Maintenance: GitLab software upgrade on Friday Jan 21 at 9 p.m. Service may not be available between 9 p.m. and 9:30 p.m.

Commit e80a6b1e authored by Adam Lewenberg's avatar Adam Lewenberg
Browse files

master branch commit

This is the (old) master branch along with the fixes to the
cron file permissions that Russ made.
parents
# /etc/crontab -- Server system-wide crontab file.
# $Id: crontab.Debian 1370 2007-04-17 09:45:43Z digant $
SHELL=/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# min hrs dom mon dow user command
01 * * * * root test -x /usr/sbin/anacron || run-parts --report /etc/cron.hourly
45 23 * * * root test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily
47 0 * * 7 root test -x /usr/sbin/anacron || run-parts --report /etc/cron.weekly
52 0 1 * * root test -x /usr/sbin/anacron || run-parts --report /etc/cron.monthly
# /etc/crontab -- Server system-wide crontab file.
# $Id: crontab.RedHat 1370 2007-04-17 09:45:43Z digant $
SHELL=/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# min hrs dom mon dow user command
01 * * * * root test -x /usr/sbin/anacron || run-parts /etc/cron.hourly
45 23 * * * root test -x /usr/sbin/anacron || run-parts /etc/cron.daily
47 0 * * 7 root test -x /usr/sbin/anacron || run-parts /etc/cron.weekly
52 0 1 * * root test -x /usr/sbin/anacron || run-parts /etc/cron.monthly
# /etc/crontab -- Server system-wide crontab file.
# $Id: crontab.Ubuntu 15196 2009-05-04 17:17:24Z tskirvin $
SHELL=/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# min hrs dom mon dow user command
01 * * * * root test -x /usr/sbin/anacron || run-parts --report /etc/cron.hourly
45 23 * * * root test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily
47 0 * * 7 root test -x /usr/sbin/anacron || run-parts --report /etc/cron.weekly
52 0 1 * * root test -x /usr/sbin/anacron || run-parts --report /etc/cron.monthly
# /etc/filter-syslog/cron-users
## We don't care about cron/at messages from users on the timeshares
/USR/SBIN/CRON: /^\(\S+\) (CMD|ORPHAN|RELOAD) /
/usr/sbin/cron: /^\(\S+\) (CMD|ORPHAN|RELOAD) /
cron: /^\(\S+\) [A-Z]+ \(\S+\)$/
CRON: /^\(\S+\) could not identify user \(from \S+\)$/
CRON: /^Permission denied$/
CRON: /^\(\S+\) (CMD|ORPHAN|RELOAD) /
crontab: /^\(\S+\) [A-Z]+ \(\S+\)$/
crontab: /^\(\S+\) (BEGIN EDIT|END EDIT|RELOAD) \(\S+\)$/
crond: /^\(\S+\) (CMD|ORPHAN|RELOAD) /
# daemontools - start up the supervise daemon
#
start on runlevel [2345]
stop on runlevel [!2345]
console output
respawn
respawn limit 10 120
exec /usr/bin/svscanboot
# /etc/resolv.conf -- Standard resolver configuration file with local
# DNS cache
domain stanford.edu
search stanford.edu sunet
nameserver 127.0.0.1
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# EL6 specific option for bug
options single-request-reopen
# /etc/resolv.conf -- Standard resolver configuration file without local
# DNS cache
domain stanford.edu
search stanford.edu sunet
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# EL6 specific option for bug
options single-request-reopen
# $Id: resolv.conf.withcache 4197 2007-12-05 17:37:01Z sfeng $
# /etc/resolv.conf -- Standard resolver configuration file with local
# DNS cache
domain stanford.edu
search stanford.edu sunet
nameserver 127.0.0.1
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# $Id: resolv.conf.withcache 4197 2007-12-05 17:37:01Z sfeng $
# /etc/resolv.conf -- Standard resolver configuration file with local
# DNS cache
domain stanford.edu
search stanford.edu sunet
nameserver 127.0.0.1
nameserver 204.63.227.68
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# $Id: resolv.conf.withcache.sunet 4177 2007-12-04 22:15:18Z digant $
# /etc/resolv.conf -- Standard resolver configuration file without local
# DNS cache, with sunet search domain
domain stanford.edu
search stanford.edu sunet
nameserver 127.0.0.1
