6a527112d42d0a0d8b662696845e72398182e444c38e424aedbf0a0cbcc14b389c0f5900519552cdceb4a5124eadc
Volume Management - file systems - mount
old: sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
network - ports
old: smtp 25
old: sunrpc 111
old: ipp 631
network - rpcinfo
old: program vers proto
old: 100000 2 tcp portmapper
old: 100000 2 udp portmapper
old: 100024 1 tcp status
old: 100024 1 udp status
software - installed-rpms - Public Keys
new: gpg-pubkey:e8562897-459f07a4
software - installed-rpms - System Environment/Base
old: krb5-workstation:1.6.1-36.el5
new: krb5-workstation:1.6.1-36.el5_4.1
software - installed-rpms - System Environment/Daemons
new: krb5-server:1.6.1-36.el5_4.1
new: openldap-servers:2.3.43-3.el5
software - installed-rpms - System Environment/Libraries
old: krb5-libs:1.6.1-36.el5
new: krb5-libs:1.6.1-36.el5_4.1
new: libtool-ltdl:1.5.22-7.el5_4
software - ldap - /etc/openldap/slapd.conf
new: include /etc/openldap/schema/core.schema
new: include /etc/openldap/schema/cosine.schema
new: include /etc/openldap/schema/inetorgperson.schema
new: include /etc/openldap/schema/nis.schema
new: allow bind_v2
new: pidfile /var/run/openldap/slapd.pid
new: argsfile /var/run/openldap/slapd.args
new: database bdb
new: suffix "dc=my-domain,dc=com"
new: rootdn "cn=Manager,dc=my-domain,dc=com"
new: directory /var/lib/ldap
new: index objectClass eq,pres
new: index ou,cn,mail,surname,givenname eq,pres,sub
new: index uidNumber,gidNumber,loginShell eq,pres
new: index uid,memberUid eq,pres,sub
new: index nisMapName,nisMapEntry eq,pres,sub
software - ldap - /etc/openldap/schema/core.schema
new: attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
new: DESC 'RFC2256: knowledge information'
new: EQUALITY caseIgnoreMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
new: attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' )
new: DESC 'RFC2256: last (family) name(s) for which the entity is known by'
new: SUP name )
new: attributetype ( 2.5.4.5 NAME 'serialNumber'
new: DESC 'RFC2256: serial number of the entity'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
new: attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
new: DESC 'RFC2256: ISO-3166 country 2-letter code'
new: SUP name SINGLE-VALUE )
new: attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
new: DESC 'RFC2256: locality which this object resides in'
new: SUP name )
new: attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
new: DESC 'RFC2256: state or province which this object resides in'
new: SUP name )
new: attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
new: DESC 'RFC2256: street address of this object'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
new: attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' )
new: DESC 'RFC2256: organization this object belongs to'
new: SUP name )
new: attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
new: DESC 'RFC2256: organizational unit this object belongs to'
new: SUP name )
new: attributetype ( 2.5.4.12 NAME 'title'
new: DESC 'RFC2256: title associated with the entity'
new: SUP name )
new: attributetype ( 2.5.4.14 NAME 'searchGuide'
new: DESC 'RFC2256: search guide, deprecated by enhancedSearchGuide'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
new: attributetype ( 2.5.4.15 NAME 'businessCategory'
new: DESC 'RFC2256: business category'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
new: attributetype ( 2.5.4.16 NAME 'postalAddress'
new: DESC 'RFC2256: postal address'
new: EQUALITY caseIgnoreListMatch
new: SUBSTR caseIgnoreListSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
new: attributetype ( 2.5.4.17 NAME 'postalCode'
new: DESC 'RFC2256: postal code'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
new: attributetype ( 2.5.4.18 NAME 'postOfficeBox'
new: DESC 'RFC2256: Post Office Box'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
new: attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
new: DESC 'RFC2256: Physical Delivery Office Name'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
new: attributetype ( 2.5.4.20 NAME 'telephoneNumber'
new: DESC 'RFC2256: Telephone Number'
new: EQUALITY telephoneNumberMatch
new: SUBSTR telephoneNumberSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
new: attributetype ( 2.5.4.21 NAME 'telexNumber'
new: DESC 'RFC2256: Telex Number'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
