|
|
@888
|
16 years |
geofft |
Display failed root logins from off campus only at 10+10k attempts.
|
|
|
@887
|
16 years |
quentin |
Ignore non-fatal authentication failures
|
|
|
@886
|
16 years |
geofft |
sipb.mit.edu certificate
|
|
|
@885
|
16 years |
geofft |
and the vhosts they rode in on
|
|
|
@884
|
16 years |
geofft |
More noms.
|
|
|
@883
|
16 years |
geofft |
Re r882, make the resulting log zephyr public. (Thanks to price for ...
|
|
|
@879
|
16 years |
quentin |
Update nscd configuration to cache smarter
|
|
|
@878
|
16 years |
quentin |
Enable sshd verbose mode, so we can identify the public key used for login
|
|
|
@877
|
16 years |
quentin |
Provide commented-out non-nss_nonlocal region in nsswitch
|
|
|
@876
|
16 years |
quentin |
Uncommitted changes on b-k
|
|
|
@872
|
16 years |
geofft |
forgot to fix SSLVerifyclient on familynet
|
|
|
@870
|
16 years |
geofft |
yay SSL vhosts yay
|
|
|
@869
|
16 years |
geofft |
SSLVerifyClient optional on port 444. Oops. ^_^;;
|
|
|
@868
|
16 years |
quentin |
Ignore all partitions mounted under /mnt
|
|
|
@867
|
16 years |
quentin |
Update postfix configuration for version 2.5.1
|
|
|
@866
|
16 years |
quentin |
Use scripts yum repository (yay!)
|
|
|
@865
|
16 years |
quentin |
Use sudo to monitor hardware sensors for munin
|
|
|
@864
|
16 years |
quentin |
Ignore f7root partitions when checking disk space
|
|
|
@857
|
16 years |
quentin |
User is named scripts-build...
|
|
|
@856
|
16 years |
quentin |
Add .rpmmacros file for configuring the rpmbuild user
|
|
|
@854
|
16 years |
geofft |
Add a script to convert LDAP vhosts into <VirtualHost> blocks,
so it's ...
|
|
|
@853
|
16 years |
andersk |
Put the children out of their misery.
|
|
|
@847
|
16 years |
andersk |
Run munin as an unprivileged user with sudo for root access when necessary
|
|
|
@845
|
16 years |
andersk |
Use the local LDAP server (as is already the case on both servers).
|
|
|
@842
|
16 years |
andersk |
Run php directly from suexec, so php scripts don’t need to be executable.
|
|
|
@841
|
16 years |
geofft |
[help.mit.edu #694790]
|
|
|
@831
|
16 years |
andersk |
MaxRequestsPerChild < Ridiculous
|
|
|
@829
|
16 years |
geofft |
Debathena's reasoning seems sound enough. Add fuse_allow_other, which ...
|
|
|
@822
|
16 years |
geofft |
OM NOM NOM NOM CERTIFICATES
|
|
|
@821
|
16 years |
geofft |
I'm stupid.
|
|
|
@820
|
16 years |
geofft |
Add server certS for random-hall.mit.edu and mitsoc.mit.edu
|
|
|
@817
|
16 years |
geofft |
Added code to zephyr on OOM kills.
Also commented out a change by ...
|
|
|
@814
|
16 years |
geofft |
As Anders would say...
|
|
|
@813
|
16 years |
geofft |
This looks useful too
|
|
|
@811
|
16 years |
quentin |
Add localhost to the list of scripts names
|
|
|
@808
|
16 years |
geofft |
Probably a useful file to have.
|
|
|
@807
|
16 years |
quentin |
Add routes for sql via eth1
|
|
|
@804
|
16 years |
andersk |
We don't actually have a deb.gif.
|
|
|
@802
|
16 years |
andersk |
Allow a directory index of /__scripts/icons.
|
|
|
@801
|
16 years |
geofft |
/etc: Add pki/tls/certs/*.pem to the repository.
|
|
|
@799
|
16 years |
geofft |
Uncommitted changes from o-f: reboot on kernel panic (do we actually ...
|
|
|
@794
|
16 years |
quentin |
Update sudoers based on F9 template
|
|
|
@792
|
16 years |
quentin |
We don't share /tmp (eeew)
|
|
|
@791
|
16 years |
quentin |
Add bees-knees and cats-whiskers to /etc/hosts
|
|
|
@790
|
16 years |
geofft |
Oops, missed scripts-test's IP.
|
|
|
@789
|
16 years |
geofft |
Update names for scripts[1-4]
|
|
|
@787
|
16 years |
geofft |
Fix some stuff about our iptables rules, including:
- Remove ACCEPT ...
|
|
|
@784
|
16 years |
quentin |
Use explicit recipients for non-root log messages
|
|
|
@783
|
16 years |
geofft |
Make d_zroot.pl zephyr people in the .k5login in personals
|
|
|
@781
|
16 years |
quentin |
munin needs to start as root so it can setuid to run the script; it ...
|
|
|
@780
|
16 years |
geofft |
Munin should not run as root.
