aboutsummaryrefslogtreecommitdiff
path: root/straper/db/public/users
diff options
context:
space:
mode:
authorLukasz Kasprzak <lukasz.kasprzak@pm.me>2026-04-14 22:32:43 +0200
committerLukasz Kasprzak <lukasz.kasprzak@pm.me>2026-04-14 22:32:43 +0200
commit83f7fe4b8402bab171d110703a1b1115efbc9b28 (patch)
tree19110702c7d740f6bd8ee4f5d2ebcb97442be237 /straper/db/public/users
parent51d43498b07dc97d795947964534f0903cd05db5 (diff)
downloadbin-83f7fe4b8402bab171d110703a1b1115efbc9b28.tar.gz
bin-83f7fe4b8402bab171d110703a1b1115efbc9b28.zip
cleaned up many scrits and deleted some that were of no use; renamed a lot
Diffstat (limited to 'straper/db/public/users')
-rw-r--r--straper/db/public/users/groups-sanitized.txt80
-rw-r--r--straper/db/public/users/login-users.txt3
-rw-r--r--straper/db/public/users/login.defs192
-rw-r--r--straper/db/public/users/passwd-sanitized.txt50
-rw-r--r--straper/db/public/users/shells11
-rw-r--r--straper/db/public/users/sshd_config133
6 files changed, 0 insertions, 469 deletions
diff --git a/straper/db/public/users/groups-sanitized.txt b/straper/db/public/users/groups-sanitized.txt
deleted file mode 100644
index 55c01eb..0000000
--- a/straper/db/public/users/groups-sanitized.txt
+++ /dev/null
@@ -1,80 +0,0 @@
-root:0
-daemon:1
-bin:2
-sys:3
-adm:4
-tty:5
-disk:6
-lp:7
-mail:8
-news:9
-uucp:10
-man:12
-proxy:13
-kmem:15
-dialout:20
-fax:21
-voice:22
-cdrom:24
-floppy:25
-tape:26
-sudo:27
-audio:29
-dip:30
-www-data:33
-backup:34
-operator:37
-list:38
-irc:39
-src:40
-shadow:42
-utmp:43
-video:44
-sasl:45
-plugdev:46
-staff:50
-games:60
-users:100
-nogroup:65534
-systemd-journal:999
-systemd-network:998
-crontab:997
-input:996
-sgx:995
-clock:994
-kvm:993
-render:992
-netdev:101
-messagebus:991
-systemd-timesync:990
-_ssh:102
-bluetooth:103
-lukasz:1000
-systemd-resolve:988
-polkitd:986
-borg:1001
-borgbrowse:1002
-docker:989
-tcpdump:104
-mysql:105
-plocate:106
-ssl-cert:107
-prosody:108
-uuidd:109
-prometheus:111
-grafana:112
-msmtp:110
-postfix:113
-postdrop:114
-vlock:115
-tss:116
-fwupd-refresh:985
-lufi:987
-ice:117
-mumble-server:118
-avahi:119
-unbound:120
-alloy:984
-debian-tor:121
-i2pd:122
-gopher:123
diff --git a/straper/db/public/users/login-users.txt b/straper/db/public/users/login-users.txt
deleted file mode 100644
index 3636d59..0000000
--- a/straper/db/public/users/login-users.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-root home=/root shell=/bin/bash
-lukasz home=/home/lukasz shell=/usr/bin/zsh
-borg home=/home/borg shell=/bin/bash
diff --git a/straper/db/public/users/login.defs b/straper/db/public/users/login.defs
deleted file mode 100644
index 91d3ec4..0000000
--- a/straper/db/public/users/login.defs
+++ /dev/null
@@ -1,192 +0,0 @@
-#
-# /etc/login.defs - Configuration control definitions for the shadow package.
-#
-
-# REQUIRED for useradd/userdel/usermod
-# Directory where mailboxes reside, _or_ name of file, relative to the
-# home directory. If you _do_ define MAIL_DIR and MAIL_FILE,
-# MAIL_DIR takes precedence.
-#
-# Essentially:
-# - MAIL_DIR defines the location of users mail spool files
-# (for mbox use) by appending the username to MAIL_DIR as defined
-# below.
-# - MAIL_FILE defines the location of the users mail spool files as the
-# fully-qualified filename obtained by prepending the user home
-# directory before $MAIL_FILE
-#
-# NOTE: This is no more used for setting up users MAIL environment variable
-# which is, starting from shadow 4.0.12-1 in Debian, entirely the
-# job of the pam_mail PAM modules
-# See default PAM configuration files provided for
-# login, su, etc.
-#
-# This is a temporary situation: setting these variables will soon
-# move to /etc/default/useradd and the variables will then be
-# no more supported
-MAIL_DIR /var/mail
-#MAIL_FILE .mail
-
-#
-# Enable display of unknown usernames when login(1) failures are recorded.
-#
-# WARNING: Unknown usernames may become world readable.
-# See #290803 and #298773 for details about how this could become a security
-# concern
-LOG_UNKFAIL_ENAB no
-
-#
-# Enable logging of successful logins
-#
-LOG_OK_LOGINS no
-
-#
-# If defined, file which maps tty line to TERM environment parameter.
-# Each line of the file is in a format similar to "vt100 tty01".
-#
-#TTYTYPE_FILE /etc/ttytype
-
-#
-# If defined, file which inhibits all the usual chatter during the login
-# sequence. If a full pathname, then hushed mode will be enabled if the
-# user's name or shell are found in the file. If not a full pathname, then
-# hushed mode will be enabled if the file exists in the user's home directory.
-#
-HUSHLOGIN_FILE .hushlogin
-#HUSHLOGIN_FILE /etc/hushlogins
-
-#
-# *REQUIRED* The default PATH settings, for superuser and normal users.
-#
-# (they are minimal, add the rest in the shell startup files)
-ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
-ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
-
-#
-# Terminal permissions for terminals after login(1).
-# These settings are ignored for remote and other logins.
-#
-# TTYGROUP Login tty will be assigned this group ownership.
-# TTYPERM Login tty will be set to this permission.
-#
-#TTYGROUP tty
-TTYPERM 0600
-
-#
-# Login configuration initializations:
-#
-# ERASECHAR Terminal ERASE character ('\010' = backspace).
-# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
-#
-# The ERASECHAR and KILLCHAR are used only on System V machines.
-#
-ERASECHAR 0177
-KILLCHAR 025
-
-# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
-# home directories.
-HOME_MODE 0700
-
-#
-# Password aging controls:
-#
-# PASS_MAX_DAYS Maximum number of days a password may be used.
-# PASS_MIN_DAYS Minimum number of days allowed between password changes.
-# PASS_WARN_AGE Number of days warning given before a password expires.
-#
-PASS_MAX_DAYS 99999
-PASS_MIN_DAYS 0
-PASS_WARN_AGE 7
-
-#
-# Min/max values for automatic uid selection in useradd(8)
-#
-UID_MIN 1000
-UID_MAX 60000
-# System accounts
-#SYS_UID_MIN 101
-#SYS_UID_MAX 999
-# Extra per user uids
-SUB_UID_MIN 100000
-SUB_UID_MAX 600100000
-SUB_UID_COUNT 65536
-
-#
-# Min/max values for automatic gid selection in groupadd(8)
-#
-GID_MIN 1000
-GID_MAX 60000
-# System accounts
-#SYS_GID_MIN 101
-#SYS_GID_MAX 999
-# Extra per user group ids
-SUB_GID_MIN 100000
-SUB_GID_MAX 600100000
-SUB_GID_COUNT 65536
-
-#
-# Max number of login(1) retries if password is bad
-# This will most likely be overriden by PAM, since the default pam_unix module
-# has it's own built in of 3 retries. However, this is a safe fallback in case
-# you are using an authentication module that does not enforce PAM_MAXTRIES.
-#
-LOGIN_RETRIES 5
-
-#
-# Max time in seconds for login(1)
-#
-LOGIN_TIMEOUT 60
-
-#
-# Which fields may be changed by regular users using chfn(1) - use
-# any combination of letters "frwh" (full name, room number, work
-# phone, home phone). If not defined, no changes are allowed.
-# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
-#
-CHFN_RESTRICT rwh
-
-#
-# If set to MD5, MD5-based algorithm will be used for encrypting password
-# If set to SHA256, SHA256-based algorithm will be used for encrypting password
-# If set to SHA512, SHA512-based algorithm will be used for encrypting password
-# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
-# If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password
-# If set to DES, DES-based algorithm will be used for encrypting password (default)
-# MD5 and DES should not be used for new hashes, see crypt(5) for recommendations.
-# Overrides the MD5_CRYPT_ENAB option
-#
-# Note: It is recommended to use a value consistent with
-# the PAM modules configuration.
-#
-ENCRYPT_METHOD YESCRYPT
-
-#
-# Should login be allowed if we can't cd to the home directory?
-# Default is no.
-#
-DEFAULT_HOME yes
-
-#
-# The pwck(8) utility emits a warning for any system account with a home
-# directory that does not exist. Some system accounts intentionally do
-# not have a home directory. Such accounts may have this string as
-# their home directory in /etc/passwd to avoid a spurious warning.
-#
-NONEXISTENT /nonexistent
-
-#
-# If defined, this command is run when removing a user.
-# It should remove any at/cron/print jobs etc. owned by
-# the user to be removed (passed as the first argument).
-#
-#USERDEL_CMD /usr/sbin/userdel_local
-
-#
-# If set to yes, userdel(8) will remove the user's group if it contains no more
-# members, and useradd(8) will create by default a group with the name of the
-# user.
-#
-# Other former uses of this variable are not used in PAM environments, such as
-# Debian.
-#
-USERGROUPS_ENAB yes
diff --git a/straper/db/public/users/passwd-sanitized.txt b/straper/db/public/users/passwd-sanitized.txt
deleted file mode 100644
index 79fc10b..0000000
--- a/straper/db/public/users/passwd-sanitized.txt
+++ /dev/null
@@ -1,50 +0,0 @@
-root:0:0:root:/root:/bin/bash
-daemon:1:1:daemon:/usr/sbin:/usr/sbin/nologin
-bin:2:2:bin:/bin:/usr/sbin/nologin
-sys:3:3:sys:/dev:/usr/sbin/nologin
-sync:4:65534:sync:/bin:/bin/sync
-games:5:60:games:/usr/games:/usr/sbin/nologin
-man:6:12:man:/var/cache/man:/usr/sbin/nologin
-lp:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
-mail:8:8:mail:/var/mail:/usr/sbin/nologin
-news:9:9:news:/var/spool/news:/usr/sbin/nologin
-uucp:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
-proxy:13:13:proxy:/bin:/usr/sbin/nologin
-www-data:33:33:www-data:/var/www:/usr/sbin/nologin
-backup:34:34:backup:/var/backups:/usr/sbin/nologin
-list:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
-irc:39:39:ircd:/run/ircd:/usr/sbin/nologin
-_apt:42:65534::/nonexistent:/usr/sbin/nologin
-nobody:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
-systemd-network:998:998:systemd Network Management:/:/usr/sbin/nologin
-dhcpcd:100:65534:DHCP Client Daemon:/usr/lib/dhcpcd:/bin/false
-messagebus:991:991:System Message Bus:/nonexistent:/usr/sbin/nologin
-systemd-timesync:990:990:systemd Time Synchronization:/:/usr/sbin/nologin
-sshd:989:65534:sshd user:/run/sshd:/usr/sbin/nologin
-lukasz:1000:1000:lukasz,,,:/home/lukasz:/usr/bin/zsh