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# $Id: resolv.conf.withoutcache 4197 2007-12-05 17:37:01Z sfeng $
# /etc/resolv.conf -- Standard resolver configuration file without local
# DNS cache
domain stanford.edu
search stanford.edu sunet
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# $Id: resolv.conf.withoutcache 4197 2007-12-05 17:37:01Z sfeng $
# /etc/resolv.conf -- Standard resolver configuration file without local
# DNS cache
domain stanford.edu
search stanford.edu sunet
nameserver 204.63.227.68
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# $Id: resolv.conf.withoutcache.sunet 4177 2007-12-04 22:15:18Z digant $
# /etc/resolv.conf -- Standard resolver configuration file without local
# DNS cache, with sunet search domain
domain stanford.edu
search stanford.edu sunet
nameserver 171.64.7.121
nameserver 171.64.7.77
nameserver 171.64.7.99
nameserver 171.64.7.55
# $Id: 00rocks 21298 2009-12-09 18:24:53Z tskirvin $
# On ROCKS clusters, this is listed first
# NAT for all of the slaves, if we need it
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
# We take everything from our slave nodes, which are on eth0.
-A FORWARD -i eth1 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -j ACCEPT
-A INPUT -i eth0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
# port used by aces-db-uat
#port 1535 from ITCTXP2
-A SUL -s 10.20.64.16 -p tcp --dport 1535 --syn -j ACCEPT
#Give general oracle ports access to SUNAC/Admin VPN
# TODO remove after systems are on stable newer than 201207
-A INPUT -s 171.66.16.0/20 -p tcp -m tcp --dport 1520:1550 --syn -j ACCEPT
# TODO remove after systems are on stable newer than 201207
#Allow all traffic from adpro-db2-pvt
-A INPUT -s 10.218.1.9 -p tcp --syn -j ACCEPT
-A INPUT -s 10.218.1.9 -p udp -j ACCEPT
#Allow access to db service from bastion and from app subnet
-A INPUT -s 172.20.216.48/28 -p tcp -m multiport --dports 1521,1158,49896:49898 --syn -j ACCEPT
-A INPUT -s 171.67.208.25 -p tcp -m multiport --dports 1521,1158,49896:49898 --syn -j ACCEPT
#for oracle RAC the dbservers need wide open access to each other
-A INPUT -s 172.20.216.16/28 -p tcp --syn -j ACCEPT
-A INPUT -s 172.20.216.16/28 -p udp -j ACCEPT
#Oracle RAC sets up its own IP space
-A INPUT -s 169.254.0.0/16 -p tcp --syn -j ACCEPT
-A INPUT -s 169.254.0.0/16 -p udp -j ACCEPT
# TODO remove after systems are on stable newer than 201207
#Allow all traffic from adpro-db1-pvt
-A INPUT -s 10.218.1.8 -p tcp --syn -j ACCEPT
-A INPUT -s 10.218.1.8 -p udp -j ACCEPT
#Allow access to db service from bastion and from app subnet
-A INPUT -s 172.20.216.48/28 -p tcp -m multiport --dports 1521,1158,49896:49898 --syn -j ACCEPT
-A INPUT -s 171.67.208.25 -p tcp -m multiport --dports 1521,1158,49896:49898 --syn -j ACCEPT
#for oracle RAC the dbservers need wide open access to each other
-A INPUT -s 172.20.216.16/28 -p tcp --syn -j ACCEPT
-A INPUT -s 172.20.216.16/28 -p udp -j ACCEPT
#Oracle RAC sets up its own IP space
-A INPUT -s 169.254.0.0/16 -p tcp --syn -j ACCEPT
-A INPUT -s 169.254.0.0/16 -p udp -j ACCEPT
# TODO remove after systems are on stable newer than 201207
#Allow all traffic from adpro-dbdev2-pvt
-A INPUT -s 10.218.1.6 -p tcp --syn -j ACCEPT
-A INPUT -s 10.218.1.6 -p udp -j ACCEPT
#Allow access to db service from bastion and from app and dbserver subnet
-A INPUT -s 172.20.216.32/28 -p tcp -m multiport --dports 1521,1158,49896:49898 --syn -j ACCEPT
-A INPUT -s 171.67.208.25 -p tcp -m multiport --dports 1521,1158,49896:49898 --syn -j ACCEPT
#for oracle RAC the dbservers need wide open access to each other
-A INPUT -s 172.20.216.0/28 -p tcp --syn -j ACCEPT
-A INPUT -s 172.20.216.0/28 -p udp -j ACCEPT
#Oracle RAC sets up its own IP space
-A INPUT -s 169.254.0.0/16 -p tcp --syn -j ACCEPT
-A INPUT -s 169.254.0.0/16 -p udp -j ACCEPT
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment