All Projects

Description:

Rename "chroot-nspawn" keyword to "chroot+unshare" one
because"chroot+unshare" subsystem (chroot and unshare command)
is more precise than "chroot-nspawn" (systemd-nspawn
compatibility script) subsystem.

The files with "chroot-nspawn" keyword are:
* /etc/init.d/binfmt
* /etc/init.d/bootmisc (as SYSTEMD-NSPAWN)
* /etc/init.d/consolefont
* /etc/init.d/devfs
* /etc/init.d/dmesg
* /etc/init.d/fsck
* /etc/init.d/hostname
* /etc/init.d/hwclock
* /etc/init.d/keymaps
* /etc/init.d/localmount
* /etc/init.d/loopback
* /etc/init.d/mtab
* /etc/init.d/modules
* /etc/init.d/modules-load
* /etc/init.d/mount-ro
* /etc/init.d/net-online
* /etc/init.d/netmount
* /etc/init.d/numlock
* /etc/init.d/procfs
* /etc/init.d/root
* /etc/init.d/swap
* /etc/init.d/swclock
* /etc/init.d/sysctl
* /etc/init.d/sysfs
* /etc/init.d/termencoding
* /etc/init.d/urandom

Note:
  chroot: run a command with special root directory
  unshare: isolate the command in a different "Linux namespace"

Additional info:

openrc 0.28-14

/etc/rc.conf

 # ""               - nothing special
 # "docker"         - Docker container manager (GNU/Linux)
 # "jail"           - Jail (DragonflyBSD or FreeBSD)
 # "lxc"            - Linux Containers
 # "openvz"         - Linux OpenVZ
 # "prefix"         - Prefix
 # "rkt"            - CoreOS container management system (GNU/Linux)
 # "subhurd"        - Hurd subhurds (to be checked)
-# "chroot-nspawn"  - Container created by chroot-nspawn
+# "chroot"         - Chroot container (to be checked)
+# "chroot+unshare" - Chroot container using unshare command (GNU/Linux)
 # "uml"            - Usermode Linux
 # "vserver"        - Linux vserver
-# "xen0"           - Xen0 Domain (GNU/Linux and NetBSD)
-# "xenU"           - XenU Domain (GNU/Linux and NetBSD)
+# "xen0"           - Xen0 Domain (GNU/HyperBK, GNU/Linux, FreeBSD and NetBSD)
+# "xenU"           - XenU Domain (GNU/Hurd, GNU/HyperBK, GNU/Linux, FreeBSD, NetBSD and OpenBSD)

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-14
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 196.71 KiB
Installed Size  : 1767.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Mon 07 May 2018 03:54:42 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

Run OpenRC init

Description:

• Remove dangerous “local” init script, is a bad idea to use it, see:

“https://wiki.gentoo.org/wiki//etc/local.d”

Additional info:

• openrc 0.28-17

• remove:
  • “/etc/init.d/local”
  • “/etc/local.d/README”
  • “/etc/local.d/”

/etc/init.d/agetty
----
-        after local
+        after *

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-17
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 194.10 KiB
Installed Size  : 1727.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Thu 05 Jul 2018 01:37:37 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

• On boot.

Description:

Please remove "mtab", "modules-load" and "swclock" init scripts.

"mtab" is a deprecated and unmaintained init script,
because filesystem contains a mtab soft link.

"modules-load" init script, is a systemd compatibility configuration
to load the kernel modules from the "/etc/modules-load" configuration
directory.
This init script is useless, because the "modules" init script exists
and it's a duplicated feature.
If you need a module to load a module, just configure "/etc/conf.d/modules"
and start the "modules" init script or add a module in
the "/etc/mkinitcpio.conf" and run mkinitcpio -p $yourkernel

"swclock" is an useless init script, because is a service
setting the local clock based on last shutdown time.
If a machine doesn't support "/etc/rtc", then disable "clock_hctosys" and
"clock_systohc" from "/etc/conf.d/hwclock" with or without
NTP server/client. For chroot environments,"osclock" init script is the way.

Additional info:

openrc 0.28-14

/etc/init.d/localmount

-use lvm modules mtab root
+use lvm modules root

/etc/init.d/modules

-    want modules-load

/etc/init.d/lm_sensors

-after modules-load

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-14
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 196.71 KiB
Installed Size  : 1767.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Mon 07 May 2018 03:54:42 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

Enable the unused init scripts

Description:

• OpenRC needs a minor fix (remount proc)

Additional info:

• openrc 0.28-19

openrc /usr/lib/rc/sh/init.sh

—

-        mount -n -t proc -o noexec,nosuid,nodev,gid=proc,hidepid=2 proc /proc
+        mount -n -t proc -o noexec,nosuid,nodev proc /proc
+        mount -n /proc -o remount,gid=26,hidepid=2

Steps to reproduce:

• Boot OpenRC in chroot with unshare

Description:

• Change the “/proc” filesystem option, reverting FS#1038 .

Additional info:

• openrc 0.28-17

/usr/lib/rc/sh/init.sh
----
-                mount -n -t proc -o noexec,nosuid,nodev,hidepid=2,gid=proc proc /proc
+                mount -n -t proc -o noexec,nosuid,nodev,gid=26,hidepid=2 proc /proc

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-17
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 194.10 KiB
Installed Size  : 1727.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Thu 05 Jul 2018 01:37:37 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

• none.

Description:

• “chroot” initscript contains some errors on “chroot” initscript.

Additional info:

• openrc 0.28-18

/etc/conf.d/chroot

 # initial command
 CR_COMD=/sbin/openrc-init
-# network interfaces
-CR_NINF="veth_guest ethernet"
-# wifi interfaces
-CR_WINF="wifi"
-# service dependecies
-CR_DEPS="net_veth.interface_host
-         chroot.name net.interface_ethernet net.interface_wifi"
+# network interfaces, example: CR_NINF="veh0 eth0"
+CR_NINF=""
+# wifi interfaces, example: CR_WINF="wlan0"
+CR_WINF=""
+# service dependecies, example: CR_DEPS="net.veh0 chroot.dns chroot.ntp net.eth0 net.wlan0"
+CR_DEPS=""
 # wait in seconds to run CR_COMD
 CR_CDWT=1
-# wait in seconds to start the sercice
+# wait in seconds to start the service
 CR_STWT=7
 # wait in seconds to stop the service
 CR_SPWT=7

/etc/init.d/chroot

 depend() {
-        need $CR_NDEP
+        need $CR_DEPS
         after modules bootmisc localmount net netmount
         keyword -jail -prefix -vserver
         provide oslv
 }

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-18
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 193.18 KiB
Installed Size  : 1720.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Sun 08 Jul 2018 01:28:16 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

• On boot “openrc” and/or start “chroot” initscripts.

agetty.tty services need be loaded in default and nonetwork runlevels, not default runlevel only.

Example:

          agetty.tty1 |      default nonetwork  # it's correct, since **agetty.tty1** should be enabled in **nonetwork** runlevel for specific cases such as a maintenance.
          agetty.tty1 |      default           # it's wrong, since it contains **default** runlevel only

agetty.tty symlinks from /etc/init.d/ need be linked to agetty instead of /etc/init.d/agetty.

Example:

agetty.tty1 -> /etc/init.d/agetty # it's a valid symlink, however is wrong because should be linked to agetty directly
agetty.tty1 -> agetty                       # correct symlink

Description:

• Add hidepid in /proc filesystem, needed for chroot with namespaces.
• Revert FS#1082, but as “gid=proc,hidepid=2”, not “hidepid=2,gid=proc”.

Additional info:

• openrc 0.28-18

/usr/lib/rc/sh/init.sh

-                mount -n -t proc -o noexec,nosuid,nodev proc /proc
+                mount -n -t proc -o noexec,nosuid,nodev,gid=proc,hidepid=2 proc /proc

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-18
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 193.18 KiB
Installed Size  : 1720.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Sun 08 Jul 2018 01:28:16 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

• On boot “openrc” on ‘chroot’ with ‘linux namespaces’ (unshare).
• On boot “openrc” on any ‘kernel based virtual machines’ (without /proc premounted).
• On boot the kernel without any image (initramfs-linux-libre-lts*.img).