new: attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
new: DESC 'RFC2256: Teletex Terminal Identifier'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
new: attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
new: DESC 'RFC2256: Facsimile (Fax) Telephone Number'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
new: attributetype ( 2.5.4.24 NAME 'x121Address'
new: DESC 'RFC2256: X.121 Address'
new: EQUALITY numericStringMatch
new: SUBSTR numericStringSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
new: attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
new: DESC 'RFC2256: international ISDN number'
new: EQUALITY numericStringMatch
new: SUBSTR numericStringSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
new: attributetype ( 2.5.4.26 NAME 'registeredAddress'
new: DESC 'RFC2256: registered postal address'
new: SUP postalAddress
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
new: attributetype ( 2.5.4.27 NAME 'destinationIndicator'
new: DESC 'RFC2256: destination indicator'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
new: attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
new: DESC 'RFC2256: preferred delivery method'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
new: SINGLE-VALUE )
new: attributetype ( 2.5.4.29 NAME 'presentationAddress'
new: DESC 'RFC2256: presentation address'
new: EQUALITY presentationAddressMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
new: SINGLE-VALUE )
new: attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
new: DESC 'RFC2256: supported application context'
new: EQUALITY objectIdentifierMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
new: attributetype ( 2.5.4.31 NAME 'member'
new: DESC 'RFC2256: member of a group'
new: SUP distinguishedName )
new: attributetype ( 2.5.4.32 NAME 'owner'
new: DESC 'RFC2256: owner (of the object)'
new: SUP distinguishedName )
new: attributetype ( 2.5.4.33 NAME 'roleOccupant'
new: DESC 'RFC2256: occupant of role'
new: SUP distinguishedName )
new: attributetype ( 2.5.4.36 NAME 'userCertificate'
new: DESC 'RFC2256: X.509 user certificate, use ;binary'
new: EQUALITY certificateExactMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
new: attributetype ( 2.5.4.37 NAME 'cACertificate'
new: DESC 'RFC2256: X.509 CA certificate, use ;binary'
new: EQUALITY certificateExactMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
new: attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
new: DESC 'RFC2256: X.509 authority revocation list, use ;binary'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
new: attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
new: DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
new: attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
new: DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
new: attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
new: DESC 'RFC2256: first name(s) for which the entity is known by'
new: SUP name )
new: attributetype ( 2.5.4.43 NAME 'initials'
new: DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
new: SUP name )
new: attributetype ( 2.5.4.44 NAME 'generationQualifier'
new: DESC 'RFC2256: name qualifier indicating a generation'
new: SUP name )
new: attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
new: DESC 'RFC2256: X.500 unique identifier'
new: EQUALITY bitStringMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
new: attributetype ( 2.5.4.46 NAME 'dnQualifier'
new: DESC 'RFC2256: DN qualifier'
new: EQUALITY caseIgnoreMatch
new: ORDERING caseIgnoreOrderingMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
new: attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
new: DESC 'RFC2256: enhanced search guide'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
new: attributetype ( 2.5.4.48 NAME 'protocolInformation'
new: DESC 'RFC2256: protocol information'
new: EQUALITY protocolInformationMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
new: attributetype ( 2.5.4.50 NAME 'uniqueMember'
new: DESC 'RFC2256: unique member of a group'
new: EQUALITY uniqueMemberMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
new: attributetype ( 2.5.4.51 NAME 'houseIdentifier'
new: DESC 'RFC2256: house identifier'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
new: attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
new: DESC 'RFC2256: supported algorithms'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
new: attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
new: DESC 'RFC2256: delta revocation list; use ;binary'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
new: attributetype ( 2.5.4.54 NAME 'dmdName'
new: DESC 'RFC2256: name of DMD'
new: SUP name )
new: attributetype ( 2.5.4.65 NAME 'pseudonym'
new: DESC 'X.520(4th): pseudonym for the object'
new: SUP name )
new: objectclass ( 2.5.6.2 NAME 'country'
new: DESC 'RFC2256: a country'
new: SUP top STRUCTURAL
new: MUST c
new: MAY ( searchGuide $ description ) )
new: objectclass ( 2.5.6.3 NAME 'locality'
new: DESC 'RFC2256: a locality'
new: SUP top STRUCTURAL
new: MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
new: objectclass ( 2.5.6.4 NAME 'organization'
new: DESC 'RFC2256: an organization'
new: SUP top STRUCTURAL
new: MUST o
new: MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
new: x121Address $ registeredAddress $ destinationIndicator $
new: preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
new: telephoneNumber $ internationaliSDNNumber $
new: facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
new: postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
new: objectclass ( 2.5.6.5 NAME 'organizationalUnit'
new: DESC 'RFC2256: an organizational unit'
new: SUP top STRUCTURAL
new: MUST ou
new: MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
new: x121Address $ registeredAddress $ destinationIndicator $
new: preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
new: telephoneNumber $ internationaliSDNNumber $
new: facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
new: postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
new: objectclass ( 2.5.6.6 NAME 'person'
new: DESC 'RFC2256: a person'
new: SUP top STRUCTURAL
new: MUST ( sn $ cn )
new: MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
new: objectclass ( 2.5.6.7 NAME 'organizationalPerson'
new: DESC 'RFC2256: an organizational person'
new: SUP person STRUCTURAL
new: MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
new: preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
new: telephoneNumber $ internationaliSDNNumber $
new: facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
new: postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
new: objectclass ( 2.5.6.8 NAME 'organizationalRole'
new: DESC 'RFC2256: an organizational role'
new: SUP top STRUCTURAL
new: MUST cn
new: MAY ( x121Address $ registeredAddress $ destinationIndicator $
new: preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
new: telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
new: seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
new: postOfficeBox $ postalCode $ postalAddress $
new: physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
new: objectclass ( 2.5.6.9 NAME 'groupOfNames'
new: DESC 'RFC2256: a group of names (DNs)'
new: SUP top STRUCTURAL
new: MUST ( member $ cn )
new: MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
new: objectclass ( 2.5.6.10 NAME 'residentialPerson'
new: DESC 'RFC2256: an residential person'
new: SUP person STRUCTURAL
new: MUST l
new: MAY ( businessCategory $ x121Address $ registeredAddress $
new: destinationIndicator $ preferredDeliveryMethod $ telexNumber $
new: teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
new: facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
new: postOfficeBox $ postalCode $ postalAddress $
new: physicalDeliveryOfficeName $ st $ l ) )
new: objectclass ( 2.5.6.11 NAME 'applicationProcess'
new: DESC 'RFC2256: an application process'
new: SUP top STRUCTURAL
new: MUST cn
new: MAY ( seeAlso $ ou $ l $ description ) )
new: objectclass ( 2.5.6.12 NAME 'applicationEntity'
new: DESC 'RFC2256: an application entity'
new: SUP top STRUCTURAL
new: MUST ( presentationAddress $ cn )
new: MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
new: description ) )
new: objectclass ( 2.5.6.13 NAME 'dSA'
new: DESC 'RFC2256: a directory system agent (a server)'
new: SUP applicationEntity STRUCTURAL
new: MAY knowledgeInformation )
new: objectclass ( 2.5.6.14 NAME 'device'
new: DESC 'RFC2256: a device'
new: SUP top STRUCTURAL
new: MUST cn
new: MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
new: objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser'
new: DESC 'RFC2256: a strong authentication user'
new: SUP top AUXILIARY
