pratyush/arch-conf-install
Archived
1
0
Fork 0
Code Issues 5 Pull Requests Projects 1 Releases Wiki Activity

Compare commits

base: pratyush:6f0e2eab361d79891aaedb32373b3d471e8bbc7e
Branches Tags
pratyush:master
pratyush:devel
pratyush:audio-realtime
..
compare: pratyush:c3e200aa04b8f8e417b16e3d6d1dbd43bae312d4
Branches Tags
pratyush:devel
pratyush:master
pratyush:audio-realtime

No commits in common. "6f0e2eab361d79891aaedb32373b3d471e8bbc7e" and "c3e200aa04b8f8e417b16e3d6d1dbd43bae312d4" have entirely different histories.
6f0e2eab36 ... c3e200aa04

14 changed files with 0 additions and 275 deletions
Show Stats Expand all files Collapse all files

0
io/audio.md
View File

9
io/prof_audio.md
View File

@ -1,9 +0,0 @@
# Professional Audio Configuration in Arch Linux
Semi-Pro*
## Resources
* [Wiki](https://wiki.archlinux.org/title/Professional_audio)
* `pacman -Sg pro-audio` to view all the packages in that group
* Uses [JACK](https://wiki.archlinux.org/title/JACK_Audio_Connection_Kit)

11
scripts/install.sh
View File

@ -1,11 +0,0 @@
#!/bin/bash
# install yay
cd ~
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si
cd ..
sudo rm -rf yay

10
services/aide/README.md
View File

@ -1,10 +0,0 @@
# AIDE - Advanced Intrusion Detection Environment
## Introduction
AIDE is a file integrity checker.
## Installation and Setup
* Inspect and install the AUR package `aide`.
* It seems to have sane defaults and the file is heavily commented, it can be found along `/etc/aide.conf`.

145
services/aide/aide/aide.conf
View File

@ -1,145 +0,0 @@
# Example configuration file for AIDE.
#
@@define DBDIR /var/lib/aide
@@define LOGDIR /var/log/aide
# The location of the database to be read.
database=file:@@{DBDIR}/aide.db.gz
# The location of the database to be written.
#database_out=sql:host:port:database:login_name:passwd:table
#database_out=file:aide.db.new
database_out=file:@@{DBDIR}/aide.db.new.gz
# Whether to gzip the output to database
gzip_dbout=yes
# Default.
verbose=5
report_url=file:@@{LOGDIR}/aide.log
report_url=stdout
#report_url=stderr
#
# Here are all the attributes we can check
#p: permissions
#i: inode
#n: number of links
#l: link name
#u: user
#g: group
#s: size
###b: block count
#m: mtime
#a: atime
#c: ctime
#S: check for growing size
#I: ignore changed filename
#ANF: allow new files
#ARF: allow removed files
#
# Here are all the digests we can use
#md5: md5 checksum
#sha1: sha1 checksum
#sha256: sha256 checksum
#sha512: sha512 checksum
#rmd160: rmd160 checksum
#tiger: tiger checksum
#haval: haval checksum
#crc32: crc32 checksum
#gost: gost checksum
#whirlpool: whirlpool checksum
# These are the default rules
#R: p+i+l+n+u+g+s+m+c+md5
#L: p+i+l+n+u+g
#E: Empty group
#>: Growing logfile p+l+u+g+i+n+S
# You can create custom rules - my home made rule definition goes like this
ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
# Everything but access time (Ie. all changes)
EVERYTHING = R+ALLXTRAHASHES
# Sane, with multiple hashes
# NORMAL = R+rmd160+sha256+whirlpool
NORMAL = R+rmd160+sha256
# For directories, don't bother doing hashes
DIR = p+i+n+u+g+acl+xattrs
# Access control only
PERMS = p+i+u+g+acl
# Logfile are special, in that they often change
LOG = >
# Just do md5 and sha256 hashes
LSPP = R+sha256
# Some files get updated automatically, so the inode/ctime/mtime change
# but we want to know when the data inside them changes
DATAONLY = p+n+u+g+s+acl+xattrs+md5+sha256+rmd160+tiger
# Next decide what directories/files you want in the database.
/boot NORMAL
/bin NORMAL
/sbin NORMAL
/lib NORMAL
/lib64 NORMAL
/opt NORMAL
/usr NORMAL
/root NORMAL
# These are too volatile
!/usr/src
!/usr/tmp
# Check only permissions, inode, user and group for /etc, but
# cover some important files closely.
/etc PERMS
!/etc/mtab
# Ignore backup files
!/etc/.*~
/etc/exports NORMAL
/etc/fstab NORMAL
/etc/passwd NORMAL
/etc/group NORMAL
/etc/gshadow NORMAL
/etc/shadow NORMAL
/etc/security/opasswd NORMAL
/etc/hosts.allow NORMAL
/etc/hosts.deny NORMAL
/etc/sudoers NORMAL
/etc/skel NORMAL
/etc/logrotate.d NORMAL
/etc/resolv.conf DATAONLY
/etc/nscd.conf NORMAL
/etc/securetty NORMAL
# Shell/X starting files
/etc/profile NORMAL
/etc/bashrc NORMAL
/etc/bash_completion.d/ NORMAL
/etc/login.defs NORMAL
/etc/zprofile NORMAL
/etc/zshrc NORMAL
/etc/zlogin NORMAL
/etc/zlogout NORMAL
/etc/profile.d/ NORMAL
/etc/X11/ NORMAL
# Ignore logs
!/var/lib/pacman/.*
!/var/cache/.*
!/var/log/.*
!/var/run/.*
!/var/spool/.*

39
services/audit-framework/README.md
View File

@ -1,39 +0,0 @@
# Audit Framework
## Kernel
To ensure that all process which may have started before `auditd` are marked as auditable use boot time kernel param `audit=1`.
## Userspace
* Install the `audit` package, enable and start the `auditd.service`.
* The config file is `auditd.conf`.
* The rules are defined in `/etc/audit/audit.rules`.
* `auditctl` can be used to edit rules on the fly.
* `ausearch` and `aureport` are used to summarize and view data.
## Rules
* Read from `/etc/audit/auditd.rules`
* If for example `/etc/audit/rules.d/syscalls.rules` is the sort of structure being followed,
`augenrules` is used to merge all the component rules files.
* It is recommended to run first with the `--check` flag and `--load` can be used if there were no errors found.
* The files are concatenated in order, based on their natural sort (see -v option of ls(1)) and stripped of empty and comment (#) lines.
* rulesets:
* syscalls
* format: `-a action,list -S syscall -F field=value -k keyname`
* files
* format: `-w path-to-file -p permissions -k keyname`
* ..?
## Further Reading
* `man` pages (list here)
* archwiki article
* syscalls docs
* update the format for rules

20
services/audit-framework/auditd/.auread-aliases
View File

@ -1,20 +0,0 @@
#!/bin/bash
# aureport and ausearch
alias aurepwk='aureport --start this-week'
alias aurepwkv='aureport --start this-week --key --summary'
# syscall audit rule for failure to open files due to EPERM with key field access
# add to syscall.rules
# -a always,exit -F arch=b64 -S open -S openat -F exit=-EPERM -k access
# check which files have been attempted
alias aurfilist='ausearch --start this-week -k access --raw | aureport --file --summary'
# check the user accounts implicated
alias aurlusfi='ausearch --start this-week -k access --raw | aureport --user --summary'

0
services/audit-framework/auditd/auditd.conf
View File

0
services/audit-framework/auditd/auditd.rules
View File

3
services/audit-framework/auditd/rules.d/file.rules
View File

@ -1,3 +0,0 @@
-w /etc/passwd -p rwxa
-w /etc/sudoers -p rwxa
-w /etc/nftables.conf -p rwxa

4
services/audit-framework/auditd/rules.d/syscalls.rules
View File

@ -1,4 +0,0 @@
-a entry,always -S chmod
-a entry,always -S chown

7
services/logwatch/logwatch.md
View File

@ -1,7 +0,0 @@
# Logwatch
## Installation and Setup
* Install `logwatch` package.
* The `logwatch.timer` needs to be started and/or enabled
* Reference: `/usr/share/logwatch/HOWTO-Customize-LogWatch`

7
services/performance-monitoring/performance-stats.md
View File

@ -1,7 +0,0 @@
# Hardware Performance Measurment
## Tools and Commands
1. `i7z`
2. `turbostat`
3. TODO: Expand

20
services/power-management/tools.md
View File

@ -1,20 +0,0 @@
# Power Management Tools
## Tools and their configurations
### cpupower
* `cpupower` and the AUR `cpupower-gui` are the relevant packages.
* These are a set of userspace utilities designed to assist with CPU frequency scaling.
* the configuration is located at `/etc/default/cpupower`
* __Enable__ and _start_ the systemd service.
### Power Profile Daemons
* look into [PPD](https://wiki.archlinux.org/title/CPU_frequency_scaling#power-profiles-daemon)
* using 'performance'.
## thermald
* The `thermald` package is a Linux daemon used to prevent the overheating of Intel CPUs. This daemon monitors temperature and applies compensation using available cooling methods.
* _Start_ and __enable__ the systemd service