Description:

Add chroot init script

Note: chroot1 and chroot2 are examples.

Additional info:

openrc 0.28-14

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-14
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 196.71 KiB
Installed Size  : 1767.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Mon 07 May 2018 03:54:42 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

none

Description:

Add "newinstance" mount parameter in "devpts" (in "devfs" init script)

Additional info:

openrc 0.28-14

/etc/init.d/devfs

- “devpts /dev/pts 0755 ,gid=5,mode=0620 devpts” \
+ “devpts /dev/pts 0755 ,gid=5,mode=0620,newinstance devpts” \

$ pacman -Si openrc
Repository      : core
Name            : openrc
Version         : 0.28-14
Description     : A dependency based init system that works with the system provided init program
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Project:OpenRC
Licenses        : BSD2
Groups          : None
Provides        : None
Depends On      : psmisc  pam
Optional Deps   : netifrc: network interface management scripts
                  networkmanager: network connection manager and user applications
Conflicts With  : None
Replaces        : None
Download Size   : 196.71 KiB
Installed Size  : 1767.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Mon 07 May 2018 03:54:42 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:
Run “devfs” init script

Replace RC_SVCDIR to RC_LOGDIR, like:

src/librc/rc.h.in
-----
 #define RC_LIBEXECDIR    "LIBEXECDIR@"
+#define RC_LOGDIR        "/var/log"
_____
src/rc/rc-logger.c
-----
-#define TMPLOG RC_SVCDIR "rc.log"
+#define TMPLOG RC_LOGDIR "rc.log"

Add “onioncat”[0][1] package

[0]:https://www.onioncat.org/ [1]:https://www.onioncat.org/download/ https://www.cypherpunk.at/ocat/download/Source/current/

Implement octopi, octopi-cachecleaner, octopi-notifier and octopi-repoeditor packages.

Octopi is a GUI for Pacman (Package Manager) tools, needed for desktop users[0][1].

Note: Those packages need patches to remove AUR support.

[0]:https://octopiproject.wordpress.com/ [1]:https://github.com/aarnt/octopi

$ pacman -Si ntop
Repository : community
Name : ntop
Version : 5.0.1-10
Description : A network traffic probe that shows the network usage.
Architecture : x86_64
URL : http://www.ntop.org/ Licenses : GPL Groups : None
Provides : None
Depends On : libevent libpcap gd glibc libxml2 openssl rrdtool pcre geoip lua python2
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 21.32 MiB
Installed Size : 48.35 MiB
Packager : Jelle van der Waa jelle@archlinux.org Build Date : Thu 16 Mar 2017 04:13:56 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql ntop > ntop_fileslist.txt

“nspluginwrapper” (released in 2011) uses deprecated/unsecure NPAPI[0] api

$ pacman -Si nspluginwrapper
Repository : multilib
Name : nspluginwrapper
Version : 1.4.4-3
Description : Cross-platform NPAPI compatible plugin viewer
Architecture : x86_64
URL : http://nspluginwrapper.davidben.net/ Licenses : GPL Groups : None
Provides : None
Depends On : curl libxt lib32-libxt gcc-libs lib32-gcc-libs gtk2 lib32-gtk2
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 146.14 KiB
Installed Size : 475.00 KiB
Packager : Felix Yan felixonmars@gmail.com Build Date : Sat 12 Jul 2014 02:40:45 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature

[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap

$ pacman -Si nsd
Repository : community
Name : nsd
Version : 4.1.15-2
Description : Authoritative only, high performance and simple DNS server
Architecture : x86_64
URL : https://www.nlnetlabs.nl/nsd/ Licenses : BSD
Groups : None
Provides : None
Depends On : openssl libevent
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 353.50 KiB
Installed Size : 1834.00 KiB
Packager : Jelle van der Waa jelle@archlinux.org Build Date : Thu 16 Mar 2017 03:28:55 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql nsd
nsd /etc/
nsd /etc/nsd/
nsd /etc/nsd/nsd.conf.sample
nsd /usr/
nsd /usr/bin/
nsd /usr/bin/nsd
nsd /usr/bin/nsd-checkconf
nsd /usr/bin/nsd-checkzone
nsd /usr/bin/nsd-control
nsd /usr/bin/nsd-control-setup
nsd /usr/lib/
nsd /usr/lib/systemd/
nsd /usr/lib/systemd/system/
nsd /usr/lib/systemd/system/nsd.service
nsd /usr/lib/tmpfiles.d/
nsd /usr/lib/tmpfiles.d/nsd.conf
nsd /usr/share/
nsd /usr/share/doc/
nsd /usr/share/doc/nsd/
nsd /usr/share/doc/nsd/CREDITS
nsd /usr/share/doc/nsd/ChangeLog
nsd /usr/share/doc/nsd/LICENSE
nsd /usr/share/doc/nsd/NEW-CFG-OPTION
nsd /usr/share/doc/nsd/NSD-4-features
nsd /usr/share/doc/nsd/NSD-DATABASE
nsd /usr/share/doc/nsd/NSD-DIFFFILE
nsd /usr/share/doc/nsd/NSD-FOR-BIND-USERS
nsd /usr/share/doc/nsd/README
nsd /usr/share/doc/nsd/README.icc
nsd /usr/share/doc/nsd/README.svn
nsd /usr/share/doc/nsd/RELNOTES
nsd /usr/share/doc/nsd/REQUIREMENTS
nsd /usr/share/doc/nsd/TESTPLAN
nsd /usr/share/doc/nsd/TODO
nsd /usr/share/doc/nsd/UPGRADING
nsd /usr/share/doc/nsd/coding-style
nsd /usr/share/doc/nsd/differences.tex
nsd /usr/share/licenses/
nsd /usr/share/licenses/nsd/
nsd /usr/share/licenses/nsd/LICENSE
nsd /usr/share/man/
nsd /usr/share/man/man5/
nsd /usr/share/man/man5/nsd.conf.5.gz
nsd /usr/share/man/man8/
nsd /usr/share/man/man8/nsd-checkconf.8.gz
nsd /usr/share/man/man8/nsd-checkzone.8.gz
nsd /usr/share/man/man8/nsd-control.8.gz
nsd /usr/share/man/man8/nsd.8.gz
nsd /var/
nsd /var/db/
nsd /var/db/nsd/

“npapi-vlc” uses deprecated/unsecure NPAPI[0] api

$ pacman -Si npapi-vlc
Repository : community
Name : npapi-vlc
Version : 2.2.5-1
Description : The modern VLC Mozilla (NPAPI) plugin
Architecture : x86_64
URL : https://code.videolan.org/videolan/npapi-vlc Licenses : GPL Groups : None
Provides : None
Depends On : gtk2 vlc
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 69.96 KiB
Installed Size : 287.00 KiB
Packager : Timothy Redaelli timothy.redaelli@gmail.com Build Date : Tue 14 Feb 2017 12:27:08 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature

[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap

“npapi-sdk” (released in 2012) uses deprecated/unsecure NPAPI[0] api

$ pacman -Si npapi-sdk
Repository : extra
Name : npapi-sdk
Version : 0.27.2-1
Description : Netscape Plugin API (NPAPI)
Architecture : any
URL : https://bitbucket.org/mgorny/npapi-sdk Licenses : MPL
Groups : None
Provides : None
Depends On : None
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 15.77 KiB
Installed Size : 67.00 KiB
Packager : Ionut Biru ibiru@archlinux.org Build Date : Thu 25 Apr 2013 01:47:15 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature

[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap

$ pacman -Si nginx-mainline
Repository      : community
Name            : nginx-mainline
Version         : 1.13.0-1
Description     : Lightweight HTTP server and IMAP/POP3 proxy server, mainline release
Architecture    : x86_64
URL             : https://nginx.org
Licenses        : custom
Groups          : None
Provides        : nginx
Depends On      : pcre  zlib  openssl  geoip
Optional Deps   : None
Conflicts With  : nginx
Replaces        : None
Download Size   : 440.75 KiB
Installed Size  : 1486.00 KiB
Packager        : Giancarlo Razzolini <grazzolini@archlinux.org>
Build Date      : Tue 25 Apr 2017 08:25:13 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Description:

[netifrc] update package to 0.6.0 backport version

Fix security errors:

Fix errors:

Changes:

Features:

Note: Please add a extra hotfix patch from git:

netifrc 0.5.1-3

$ pacman -Si netifrc
Repository      : core
Name            : netifrc
Version         : 0.5.1-3
Description     : Network interface management scripts
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Netifrc
Licenses        : BSD2
Groups          : base
Provides        : None
Depends On      : eudev
Optional Deps   : iproute2: for interface handler, VPN, bridging and tunneling support (recommended)
                  net-tools: for interface handler support
                  bridge-utils: for bridging support
                  linux-atm: for CLIP and RFC 2684 bridge support
                  wpa_supplicant: for wireless networking support (recommended)
                  wireless_tools: for wireless networking support
                  dhcpcd: for DHCP support (recommended)
                  dhclient: for DHCP support
                  busybox: for DHCP support
                  iputils: for APIPA support
                  ifenslave: for bonding interfaces
                  ppp: for PPP and ADSL support (recommended)
                  rp-pppoe: for ADSL support
                  macchanger: for changing MAC addresses
                  ifplugd: for cable in/out detection
Conflicts With  : None
Replaces        : None
Download Size   : 62.75 KiB
Installed Size  : 349.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Wed 24 Jan 2018 09:05:24 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

contains errors in 0.5.1 version

Description:

• “net_veth” and “net_macsec” initscripts contains some issues.

Additional info:

• netifrc 0.6.0-2.backports1

/etc/conf.d/net_veth

-# Source Interface (host)
-IFSRC=interface_host
+# Source Interface (host), example: IFSRC=veh0
+IFSRC=veh0
 # Set custom parameters on Source Interface
 IFCTS=
-# Destination Interface (guest)
-IFDST=interface_guest
+# Destination Interface (guest), example: IFDST=veg0
+IFDST=veg0
 # Set custom parameters on Destination Interface
 IFCTD=

/etc/conf.d/net_macsec

-# Source Interface (host)
-IFSRC=interface_host
-# Network init service dependency from Source Interface
-#IFDEP=net.interface_host
-# Destination Interface (macsec/guest)
-IFDST=interface_macsec
+# Source Interface (host), example: IFSRC=eth0
+IFSRC=eth0
+# Network init service dependency from Source Interface, example: IFDEP=net.eth0
+IFDEP=
+# Destination Interface (macsec/guest), example: IFDST=macsec0
+IFDST=macsec0
 # Set custom parameters on MACsec Interface
 IFCTD=

---

 IFPAR="cipher gcm-aes-128
        icvlen 16
        encrypt on
        protect off
        replay off
        send_sci on
-       validate strict"
+       validate disabled"

---

-# Add receive channels and/or receive association keys (RXSC), examples:
-#
-# [sci_<0..ffffffffffffffff(hex)>|port_<1..65535(dec)>_address_<00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>][_<on/off>]
-#
-# sci_0
-# sci_ffffffffffffffff_on
-# port_1_address_00:00:00:00:00:00
-# port_2_address_ff:ff:ff:ff:ff:ff_off
-#
-# [sci_<0..ffffffffffffffff(hex)>_|port_<1..65535(dec)>_address_<00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>_]sa_<0..3(dec)>_[pn_<1..4294967295(dec)>_][<on/off>_]key_<00..ff(hex)>_<00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>
-#
-# sa_0_key_00_00000000000000000000000000000000
-# sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
-# sci_0_sa_0_key_00_00000000000000000000000000000000
-# sci_32_sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# sci_451_sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# sci_7438f_sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
-# port_1_address_00:00:00:00:00:00_sa_0_key_00_00000000000000000000000000000000
-# port_2_address_ff:ff:ff:ff:ff:ff_sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# port_3_address_00:00:00:ff:ff:ff_sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# port_4_address_ff:ff:ff:00:00:00_sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
+# Add receive channels and/or receive association keys (RXSC), examples:
+#
+# "[sci <0..ffffffffffffffff(hex)>|port <1..65535(dec)> address <00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>][ <on/off>]"
+#
+# "sci 0"
+# "sci ffffffffffffffff on"
+# "port 1 address 00:00:00:00:00:00"
+# "port 2 address ff:ff:ff:ff:ff:ff off"
+#
+# "[sci <0..ffffffffffffffff(hex)> |port <1..65535(dec)> address <00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)> ]sa <0..3(dec)> [pn <1..4294967295(dec)> ][<on/off> ]key <00..ff(hex)> <00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>"
+#
+# "sci 0 sa 0 key 00 00000000000000000000000000000000"
+# "sci 32 sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0"
+# "sci 451 sa 2 on key de de00de00de00de00de00de00de00de00"
+# "sci 7438f sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1"
+# "port 1 address 00:00:00:00:00:00 sa 0 key 00 00000000000000000000000000000000"
+# "port 2 address ff:ff:ff:ff:ff:ff sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0"
+# "port 3 address 00:00:00:ff:ff:ff sa 2 on key de de00de00de00de00de00de00de00de00"
+# "port 4 address ff:ff:ff:00:00:00 sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1"
+#
+# IFRSC=("port 1 address 00:00:00:00:00:00 on"
+#        "port 1 address 00:00:00:00:00:00 sa 0 pn 1 on key 00 00000000000000000000000000000000"
+#        "sci ffffffffffff0001 on"
+#        "sci ffffffffffff0001 sa 0 pn 1 on key 00 ffffffffffffffffffffffffffffffff")
 IFRSC=()

-# Add trasmition association keys (TXSC) , examples:
-# sa_<0..3(dec)>_[pn_<1..4294967295(dec)>_][<on/off>_]key_<00..ff(hex)>_<00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>
-#
-# sa_0_key_00_00000000000000000000000000000000
-# sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
+# Add trasmition association keys (TXSC) , examples:
+# "sa <0..3(dec)> [pn <1..4294967295(dec)> ][<on/off> ]key <00..ff(hex)> <00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>"
+#
+# "sa 0 key 00 00000000000000000000000000000000"
+# "sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0"
+# "sa 2 on key de de00de00de00de00de00de00de00de00"
+# "sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1"
+#
+# IFTSC=("sa 0 pn 1 on key 00 00000000000000000000000000000000")
 IFTSC=()

/etc/init.d/net_macsec

                         if [[ $IFRSC ]]; then
-                                for mac_rxsc in ${IFRSC[@]}; do
-                                        ip macsec add $IFDST rx ${mac_rxsc/_/ }
+                                for mac_rxsc in "${IFRSC[@]}"; do
+                                        ip macsec add $IFDST rx $mac_rxsc
                                 done
                         fi
                         if [[ $IFTSC ]]; then
-                                for mac_txsc in ${IFTSC[@]}; do
-                                        ip macsec add $IFDST tx ${mac_txsc/_/ }
+                                for mac_txsc in "${IFTSC[@]}"; do
+                                        ip macsec add $IFDST tx $mac_txsc
                                 done
                         fi

$ pacman -Si netifrc
Repository      : core
Name            : netifrc
Version         : 0.6.0-2.backports1
Description     : Network interface management scripts
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Netifrc
Licenses        : BSD2
Groups          : base
Provides        : None
Depends On      : eudev
Optional Deps   : iproute2: for interface handler, VPN, bridging and tunneling support (recommended)
                  net-tools: for interface handler support
                  bridge-utils: for bridging support
                  linux-atm: for CLIP and RFC 2684 bridge support
                  wpa_supplicant: for wireless networking support (recommended)
                  wireless_tools: for wireless networking support
                  dhcpcd: for DHCP support (recommended)
                  dhclient: for DHCP support
                  busybox: for DHCP support
                  iputils: for APIPA support
                  ifenslave: for bonding interfaces
                  ppp: for PPP and ADSL support (recommended)
                  rp-pppoe: for ADSL support
                  macchanger: for changing MAC addresses
                  ifplugd: for cable in/out detection
Conflicts With  : None
Replaces        : None
Download Size   : 66.18 KiB
Installed Size  : 373.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Tue 03 Jul 2018 12:16:13 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

• Boot “openrc” and/or start “net_{veth,macsec}” initscripts.

Description:

Add net_macsec and net_veth init scripts

Additional info:

netifrc 0.5.1-3

Repository      : core
Name            : netifrc
Version         : 0.5.1-3
Description     : Network interface management scripts
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Netifrc
Licenses        : BSD2
Groups          : base
Provides        : None
Depends On      : eudev
Optional Deps   : iproute2: for interface handler, VPN, bridging and tunneling support (recommended)
                  net-tools: for interface handler support
                  bridge-utils: for bridging support
                  linux-atm: for CLIP and RFC 2684 bridge support
                  wpa_supplicant: for wireless networking support (recommended)
                  wireless_tools: for wireless networking support
                  dhcpcd: for DHCP support (recommended)
                  dhclient: for DHCP support
                  busybox: for DHCP support
                  iputils: for APIPA support
                  ifenslave: for bonding interfaces
                  ppp: for PPP and ADSL support (recommended)
                  rp-pppoe: for ADSL support
                  macchanger: for changing MAC addresses
                  ifplugd: for cable in/out detection
Conflicts With  : None
Replaces        : None
Download Size   : 62.75 KiB
Installed Size  : 349.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Wed 24 Jan 2018 09:05:24 PM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

none

Description:

• “net.lo” initscript is forced to load in “boot” runlevel by default.
• “loopback” interface doesn’t need changes.
• “net.lo” initscript conflicts with another network services, like: NetworkManager.
• “net.lo” initscript takes extra processor and memory resources when is useless.

Additional info:

• netifrc 0.6.0-2.backports1

This file needs be removed:
* /etc/runlevels/boot/net.lo

$ pacman -Si netifrc
Repository      : core
Name            : netifrc
Version         : 0.6.0-2.backports1
Description     : Network interface management scripts
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Netifrc
Licenses        : BSD2
Groups          : base
Provides        : None
Depends On      : eudev
Optional Deps   : iproute2: for interface handler, VPN, bridging and tunneling support (recommended)
                  net-tools: for interface handler support
                  bridge-utils: for bridging support
                  linux-atm: for CLIP and RFC 2684 bridge support
                  wpa_supplicant: for wireless networking support (recommended)
                  wireless_tools: for wireless networking support
                  dhcpcd: for DHCP support (recommended)
                  dhclient: for DHCP support
                  busybox: for DHCP support
                  iputils: for APIPA support
                  ifenslave: for bonding interfaces
                  ppp: for PPP and ADSL support (recommended)
                  rp-pppoe: for ADSL support
                  macchanger: for changing MAC addresses
                  ifplugd: for cable in/out detection
Conflicts With  : None
Replaces        : None
Download Size   : 66.18 KiB
Installed Size  : 373.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Tue 03 Jul 2018 12:16:13 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

• Boot “openrc”.
• Install and update [netifrc] package.

$ pacman -Si net-snmp
Repository : extra
Name : net-snmp
Version : 5.7.3-4
Description : A suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6
Architecture : x86_64
URL : http://www.net-snmp.org/ Licenses : BSD
Groups : None
Provides : None
Depends On : openssl libnl pciutils perl>=5.24 perl<5.25
Optional Deps : perl-term-readkey: for snmpcheck application

                perl-tk: for snmpcheck and tkmib applications
                python2: for the python modules

Conflicts With : None
Replaces : None
Download Size : 1669.80 KiB
Installed Size : 7676.00 KiB
Packager : Jelle van der Waa jelle@vdwaa.nl Build Date : Thu 16 Mar 2017 07:30:06 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql net-snmp > net-snmp_fileslist.txt

$ pacman -Si mlocate
Repository : core
Name : mlocate
Version : 0.26-6
Description : Merging locate/updatedb implementation
Architecture : x86_64
URL : https://anonscm.debian.org/cgit/collab-maint/mlocate.git Licenses : GPL Groups : None
Provides : None
Depends On : glibc
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 84.40 KiB
Installed Size : 719.00 KiB
Packager : Gaetan Bisson bisson@archlinux.org Build Date : Tue 04 Apr 2017 02:25:36 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature

$ pacman -Ql mlocate > mlocate_fileslist.txt