# # ChangeLog for server/fedora/config # # Generated by Trac 1.0.2 # Mar 28, 2024, 4:25:54 AM Mon, 18 Aug 2008 08:38:56 GMT andersk [804] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) We don't actually have a deb.gif. Sun, 17 Aug 2008 00:57:00 GMT andersk [802] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Allow a directory index of /__scripts/icons. Wed, 13 Aug 2008 15:54:59 GMT geofft [801] * server/fedora/config/etc/pki (added) * server/fedora/config/etc/pki/tls (added) * server/fedora/config/etc/pki/tls/certs (added) * server/fedora/config/etc/pki/tls/certs/ca.pem (added) * server/fedora/config/etc/pki/tls/certs/familynet.pem (added) * server/fedora/config/etc/pki/tls/certs/scripts-cert.pem (added) * server/fedora/config/etc/pki/tls/certs/scripts.pem (added) * server/fedora/config/etc/pki/tls/certs/star.scripts.pem (added) /etc: Add pki/tls/certs/*.pem to the repository. Sat, 09 Aug 2008 01:10:28 GMT geofft [799] * server/fedora/config/etc/cron.d/whoisd (modified) * server/fedora/config/etc/sysctl.conf (modified) Uncommitted changes from o-f: reboot on kernel panic (do we actually ... Wed, 06 Aug 2008 04:45:49 GMT quentin [794] * server/fedora/config/etc/sudoers (modified) Update sudoers based on F9 template Wed, 06 Aug 2008 04:17:39 GMT quentin [792] * server/fedora/config/etc/exports (deleted) We don't share /tmp (eeew) Wed, 06 Aug 2008 04:07:28 GMT quentin [791] * server/fedora/config/etc/hosts (modified) Add bees-knees and cats-whiskers to /etc/hosts Tue, 05 Aug 2008 19:15:54 GMT geofft [790] * server/fedora/config/etc/httpd/conf.d/scripts-vhost-names.conf (modified) Oops, missed scripts-test's IP. Tue, 05 Aug 2008 19:14:32 GMT geofft [789] * server/fedora/config/etc/httpd/conf.d/scripts-vhost-names.conf (modified) Update names for scripts[1-4] Sun, 03 Aug 2008 16:53:23 GMT geofft [787] * server/fedora/config/etc/sysconfig/iptables (modified) Fix some stuff about our iptables rules, including: - Remove ACCEPT ... Sat, 02 Aug 2008 21:25:38 GMT quentin [784] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Use explicit recipients for non-root log messages Sat, 02 Aug 2008 21:17:54 GMT geofft [783] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Make d_zroot.pl zephyr people in the .k5login in personals Fri, 25 Jul 2008 02:54:02 GMT quentin [781] * server/fedora/config/etc/munin/apache-htpasswd (copied) * server/fedora/config/etc/munin/munin-node.conf (modified) munin needs to start as root so it can setuid to run the script; it ... Fri, 25 Jul 2008 01:06:40 GMT geofft [780] * server/fedora/config/etc/munin/apache-htpasswd (deleted) * server/fedora/config/etc/munin/munin-node.conf (modified) Munin should not run as root. Remove munin's htpasswd file, since ... Fri, 25 Jul 2008 00:17:14 GMT geofft [779] * server/fedora/config/etc/httpd/conf.d/scripts-vhost.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) mod_status is a serious privacy violation. Sun, 13 Jul 2008 05:42:34 GMT geofft [778] * server/fedora/config/etc/sysconfig/openafs (modified) This list is a little better Sun, 13 Jul 2008 01:27:44 GMT geofft [777] * server/fedora/config/etc/sysconfig/openafs (modified) Add more sysnames to differentiate between OS releases, and add the ... Thu, 10 Jul 2008 09:33:57 GMT geofft [775] * server/fedora/config/etc/nscd.conf (added) Version nscd.conf, and reduce the negative TTL to 5 seconds to solve ... Wed, 18 Jun 2008 22:42:57 GMT quentin [770] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Stop more spew; parse ssh keys and identify the used key when ... Tue, 17 Jun 2008 06:11:32 GMT geofft [768] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Commented out scripts-spew. It is inappropriate to send syslogs about ... Tue, 03 Jun 2008 17:23:48 GMT presbrey [761] * server/fedora/config/gems.py (modified) gem replication install script Thu, 22 May 2008 23:30:20 GMT quentin [759] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) * server/fedora/config/etc/sysconfig/httpd (added) Tweak httpd settings Wed, 21 May 2008 21:29:00 GMT quentin [758] * server/fedora/config/etc/nagios/check_afs (modified) Avoid spew in cases of serious error Wed, 21 May 2008 21:27:41 GMT quentin [757] * server/fedora/config/etc/nagios/check_afs (added) * server/fedora/config/etc/nagios/nrpe.cfg (modified) Add AFS monitoring to