Remove munin's htpasswd file, since it's ...
|
|
|
@779
|
16 years |
geofft |
mod_status is a serious privacy violation.
|
|
|
@778
|
16 years |
geofft |
This list is a little better
|
|
|
@777
|
16 years |
geofft |
Add more sysnames to differentiate between OS releases, and add the ...
|
|
|
@775
|
16 years |
geofft |
Version nscd.conf, and reduce the negative TTL to 5 seconds to solve ...
|
|
|
@770
|
16 years |
quentin |
Stop more spew; parse ssh keys and identify the used key when ...
|
|
|
@768
|
16 years |
geofft |
Commented out scripts-spew. It is inappropriate to send syslogs about ...
|
|
|
@761
|
16 years |
presbrey |
gem replication install script
|
|
|
@759
|
16 years |
quentin |
Tweak httpd settings
|
|
|
@758
|
16 years |
quentin |
Avoid spew in cases of serious error
|
|
|
@757
|
16 years |
quentin |
Add AFS monitoring to Nagios
|
|
|
@755
|
16 years |
andersk |
Oops, missed a spot.
|
|
|
@754
|
16 years |
andersk |
Use the scripts private key for *.scripts as well (the previous ...
|
|
|
@751
|
16 years |
andersk |
Configure nsswitch.conf to use nss_nonlocal.
|
|
|
@749
|
16 years |
andersk |
Nope. Don't care.
|
|
|
@740
|
16 years |
andersk |
Update SSL configuration directives from Fedora's ssl.conf. Notably, ...
|
|
|
@739
|
16 years |
andersk |
spew--
|
|
|
@738
|
16 years |
andersk |
SHUT. THE. FUCK. UP.
|
|
|
@734
|
16 years |
andersk |
Turn on KeepAlive for SSL and increase timeouts, to avoid pathological ...
|
|
|
@715
|
17 years |
quentin |
Allow syn to access nrpe through iptables
|
|
|
@712
|
17 years |
quentin |
Allow syn to monitor scripts
|
|
|
@708
|
17 years |
geofft |
Add rebecca to sudoers.
|
|
|
@707
|
17 years |
andersk |
This sucker has had it coming for a long time.
|
|
|
@690
|
17 years |
quentin |
Ignore more syslog messages
|
|
|
@687
|
17 years |
andersk |
We might as well present the *.scripts.mit.edu certificate for ...
|
|
|
@682
|
17 years |
andersk |
Revert r681; this doesn't actually work.
|
|
|
@681
|
17 years |
andersk |
Drop to nobody in case of a terrible mod_vhost_ldap disaster.
|
|
|
@677
|
17 years |
andersk |
Remove hacks-old.
|
|
|
@671
|
17 years |
quentin |
Remove broken configuration for deprecated mime_magic module, as we ...
|
|
|
@669
|
17 years |
geofft |
disable X11 forwarding; allow forwarding $EDITOR and $VISUAL because ...
|
|
|
@668
|
17 years |
quentin |
Ignore more meaningless sshd logs
|
|
|
@667
|
17 years |
quentin |
Don't log logins from non-root users
|
|
|
@666
|
17 years |
quentin |
Change syslog zephyring to coalesce messages
|
|
|
@665
|
17 years |
quentin |
Make Zephyrs more useful and move to -c scripts-auto
|
|
|
@664
|
17 years |
andersk |
-c scripts -> -c scripts-auto.
|
|
|
@662
|
17 years |
quentin |
Save log and pid in the right places
|
|
|
@661
|
17 years |
quentin |
Run whoisd on startup
|
|
|
@657
|
17 years |
quentin |
Run if_ plugin as root so it can determine the interface speed
|
|
|
@656
|
17 years |
andersk |
And finally the vhosts directory is unused.
|
|
|
@653
|
17 years |
andersk |
Convert framewrapper vhosts to real vhosts in LDAP.
|
|
|
@649
|
17 years |
presbrey |
httpd.conf: configure SNI support for *:444
|
|
|
@648
|
17 years |
presbrey |
httpd.conf: configure SNI support
|
|
|
@646
|
17 years |
quentin |
Send to host-specific instance, and send for both root and logview
|
|
|
@645
|
17 years |
quentin |
syslog-ng configuration for zephyring when root logs in
|
|
|
@644
|
17 years |
quentin |
Remove overrides of session.save_path and include_path (old ...
|
|
|
@643
|
17 years |
quentin |
Commit outstanding change allowing ldap backups
|
|
|
@642
|
17 years |
andersk |
Only check .htaccess files inside web_scripts, thus eliminating a past ...
|
|
|
@635
|
17 years |
andersk |
Enable mod_expires.
|
|
|
@624
|
17 years |
quentin |
Allow monitoring by syn.mit.edu
|
|
|
@623
|
17 years |
quentin |
Move the heartbeat script to /__scripts/heartbeat so we can serve it ...
|
|
|