at.allow/at.deny: line by line list of user names ================================================= user1 user2 user3 fstab ===== # comment # device mount-point fs-type options dump pass LABEL=//fxfsdefaults11 UUID=[uuid]noneswapdefaults00 ----- device is a name, label, or UUID for a block device mount-point is the folder to mount it in (for swap, it's none) fs-type is the filesystem type options is the options for mounting dump is how often it's backed up by dump (0 is never) pass is the order for checking by fsck (0 don't, 1 immediately, 2 after boot) ----- FS options auto/noauto - automatically mount on boot or only explicitly dev/nodev - behaviour of interpretation of block special devices exec/noexec - can binaries be executed rw/ro - read/write or read-only sync/async - synchronous/asynchronous IO (are writes done when commands issued?) suid/nosuid - operation of the suid and sgid bits user/users/nouser - anyone can mount, group users can mount, root can mount user implicitly implies noexec, nosuid, nodev defaults - default set (i.e. rw, suid, dev, exec, auto, nouser, async) check=[none, normal, strict] - fsck checking level (ext/probably fxfs) check=[r, n, s] - policy for allowed filenames (vfat) r - relaxed, n - normal, s - strict windows_names - only allow windows characters in names? (vfat/ntfs) uid=n, gid=n - set uid and gid for files on system (vfat/ntfs) umask/dmask/fmask=nnn - masking of fs nodes (vfat/ntfs) umask - user file creation, dmask - directory, fmask - files gettydefs ========= group ===== group1::24:user1,user2 ----- Simple format. name:password:gid:members host.conf ========= # order can be any or all of bind (name server), hosts (hosts file), or nis # this determines the order in which these are tried order bind hosts nis # multi can be on or off and determines if a host can have multiple IPs in hosts multi on # check if an IP is associated with a hostname given. can be on or off nospoof on # spoof attempts (above) log message to the syslog facitilty. on or off. alert off # domain name to remove from hostnames before lookup # for example, aegis.example.com would become aegis with this setting. trim example.com hosts ===== # IP_address hostname1 hostname2 127.0.0.1localhostloopback ::1localhost hosts.allow/deny ================ ALL: ALL ALL: ALL EXCEPT 192.168.0.125 ALL: 192.168.1.0/24 ALL: LOCAL ALL: .example.com ALL: .example.com EXCEPT testing.example.com sshd: LOCAL sshd, in.ftpd: LOCAL in.ftpd: KNOWN ---------------- There's more than this, but this is a good start to talk about. It's service: host. ALL matches everything, either all services or all hosts. You can use EXCEPT to add an exception. You can use subnet masks like good old 192.168.0.0/16. You could also use LOCAL for all on the local subnet. You can also specify domain names, including as exceptions. You can specify specific daemons, like sshd here. You can also do multiple for one rule. If you prefix in., it's specifically for incoming traffic. Finally, there's the wildcards KNOWN, UNKNOWN, and PARANOID, which are for known hostnames, unknown hostnames, and hostnames that are spoofed. There's also apparently command expansiona and all that, but we'll cross that bridge when we get to it. hosts.lpd ========= + hostname -hostname +@netgroup -@netgroup --------- + alone means any host on the network. hostname is a remote host allowed to print on the local system. Add a - to forbid that. @netgroup is an NIS netgroup. - works the same for these. inittab ======= id:2:initdefault:echo "Runlevel 2" ------- Pretty simple. id is a unique identifier. Two characters, it seems. Next is the runlevel. Multiple can be specified (i.e. 234). Action is how the process is to be run. Options include respawn (restart the process if existing, do not start if not started), wait (start the process, wait for it to stop), once (start process, do not restart on termination), boot (only start on boot), bootwait (like wait, but only on boot), powerfail (only on SIGPWR), powerwait (like wait, but only on SIGPWR), off (if started, send SIGTERM, wait 5 seconds, then kill the process with SIGKILL), initdefault (used to determine default runlevel), sysinit (executed before attempts to access console, processes are executed and waited for termination of). issue ===== We'll need something good to go here. I'll work it out later. ld.so.conf ========== /usr/include /home/user1/builds/include ---------- Just a list of directories. Simple enough. motd ==== We may or may not do this, since we'll have an issue file. mtab ==== /dev/sda1 / fxfs rw,exec,suid,dev,async,nouser 0 0 /dev/sdb1 /mnt ext4 rw,nosuid,nodev,user=user1 0 0 ---- It's fstab but only the currently mounted filesystems. Simple enough. passwd ====== user1:x:1001:24:GECOS field:/home/user1:/bin/sh ------ username:password:uid:gid:gecos field:home directory:login shell Password is stored in /etc/shadow. x is a placeholder for that. gid is the primary group for the user. Files created by this user have this gid. printcap ======== lw|LaserWriter:lw=/dev/ttya:br#9600:ms=-parity,onlcr,ixon,decctlq:\ sd=/var/spool/lw:lf=/var/spool/lp-log:mx#0 -------- There's a lot to dissect here, and it's probably best to save that dissection for a proper man page. Long story short, it's a series of options separated by colons. The first option is name and aliases. Everythings else is options that we'll need to specify in the man page. It's kinda like the termcap database, though. So, yeah. profile ======= It seems to be a shell script, basically. Fun. protocols ========= ip0IP # internet protocol --------- It's basically official-name protocol-number alias. We'll need to find these. securetty ========= /dev/tty0 --------- A list of ttys from which root can login. services ======== ssh 22 SSH -------- Like protocols, but it's port instead of protocol. shadow ====== user1:$id$salt$hash:7:7:21:14 ------ username:crypt(3) output:days since pw change:til change allowed:\ til change required:til expiration warning For crypt(3) output, $id is the algorithm used, $salt is the salt used, $hash is the outputted hash. shells ====== /bin/sh ------ Pathnames of shells. Simple enough.