Nagios Wed, 14 May 2008 12:53:22 GMT andersk [755] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Oops, missed a spot. Wed, 14 May 2008 12:48:26 GMT andersk [754] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Use the scripts private key for *.scripts as well (the previous ... Thu, 08 May 2008 13:28:51 GMT andersk [751] * server/fedora/config/etc/nsswitch.conf (added) Configure nsswitch.conf to use nss_nonlocal. Wed, 07 May 2008 02:55:03 GMT andersk [749] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Nope. Don't care. Fri, 02 May 2008 22:45:13 GMT andersk [740] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Update SSL configuration directives from Fedora's ssl.conf. Notably, ... Fri, 02 May 2008 11:52:57 GMT andersk [739] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) spew-- Thu, 01 May 2008 12:22:00 GMT andersk [738] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) SHUT. THE. FUCK. UP. Thu, 24 Apr 2008 04:36:50 GMT andersk [734] * server/fedora/config/etc/httpd/conf.d/vhosts-common-ssl.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Turn on KeepAlive for SSL and increase timeouts, to avoid ... Mon, 07 Apr 2008 10:47:10 GMT quentin [715] * server/fedora/config/etc/sysconfig/iptables (modified) Allow syn to access nrpe through iptables Mon, 07 Apr 2008 01:28:25 GMT quentin [712] * server/fedora/config/etc/nagios/nrpe.cfg (modified) Allow syn to monitor scripts Wed, 02 Apr 2008 03:36:37 GMT geofft [708] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) * server/fedora/config/etc/krb5.conf (modified) * server/fedora/config/etc/sudoers (modified) * server/fedora/config/etc/sysconfig/openafs (modified) * server/fedora/config/etc/yum.conf (modified) Add rebecca to sudoers. Wed, 02 Apr 2008 03:03:31 GMT andersk [707] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) This sucker has had it coming for a long time. Sat, 08 Mar 2008 07:07:37 GMT quentin [690] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Ignore more syslog messages Fri, 07 Mar 2008 17:20:54 GMT andersk [687] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) We might as well present the *.scripts.mit.edu certificate for ... Fri, 07 Mar 2008 15:40:09 GMT andersk [682] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) Revert r681; this doesn't actually work. Fri, 07 Mar 2008 15:28:43 GMT andersk [681] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) Drop to nobody in case of a terrible mod_vhost_ldap disaster. Thu, 06 Mar 2008 08:09:30 GMT andersk [677] * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:3 (deleted) Remove hacks-old. Thu, 28 Feb 2008 04:55:38 GMT quentin [671] * server/fedora/config/etc/php.d/scripts.ini (modified) Remove broken configuration for deprecated mime_magic module, as we ... Tue, 26 Feb 2008 22:59:41 GMT geofft [669] * server/fedora/config/etc/ssh/sshd_config (modified) disable X11 forwarding; allow forwarding $EDITOR and $VISUAL because ... Tue, 26 Feb 2008 06:56:50 GMT quentin [668] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Ignore more meaningless sshd logs Tue, 26 Feb 2008 04:42:55 GMT quentin [667] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Don't log logins from non-root users Tue, 26 Feb 2008 04:29:16 GMT quentin [666] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Change syslog zephyring to coalesce messages Mon, 25 Feb 2008 21:26:46 GMT quentin [665] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Make Zephyrs more useful and move to -c scripts-auto Mon, 25 Feb 2008 21:19:01 GMT andersk [664] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) -c scripts -> -c scripts-auto. Sun, 17 Feb 2008 21:25:36 GMT quentin [662] * server/fedora/config/etc/cron.d/whoisd (modified) Save log and pid in the right places Sun, 17 Feb 2008 21:21:44 GMT quentin [661] * server/fedora/config/etc/cron.d (added) * server/fedora/config/etc/cron.d/whoisd (added) Run whoisd on startup Tue, 12 Feb 2008 18:11:36 GMT quentin [657] * server/fedora/config/etc/munin/plugin-conf.d/munin-node (modified) Run if_ plugin as root so it can determine the interface speed Tue, 12 Feb 2008 05:28:53 GMT andersk [656] * server/fedora/config/etc/httpd (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) * vhosts (deleted) And finally the vhosts directory is unused. Tue, 12 Feb 2008 04:56:48 GMT andersk [653] * server/fedora/config/etc/httpd/conf.d/vhosts-vhost-names.conf (deleted) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Convert framewrapper vhosts to real vhosts in LDAP. Mon, 11 Feb 2008 20:10:38 GMT presbrey [649] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) httpd.conf: configure SNI support for *:444 Mon, 11 Feb 2008 19:39:32 GMT presbrey [648] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) httpd.conf: configure SNI support Mon, 11 Feb 2008 18:01:37 GMT quentin [646] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Send to host-specific instance, and send for both root and logview Mon, 11 Feb 2008 06:28:47 GMT quentin [645] * server/fedora/config/etc/syslog-ng (added) * server/fedora/config/etc/syslog-ng/d_zroot.pl (added) * server/fedora/config/etc/syslog-ng/syslog-ng.conf (added) syslog-ng configuration for zephyring when root logs in Mon, 11 Feb 2008 06:27:55 GMT quentin [644] * server/fedora/config/etc/php.d/scripts.ini (modified) Remove overrides of session.save_path and include_path (old ... Mon, 11 Feb 2008 06:22:08 GMT quentin [643] * server/fedora/config/etc/sudoers (modified) Commit outstanding change allowing ldap backups Sun, 10 Feb 2008 14:54:11 GMT andersk [642] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Only check .htaccess files inside web_scripts, thus eliminating a ... Fri, 08 Feb 2008 01:21:07 GMT andersk [635] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Enable mod_expires. Sat, 02 Feb 2008 11:29:54 GMT quentin [624] * server/fedora/config/etc/munin/munin-node.conf (modified) Allow monitoring by syn.mit.edu Sat, 02 Feb 2008 11:24:23 GMT quentin [623] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) Move the heartbeat script to /__scripts/heartbeat so we can serve it ... Sun, 13 Jan 2008 19:54:56 GMT quentin [607] * server/fedora/config/etc/ntp.conf (modified) Add a second NTP server, for good measure. Fri, 11 Jan 2008 00:04:36 GMT andersk [605] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) blah blah APACHE HAS NO GODDAMN ABSTRACTION BARRIERS blah blah blah. Thu, 10 Jan 2008 22:57:59 GMT andersk [604] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) Prevent vhost access controls from applying to /__scripts. Thu, 10 Jan 2008 22:46:59 GMT andersk [603] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (added) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Modularize the redirect-to-certs kludge so that users just need to ... Thu, 10 Jan 2008 02:04:03 GMT andersk [602] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) /icons -> /__scripts/icons to avoid shadowing vhost namespace. Tue, 08 Jan 2008 02:47:15 GMT quentin [584] * lvs/debian/config/etc/ha.d/ldirectord.cf (modified) * lvs/debian/config/etc/network/if-up.d/iptables (modified) * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:3 (added) Support hacks.mit.edu Mon, 07 Jan 2008 07:14:28 GMT geofft [583] * server/fedora/config/etc/postfix/virtual (modified) oops, webmaster@szs is a special case Sat, 05 Jan 2008 02:59:44 GMT geofft [566] * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:2 (added) webzephyr IP address Thu, 03 Jan 2008 07:24:12 GMT geofft [556] * server/fedora/config/etc/postfix/main.cf (modified) * server/fedora/config/etc/postfix/virtual (added) Postfix changes for webzephyr Tue, 01 Jan 2008 21:15:49 GMT geofft [548] * server/fedora/config/etc/aliases (modified) i can has root@scripts? Thu, 29 Nov 2007 05:02:51 GMT andersk [520] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Enable mod_negotiation. Thu, 08 Nov 2007 04:31:32 GMT andersk [512] * server/fedora/config/etc/ldap.conf (modified) Use ldapi:// url. Tue, 06 Nov 2007 05:49:53 GMT andersk [511] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Re-enable sendfile now that it works. Mon, 05 Nov 2007 22:08:08 GMT andersk [509] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Apparently sendfile() breaks with kernel 2.6.23 and openafs 1.4.5. Mon, 22 Oct 2007 22:01:26 GMT quentin [503] * server/fedora/config/etc/munin/plugin-conf.d/hddtemp_smartctl (added) * server/fedora/config/etc/munin/plugin-conf.d/munin-node (added) Add smart monitoring to munin Thu, 18 Oct 2007 02:38:31 GMT andersk [500] * server/fedora/config/etc/httpd/conf.d/scripts-vhost-names.conf (modified) Add b-m and o-f aliases. Tue, 16 Oct 2007 04:01:31 GMT andersk [493] * server/fedora/config/etc/httpd/conf.d/scripts-vhost-names.conf (modified) Make 127.0.0.1 work, for Munin monitoring. Mon, 15 Oct 2007 13:38:21 GMT andersk [487] * server/fedora/config/etc/sudoers (modified) Not used anymore. Mon, 15 Oct 2007 13:36:18 GMT andersk [486] * server/fedora/config/etc/openafs/SuidCells (modified) * server/fedora/config/etc/sysconfig/network (deleted) Oops, clean up a few things from r484. Mon, 15 Oct 2007 11:37:01 GMT andersk [484] * server/fedora/config/etc/ha.d/ha.cf (modified) * server/fedora/config/etc/ha.d/haresources (modified) * server/fedora/config/etc/ldap.conf (added) * server/fedora/config/etc/openafs/SuidCells (modified) * server/fedora/config/etc/postfix/main.cf (modified) * server/fedora/config/etc/sysconfig/iptables (modified) * server/fedora/config/etc/sysconfig/network (modified) * server/fedora/config/etc/sysconfig/openafs (modified) * server/fedora/config/etc/yum.conf (modified) /etc/ldap.conf. Mon, 15 Oct 2007 11:34:35 GMT andersk [482] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) ou=vhosts -> ou=VirtualHosts. Mon, 15 Oct 2007 09:27:38 GMT geofft [478] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) more ldap chocolatey goodness Mon, 15 Oct 2007 00:05:54 GMT andersk [477] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Don't IndexIgnore HEADER* README*. Sun, 14 Oct 2007 08:32:34 GMT andersk [471] * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:0 (moved) * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:1 (moved) ifcfg-lo_0 -> ifcfg-lo:0 so it comes up on boot. Fri, 12 Oct 2007 07:04:50 GMT geofft [455] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (added) prelim ldap stuff Fri, 12 Oct 2007 07:04:26 GMT geofft [454] * server/fedora/config/etc/httpd/conf.d/scripts-vhost.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) prelim ldap stuff Tue, 25 Sep 2007 04:46:40 GMT andersk [426] * server/fedora/config/etc/aliases (modified) Add more users to aliases. Tue, 25 Sep 2007 03:25:08 GMT andersk [425] * server/fedora/config/etc/selinux/strict/contexts/users/root (modified) Not sure what this is, but it's on both servers. Tue, 25 Sep 2007 03:24:07 GMT andersk [424] * server/fedora/config/etc/krb.conf (modified) * server/fedora/config/etc/krb.realms (modified) * server/fedora/config/etc/krb5.conf (modified) Kerberos config from o-f. Tue, 25 Sep 2007 03:12:05 GMT quentin [423] * server/fedora/config/etc/issue.net.no_tkt (added) * server/fedora/config/etc/issue.net.no_user (added) * server/fedora/config/etc/pam.d/sshd (added) * server/fedora/config/etc/ssh/sshd_config (modified) Tell users when they don't have tickets or don't exist Tue, 25 Sep 2007 02:41:12 GMT quentin [422] * server/fedora/config/etc/aliases (modified) Update root mail recipients Tue, 25 Sep 2007 02:40:25 GMT quentin [421] * server/fedora/config/etc/sysctl.conf (modified) Enabling magic sysrq Tue, 25 Sep 2007 02:30:40 GMT quentin [420] * server/fedora/config/etc/php.d/scripts.ini (modified) Removing arbitrary limits (to sync repository to actual state) Tue, 25 Sep 2007 02:27:06 GMT quentin [419] * server/fedora/config/etc/hosts (modified) Committing live hosts file (was same on both servers) Tue, 25 Sep 2007 01:53:42 GMT quentin [418] * server/fedora/config/etc/sysconfig/openafs (modified) Committing unknown change (rpm upgrade?); it's true on both servers. Tue, 25 Sep 2007 01:37:54 GMT quentin [417] * server/fedora/config/etc/httpd/conf.d/scripts-vhost.conf (modified) Enable munin apache graphing by turning on server-status Tue, 25 Sep 2007 01:26:35 GMT quentin [416] * server/fedora/config/etc/munin (added) * server/fedora/config/etc/munin/apache-htpasswd (added) * server/fedora/config/etc/munin/munin-node.conf (added) * server/fedora/config/etc/munin/plugin-conf.d (added) * server/fedora/config/etc/munin/plugin-conf.d/apache_accesses (added) * server/fedora/config/etc/munin/plugin-conf.d/apache_processes (added) * server/fedora/config/etc/munin/plugin-conf.d/apache_volume (added) * server/fedora/config/etc/munin/plugins (added) * server/fedora/config/etc/munin/plugins/apache_accesses (added) * server/fedora/config/etc/munin/plugins/apache_processes (added) * server/fedora/config/etc/munin/plugins/apache_volume (added) Added munin configuration for monitoring apache