new: MUST userCertificate )
new: objectclass ( 2.5.6.16 NAME 'certificationAuthority'
new: DESC 'RFC2256: a certificate authority'
new: SUP top AUXILIARY
new: MUST ( authorityRevocationList $ certificateRevocationList $
new: cACertificate ) MAY crossCertificatePair )
new: objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
new: DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
new: SUP top STRUCTURAL
new: MUST ( uniqueMember $ cn )
new: MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
new: objectclass ( 2.5.6.18 NAME 'userSecurityInformation'
new: DESC 'RFC2256: a user security information'
new: SUP top AUXILIARY
new: MAY ( supportedAlgorithms ) )
new: objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
new: SUP certificationAuthority
new: AUXILIARY MAY ( deltaRevocationList ) )
new: objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint'
new: SUP top STRUCTURAL
new: MUST ( cn )
new: MAY ( certificateRevocationList $ authorityRevocationList $
new: deltaRevocationList ) )
new: objectclass ( 2.5.6.20 NAME 'dmd'
new: SUP top STRUCTURAL
new: MUST ( dmdName )
new: MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
new: x121Address $ registeredAddress $ destinationIndicator $
new: preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
new: telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
new: street $ postOfficeBox $ postalCode $ postalAddress $
new: physicalDeliveryOfficeName $ st $ l $ description ) )
new: objectclass ( 2.5.6.21 NAME 'pkiUser'
new: DESC 'RFC2587: a PKI user'
new: SUP top AUXILIARY
new: MAY userCertificate )
new: objectclass ( 2.5.6.22 NAME 'pkiCA'
new: DESC 'RFC2587: PKI certificate authority'
new: SUP top AUXILIARY
new: MAY ( authorityRevocationList $ certificateRevocationList $
new: cACertificate $ crossCertificatePair ) )
new: objectclass ( 2.5.6.23 NAME 'deltaCRL'
new: DESC 'RFC2587: PKI user'
new: SUP top AUXILIARY
new: MAY deltaRevocationList )
new: objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
new: DESC 'RFC2079: object that contains the URI attribute type'
new: SUP top AUXILIARY
new: MAY ( labeledURI ) )
new: attributetype ( 0.9.2342.19200300.100.1.3
new: NAME ( 'mail' 'rfc822Mailbox' )
new: DESC 'RFC1274: RFC822 Mailbox'
new: EQUALITY caseIgnoreIA5Match
new: SUBSTR caseIgnoreIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
new: objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
new: DESC 'RFC1274: simple security object'
new: SUP top AUXILIARY
new: MUST userPassword )
new: attributetype ( 0.9.2342.19200300.100.1.25
new: NAME ( 'dc' 'domainComponent' )
new: DESC 'RFC1274/2247: domain component'
new: EQUALITY caseIgnoreIA5Match
new: SUBSTR caseIgnoreIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
new: objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
new: DESC 'RFC2247: domain component object'
new: SUP top AUXILIARY MUST dc )
new: objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
new: DESC 'RFC2377: uid object'
new: SUP top AUXILIARY MUST uid )
new: attributetype ( 0.9.2342.19200300.100.1.37
new: NAME 'associatedDomain'
new: DESC 'RFC1274: domain associated with object'
new: EQUALITY caseIgnoreIA5Match
new: SUBSTR caseIgnoreIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 1.2.840.113549.1.9.1
new: NAME ( 'email' 'emailAddress' 'pkcs9email' )
new: DESC 'RFC3280: legacy attribute for email addresses in DNs'
new: EQUALITY caseIgnoreIA5Match
new: SUBSTR caseIgnoreIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
software - ldap - /etc/openldap/schema/cosine.schema
new: attributetype ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.4 NAME 'info'
new: DESC 'RFC1274: general information'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{2048} )
new: attributetype ( 0.9.2342.19200300.100.1.5
new: NAME ( 'drink' 'favouriteDrink' )
new: DESC 'RFC1274: favorite drink'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
new: DESC 'RFC1274: room number'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.7 NAME 'photo'
new: DESC 'RFC1274: photo (G3 fax)'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.23{25000} )
new: attributetype ( 0.9.2342.19200300.100.1.8 NAME 'userClass'
new: DESC 'RFC1274: category of user'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.9 NAME 'host'
new: DESC 'RFC1274: host computer'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.10 NAME 'manager'
new: DESC 'RFC1274: DN of manager'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
new: attributetype ( 0.9.2342.19200300.100.1.11 NAME 'documentIdentifier'
new: DESC 'RFC1274: unique identifier of document'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.12 NAME 'documentTitle'
new: DESC 'RFC1274: title of document'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.13 NAME 'documentVersion'
new: DESC 'RFC1274: version of document'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.14 NAME 'documentAuthor'
new: DESC 'RFC1274: DN of author of document'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
new: attributetype ( 0.9.2342.19200300.100.1.15 NAME 'documentLocation'
new: DESC 'RFC1274: location of document original'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.20
new: NAME ( 'homePhone' 'homeTelephoneNumber' )
new: DESC 'RFC1274: home telephone number'
new: EQUALITY telephoneNumberMatch
new: SUBSTR telephoneNumberSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
new: attributetype ( 0.9.2342.19200300.100.1.21 NAME 'secretary'
new: DESC 'RFC1274: DN of secretary'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
new: attributetype ( 0.9.2342.19200300.100.1.22 NAME 'otherMailbox'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.39 )
new: attributetype ( 0.9.2342.19200300.100.1.26 NAME 'aRecord'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 0.9.2342.19200300.100.1.27 NAME 'mDRecord'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 0.9.2342.19200300.100.1.28 NAME 'mXRecord'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 0.9.2342.19200300.100.1.29 NAME 'nSRecord'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 0.9.2342.19200300.100.1.30 NAME 'sOARecord'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 0.9.2342.19200300.100.1.31 NAME 'cNAMERecord'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 0.9.2342.19200300.100.1.38 NAME 'associatedName'
new: DESC 'RFC1274: DN of entry associated with domain'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
new: attributetype ( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress'
new: DESC 'RFC1274: home postal address'
new: EQUALITY caseIgnoreListMatch
new: SUBSTR caseIgnoreListSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
new: attributetype ( 0.9.2342.19200300.100.1.40 NAME 'personalTitle'
new: DESC 'RFC1274: personal title'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.41
new: NAME ( 'mobile' 'mobileTelephoneNumber' )
new: DESC 'RFC1274: mobile telephone number'
new: EQUALITY telephoneNumberMatch
new: SUBSTR telephoneNumberSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
new: attributetype ( 0.9.2342.19200300.100.1.42
new: NAME ( 'pager' 'pagerTelephoneNumber' )
new: DESC 'RFC1274: pager telephone number'
new: EQUALITY telephoneNumberMatch
new: SUBSTR telephoneNumberSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
new: attributetype ( 0.9.2342.19200300.100.1.43
new: NAME ( 'co' 'friendlyCountryName' )
new: DESC 'RFC1274: friendly country name'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
new: attributetype ( 0.9.2342.19200300.100.1.44 NAME 'uniqueIdentifier'
new: DESC 'RFC1274: unique identifer'
new: EQUALITY caseIgnoreMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.45 NAME 'organizationalStatus'
new: DESC 'RFC1274: organizational status'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.46 NAME 'janetMailbox'
new: DESC 'RFC1274: Janet mailbox'
new: EQUALITY caseIgnoreIA5Match
new: SUBSTR caseIgnoreIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
new: attributetype ( 0.9.2342.19200300.100.1.47
new: NAME 'mailPreferenceOption'
new: DESC 'RFC1274: mail preference option'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
new: attributetype ( 0.9.2342.19200300.100.1.48 NAME 'buildingName'
new: DESC 'RFC1274: name of building'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
new: attributetype ( 0.9.2342.19200300.100.1.49 NAME 'dSAQuality'
new: DESC 'RFC1274: DSA Quality'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.19 SINGLE-VALUE )
new: attributetype ( 0.9.2342.19200300.100.1.50 NAME 'singleLevelQuality'
new: DESC 'RFC1274: Single Level Quality'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
new: attributetype ( 0.9.2342.19200300.100.1.51 NAME 'subtreeMinimumQuality'
new: DESC 'RFC1274: Subtree Mininum Quality'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
new: attributetype ( 0.9.2342.19200300.100.1.52 NAME 'subtreeMaximumQuality'
new: DESC 'RFC1274: Subtree Maximun Quality'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.13 SINGLE-VALUE )
new: attributetype ( 0.9.2342.19200300.100.1.53 NAME 'personalSignature'
new: DESC 'RFC1274: Personal Signature (G3 fax)'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.23 )
new: attributetype ( 0.9.2342.19200300.100.1.54 NAME 'dITRedirect'
new: DESC 'RFC1274: DIT Redirect'
new: EQUALITY distinguishedNameMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
new: attributetype ( 0.9.2342.19200300.100.1.55 NAME 'audio'
new: DESC 'RFC1274: audio (u-law)'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.4{25000} )
new: attributetype ( 0.9.2342.19200300.100.1.56 NAME 'documentPublisher'
new: DESC 'RFC1274: publisher of document'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
new: objectclass ( 0.9.2342.19200300.100.4.4
new: NAME ( 'pilotPerson' 'newPilotPerson' )
new: SUP person STRUCTURAL
new: MAY ( userid $ textEncodedORAddress $ rfc822Mailbox $
new: favouriteDrink $ roomNumber $ userClass $
new: homeTelephoneNumber $ homePostalAddress $ secretary $
new: personalTitle $ preferredDeliveryMethod $ businessCategory $
new: janetMailbox $ otherMailbox $ mobileTelephoneNumber $
new: pagerTelephoneNumber $ organizationalStatus $
new: mailPreferenceOption $ personalSignature )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.5 NAME 'account'
new: SUP top STRUCTURAL
new: MUST userid
new: MAY ( description $ seeAlso $ localityName $
new: organizationName $ organizationalUnitName $ host )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.6 NAME 'document'
new: SUP top STRUCTURAL
new: MUST documentIdentifier
new: MAY ( commonName $ description $ seeAlso $ localityName $
new: organizationName $ organizationalUnitName $
new: documentTitle $ documentVersion $ documentAuthor $
new: documentLocation $ documentPublisher )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.7 NAME 'room'
new: SUP top STRUCTURAL
new: MUST commonName
new: MAY ( roomNumber $ description $ seeAlso $ telephoneNumber )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.9 NAME 'documentSeries'
new: SUP top STRUCTURAL
new: MUST commonName
new: MAY ( description $ seeAlso $ telephonenumber $
new: localityName $ organizationName $ organizationalUnitName )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.13 NAME 'domain'
new: SUP top STRUCTURAL
new: MUST domainComponent
new: MAY ( associatedName $ organizationName $ description $
new: businessCategory $ seeAlso $ searchGuide $ userPassword $
new: localityName $ stateOrProvinceName $ streetAddress $
new: physicalDeliveryOfficeName $ postalAddress $ postalCode $
new: postOfficeBox $ streetAddress $
new: facsimileTelephoneNumber $ internationalISDNNumber $
new: telephoneNumber $ teletexTerminalIdentifier $ telexNumber $
new: preferredDeliveryMethod $ destinationIndicator $
new: registeredAddress $ x121Address )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.14 NAME 'RFC822localPart'
new: SUP domain STRUCTURAL
new: MAY ( commonName $ surname $ description $ seeAlso $ telephoneNumber $
new: physicalDeliveryOfficeName $ postalAddress $ postalCode $
new: postOfficeBox $ streetAddress $
new: facsimileTelephoneNumber $ internationalISDNNumber $
new: telephoneNumber $ teletexTerminalIdentifier $
new: telexNumber $ preferredDeliveryMethod $ destinationIndicator $
new: registeredAddress $ x121Address )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.15 NAME 'dNSDomain'
new: SUP domain STRUCTURAL
new: MAY ( ARecord $ MDRecord $ MXRecord $ NSRecord $
new: SOARecord $ CNAMERecord )
new: )
new: objectclass ( 0.9.2342.19200300.100.4.17 NAME 'domainRelatedObject'
new: DESC 'RFC1274: an object related to an domain'
new: SUP top AUXILIARY
new: MUST associatedDomain )
new: objectclass ( 0.9.2342.19200300.100.4.18 NAME 'friendlyCountry'
new: SUP country STRUCTURAL
new: MUST friendlyCountryName )
new: objectclass ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization'
new: SUP ( organization $ organizationalUnit ) STRUCTURAL
new: MAY buildingName )
new: objectclass ( 0.9.2342.19200300.100.4.21 NAME 'pilotDSA'
new: SUP dsa STRUCTURAL
new: MAY dSAQuality )
new: objectclass ( 0.9.2342.19200300.100.4.22 NAME 'qualityLabelledData'
new: SUP top AUXILIARY