-systemd-resolve:988:988:systemd Resolver:/:/usr/sbin/nologin
-dnsmasq:987:65534:dnsmasq:/var/lib/misc:/usr/sbin/nologin
-polkitd:986:986:User for polkitd:/:/usr/sbin/nologin
-borg:1001:1001::/home/borg:/bin/bash
-tcpdump:101:104::/nonexistent:/usr/sbin/nologin
-mysql:102:105:MariaDB Server:/nonexistent:/bin/false
-prosody:103:108:Prosody XMPP Server:/var/lib/prosody:/usr/sbin/nologin
-uuidd:104:109::/run/uuidd:/usr/sbin/nologin
-usbmux:105:46:usbmux daemon:/var/lib/usbmux:/usr/sbin/nologin
-prometheus:107:111:Prometheus daemon:/var/lib/prometheus:/usr/sbin/nologin
-grafana:108:112::/usr/share/grafana:/bin/false
-msmtp:106:110::/var/lib/msmtp:/usr/sbin/nologin
-postfix:109:113:Postfix MTA:/var/spool/postfix:/usr/sbin/nologin
-tss:110:116:TPM software stack:/var/lib/tpm:/bin/false
-fwupd-refresh:985:985:Firmware update daemon:/var/lib/fwupd:/usr/sbin/nologin
-lufi:999:987::/srv/lufi:/usr/sbin/nologin
-ice:111:117:Ice Service account:/var/lib/ice:/usr/sbin/nologin
-mumble-server:112:118::/var/lib/mumble-server:/usr/sbin/nologin
-avahi:113:119:Avahi mDNS daemon:/run/avahi-daemon:/usr/sbin/nologin
-unbound:114:120::/var/lib/unbound:/usr/sbin/nologin
-loki:115:65534::/nonexistent:/bin/false
-promtail:116:65534::/nonexistent:/bin/false
-alloy:997:984:alloy user:/var/lib/alloy:/sbin/nologin
-debian-tor:117:121::/var/lib/tor:/bin/false
-i2pd:118:122::/var/lib/i2pd:/usr/sbin/nologin
-gopher:119:123::/var/gopher:/usr/sbin/nologin
diff --git a/straper/db/public/users/shells b/straper/db/public/users/shells
deleted file mode 100644
index ee9995a..0000000
--- a/straper/db/public/users/shells
+++ /dev/null
@@ -1,11 +0,0 @@
-# /etc/shells: valid login shells
-/bin/sh
-/usr/bin/sh
-/bin/bash
-/usr/bin/bash
-/bin/rbash
-/usr/bin/rbash
-/usr/bin/dash
-/usr/bin/tmux
-/bin/zsh
-/usr/bin/zsh
diff --git a/straper/db/public/users/sshd_config b/straper/db/public/users/sshd_config
deleted file mode 100644
index e7bec65..0000000
--- a/straper/db/public/users/sshd_config
+++ /dev/null
@@ -1,133 +0,0 @@
-
-# This is the sshd server system-wide configuration file. See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options override the
-# default value.
-
-Include /etc/ssh/sshd_config.d/*.conf
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to "no" here!
-#PasswordAuthentication yes
-#PermitEmptyPasswords no
-
-# Change to "yes" to enable keyboard-interactive authentication. Depending on
-# the system's configuration, this may involve passwords, challenge-response,
-# one-time passwords or some combination of these and other methods.
-# Beware issues with some PAM modules and threads.
-KbdInteractiveAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the KbdInteractiveAuthentication and
-# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via KbdInteractiveAuthentication may bypass
-# the setting of "PermitRootLogin prohibit-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and KbdInteractiveAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding no
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale and color environment variables
-AcceptEnv LANG LC_* COLORTERM NO_COLOR
-
-# override default of no subsystems
-Subsystem sftp /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-# X11Forwarding no
-# AllowTcpForwarding no
-# PermitTTY no
-# ForceCommand cvs server
-# === custom hardening ===
-Port 57385
-PermitRootLogin no
-PasswordAuthentication no
-PubkeyAuthentication yes
-MaxAuthTries 3
-LoginGraceTime 30
-AllowUsers lukasz borg
-