new: MUST dsaQuality
new: MAY ( subtreeMinimumQuality $ subtreeMaximumQuality )
new: )
software - ldap - /etc/openldap/schema/inetorgperson.schema
new: attributetype ( 2.16.840.1.113730.3.1.1
new: NAME 'carLicense'
new: DESC 'RFC2798: vehicle license or registration plate'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
new: attributetype ( 2.16.840.1.113730.3.1.2
new: NAME 'departmentNumber'
new: DESC 'RFC2798: identifies a department within an organization'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
new: attributetype ( 2.16.840.1.113730.3.1.241
new: NAME 'displayName'
new: DESC 'RFC2798: preferred name to be used when displaying entries'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
new: SINGLE-VALUE )
new: attributetype ( 2.16.840.1.113730.3.1.3
new: NAME 'employeeNumber'
new: DESC 'RFC2798: numerically identifies an employee within an organization'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
new: SINGLE-VALUE )
new: attributetype ( 2.16.840.1.113730.3.1.4
new: NAME 'employeeType'
new: DESC 'RFC2798: type of employment for a person'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
new: attributetype ( 0.9.2342.19200300.100.1.60
new: NAME 'jpegPhoto'
new: DESC 'RFC2798: a JPEG image'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
new: attributetype ( 2.16.840.1.113730.3.1.39
new: NAME 'preferredLanguage'
new: DESC 'RFC2798: preferred written or spoken language for a person'
new: EQUALITY caseIgnoreMatch
new: SUBSTR caseIgnoreSubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
new: SINGLE-VALUE )
new: attributetype ( 2.16.840.1.113730.3.1.40
new: NAME 'userSMIMECertificate'
new: DESC 'RFC2798: PKCS#7 SignedData used to support S/MIME'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
new: attributetype ( 2.16.840.1.113730.3.1.216
new: NAME 'userPKCS12'
new: DESC 'RFC2798: personal identity information, a PKCS #12 PFX'
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
new: objectclass ( 2.16.840.1.113730.3.2.2
new: NAME 'inetOrgPerson'
new: DESC 'RFC2798: Internet Organizational Person'
new: SUP organizationalPerson
new: STRUCTURAL
new: MAY (
new: audio $ businessCategory $ carLicense $ departmentNumber $
new: displayName $ employeeNumber $ employeeType $ givenName $
new: homePhone $ homePostalAddress $ initials $ jpegPhoto $
new: labeledURI $ mail $ manager $ mobile $ o $ pager $
new: photo $ roomNumber $ secretary $ uid $ userCertificate $
new: x500uniqueIdentifier $ preferredLanguage $
new: userSMIMECertificate $ userPKCS12 )
new: )
software - ldap - /etc/openldap/schema/nis.schema
new: attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos'
new: DESC 'The GECOS field; the common name'
new: EQUALITY caseIgnoreIA5Match
new: SUBSTR caseIgnoreIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.3 NAME 'homeDirectory'
new: DESC 'The absolute path to the home directory'
new: EQUALITY caseExactIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.4 NAME 'loginShell'
new: DESC 'The path to the login shell'
new: EQUALITY caseExactIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.5 NAME 'shadowLastChange'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.6 NAME 'shadowMin'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.7 NAME 'shadowMax'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.8 NAME 'shadowWarning'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.9 NAME 'shadowInactive'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.10 NAME 'shadowExpire'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.11 NAME 'shadowFlag'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid'
new: EQUALITY caseExactIA5Match
new: SUBSTR caseExactIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 1.3.6.1.1.1.1.13 NAME 'memberNisNetgroup'
new: EQUALITY caseExactIA5Match
new: SUBSTR caseExactIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 1.3.6.1.1.1.1.14 NAME 'nisNetgroupTriple'
new: DESC 'Netgroup triple'
new: SYNTAX 1.3.6.1.1.1.0.0 )
new: attributetype ( 1.3.6.1.1.1.1.15 NAME 'ipServicePort'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.16 NAME 'ipServiceProtocol'
new: SUP name )
new: attributetype ( 1.3.6.1.1.1.1.17 NAME 'ipProtocolNumber'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.18 NAME 'oncRpcNumber'
new: EQUALITY integerMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.19 NAME 'ipHostNumber'
new: DESC 'IP address'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
new: attributetype ( 1.3.6.1.1.1.1.20 NAME 'ipNetworkNumber'
new: DESC 'IP network'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.21 NAME 'ipNetmaskNumber'
new: DESC 'IP netmask'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} SINGLE-VALUE )
new: attributetype ( 1.3.6.1.1.1.1.22 NAME 'macAddress'
new: DESC 'MAC address'
new: EQUALITY caseIgnoreIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
new: attributetype ( 1.3.6.1.1.1.1.23 NAME 'bootParameter'
new: DESC 'rpc.bootparamd parameter'
new: SYNTAX 1.3.6.1.1.1.0.1 )
new: attributetype ( 1.3.6.1.1.1.1.24 NAME 'bootFile'
new: DESC 'Boot image name'
new: EQUALITY caseExactIA5Match
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
new: attributetype ( 1.3.6.1.1.1.1.26 NAME 'nisMapName'
new: SUP name )
new: attributetype ( 1.3.6.1.1.1.1.27 NAME 'nisMapEntry'
new: EQUALITY caseExactIA5Match
new: SUBSTR caseExactIA5SubstringsMatch
new: SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} SINGLE-VALUE )
new: objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount'
new: DESC 'Abstraction of an account with POSIX attributes'
new: SUP top AUXILIARY
new: MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
new: MAY ( userPassword $ loginShell $ gecos $ description ) )
new: objectclass ( 1.3.6.1.1.1.2.1 NAME 'shadowAccount'
new: DESC 'Additional attributes for shadow passwords'
new: SUP top AUXILIARY
new: MUST uid
new: MAY ( userPassword $ shadowLastChange $ shadowMin $
new: shadowMax $ shadowWarning $ shadowInactive $
new: shadowExpire $ shadowFlag $ description ) )
new: objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup'
new: DESC 'Abstraction of a group of accounts'
new: SUP top STRUCTURAL
new: MUST ( cn $ gidNumber )
new: MAY ( userPassword $ memberUid $ description ) )
new: objectclass ( 1.3.6.1.1.1.2.3 NAME 'ipService'
new: DESC 'Abstraction an Internet Protocol service'
new: SUP top STRUCTURAL
new: MUST ( cn $ ipServicePort $ ipServiceProtocol )
new: MAY ( description ) )
new: objectclass ( 1.3.6.1.1.1.2.4 NAME 'ipProtocol'
new: DESC 'Abstraction of an IP protocol'
new: SUP top STRUCTURAL
new: MUST ( cn $ ipProtocolNumber $ description )
new: MAY description )
new: objectclass ( 1.3.6.1.1.1.2.5 NAME 'oncRpc'
new: DESC 'Abstraction of an ONC/RPC binding'
new: SUP top STRUCTURAL
new: MUST ( cn $ oncRpcNumber $ description )
new: MAY description )
new: objectclass ( 1.3.6.1.1.1.2.6 NAME 'ipHost'
new: DESC 'Abstraction of a host, an IP device'
new: SUP top AUXILIARY
new: MUST ( cn $ ipHostNumber )
new: MAY ( l $ description $ manager ) )
new: objectclass ( 1.3.6.1.1.1.2.7 NAME 'ipNetwork'
new: DESC 'Abstraction of an IP network'
new: SUP top STRUCTURAL
new: MUST ( cn $ ipNetworkNumber )
new: MAY ( ipNetmaskNumber $ l $ description $ manager ) )
new: objectclass ( 1.3.6.1.1.1.2.8 NAME 'nisNetgroup'
new: DESC 'Abstraction of a netgroup'
new: SUP top STRUCTURAL
new: MUST cn
new: MAY ( nisNetgroupTriple $ memberNisNetgroup $ description ) )
new: objectclass ( 1.3.6.1.1.1.2.9 NAME 'nisMap'
new: DESC 'A generic abstraction of a NIS map'
new: SUP top STRUCTURAL
new: MUST nisMapName
new: MAY description )
new: objectclass ( 1.3.6.1.1.1.2.10 NAME 'nisObject'
new: DESC 'An entry in a NIS map'
new: SUP top STRUCTURAL
new: MUST ( cn $ nisMapEntry $ nisMapName )
new: MAY description )
new: objectclass ( 1.3.6.1.1.1.2.11 NAME 'ieee802Device'
new: DESC 'A device with a MAC address'
new: SUP top AUXILIARY
new: MAY macAddress )
new: objectclass ( 1.3.6.1.1.1.2.12 NAME 'bootableDevice'
new: DESC 'A device with boot parameters'
new: SUP top AUXILIARY
new: MAY ( bootFile $ bootParameter ) )
software - lp - default
old: no system default destination
software - lp - scheduler
old: scheduler is running
system - ld - ldconfig - /usr/lib/tls/i486
new: (hwcap: 0x8002000000000000)
new: libslapd_db-4.4.so -> libslapd_db-4.4.so
system - ld - ldconfig - /usr/lib/tls/i586
new: (hwcap: 0x8004000000000000)
new: libslapd_db-4.4.so -> libslapd_db-4.4.so
system - ld - ldconfig - /usr/lib/tls/i686
new: (hwcap: 0x8008000000000000)
new: libslapd_db-4.4.so -> libslapd_db-4.4.so
system - ld - ldconfig - /usr/lib
new: libltdl.so.3 -> libltdl.so.3.1.4
new: libslapd_db-4.4.so -> libslapd_db-4.4.so
users - /etc/passwd
new: ldap:x:55:55:LDAP User:/var/lib/ldap:/bin/false
users - /etc/group
new: ldap:55: