source: server/fedora/config

Revision Log Mode:


Legend:

Added
Modified
Copied or renamed
Diff Rev Age Author Log Message
(edit) @891   15 years quentin Add reuter to blocked mail accounts list, and prevent outbound mail
(edit) @890   15 years geofft I think this works better
(edit) @889   15 years quentin Fix geofft's typo
(edit) @888   15 years geofft Display failed root logins from off campus only at 10+10k attempts.
(edit) @887   15 years quentin Ignore non-fatal authentication failures
(edit) @886   15 years geofft sipb.mit.edu certificate
(edit) @885   15 years geofft and the vhosts they rode in on
(edit) @884   15 years geofft More noms.
(edit) @883   15 years geofft Re r882, make the resulting log zephyr public. (Thanks to price for ...
(edit) @879   15 years quentin Update nscd configuration to cache smarter
(edit) @878   15 years quentin Enable sshd verbose mode, so we can identify the public key used for login
(edit) @877   15 years quentin Provide commented-out non-nss_nonlocal region in nsswitch
(edit) @876   15 years quentin Uncommitted changes on b-k
(edit) @872   15 years geofft forgot to fix SSLVerifyclient on familynet
(edit) @870   15 years geofft yay SSL vhosts yay
(edit) @869   15 years geofft SSLVerifyClient optional on port 444. Oops. ^_^;;
(edit) @868   15 years quentin Ignore all partitions mounted under /mnt
(edit) @867   15 years quentin Update postfix configuration for version 2.5.1
(edit) @866   15 years quentin Use scripts yum repository (yay!)
(edit) @865   15 years quentin Use sudo to monitor hardware sensors for munin
(edit) @864   15 years quentin Ignore f7root partitions when checking disk space
(edit) @857   15 years quentin User is named scripts-build...
(edit) @856   15 years quentin Add .rpmmacros file for configuring the rpmbuild user
(edit) @854   15 years geofft Add a script to convert LDAP vhosts into <VirtualHost> blocks, so it's ...
(edit) @853   15 years andersk Put the children out of their misery.
(edit) @847   15 years andersk Run munin as an unprivileged user with sudo for root access when necessary
(edit) @845   15 years andersk Use the local LDAP server (as is already the case on both servers).
(edit) @842   16 years andersk Run php directly from suexec, so php scripts don’t need to be executable.
(edit) @841   16 years geofft [help.mit.edu #694790]
(edit) @831   16 years andersk MaxRequestsPerChild < Ridiculous
(edit) @829   16 years geofft Debathena's reasoning seems sound enough. Add fuse_allow_other, which ...
(edit) @822   16 years geofft OM NOM NOM NOM CERTIFICATES
(edit) @821   16 years geofft I'm stupid.
(edit) @820   16 years geofft Add server certS for random-hall.mit.edu and mitsoc.mit.edu
(edit) @817   16 years geofft Added code to zephyr on OOM kills. Also commented out a change by ...
(edit) @814   16 years geofft As Anders would say...
(edit) @813   16 years geofft This looks useful too
(edit) @811   16 years quentin Add localhost to the list of scripts names
(edit) @808   16 years geofft Probably a useful file to have.
(edit) @807   16 years quentin Add routes for sql via eth1
(edit) @804   16 years andersk We don't actually have a deb.gif.
(edit) @802   16 years andersk Allow a directory index of /__scripts/icons.
(edit) @801   16 years geofft /etc: Add pki/tls/certs/*.pem to the repository.
(edit) @799   16 years geofft Uncommitted changes from o-f: reboot on kernel panic (do we actually ...
(edit) @794   16 years quentin Update sudoers based on F9 template
(edit) @792   16 years quentin We don't share /tmp (eeew)
(edit) @791   16 years quentin Add bees-knees and cats-whiskers to /etc/hosts
(edit) @790   16 years geofft Oops, missed scripts-test's IP.
(edit) @789   16 years geofft Update names for scripts[1-4]
(edit) @787   16 years geofft Fix some stuff about our iptables rules, including: - Remove ACCEPT ...
(edit) @784   16 years quentin Use explicit recipients for non-root log messages
(edit) @783   16 years geofft Make d_zroot.pl zephyr people in the .k5login in personals
(edit) @781   16 years quentin munin needs to start as root so it can setuid to run the script; it ...
(edit) @780   16 years geofft Munin should not run as root. Remove munin's htpasswd file, since it's ...
(edit) @779   16 years geofft mod_status is a serious privacy violation.
(edit) @778   16 years geofft This list is a little better
(edit) @777   16 years geofft Add more sysnames to differentiate between OS releases, and add the ...
(edit) @775   16 years geofft Version nscd.conf, and reduce the negative TTL to 5 seconds to solve ...
(edit) @770   16 years quentin Stop more spew; parse ssh keys and identify the used key when ...
(edit) @768   16 years geofft Commented out scripts-spew. It is inappropriate to send syslogs about ...
(edit) @761   16 years presbrey gem replication install script
(edit) @759   16 years quentin Tweak httpd settings
(edit) @758   16 years quentin Avoid spew in cases of serious error
(edit) @757   16 years quentin Add AFS monitoring to Nagios
(edit) @755   16 years andersk Oops, missed a spot.
(edit) @754   16 years andersk Use the scripts private key for *.scripts as well (the previous ...
(edit) @751   16 years andersk Configure nsswitch.conf to use nss_nonlocal.
(edit) @749   16 years andersk Nope. Don't care.
(edit) @740   16 years andersk Update SSL configuration directives from Fedora's ssl.conf. Notably, ...
(edit) @739   16 years andersk spew--
(edit) @738   16 years andersk SHUT. THE. FUCK. UP.
(edit) @734   16 years andersk Turn on KeepAlive for SSL and increase timeouts, to avoid pathological ...
(edit) @715   16 years quentin Allow syn to access nrpe through iptables
(edit) @712   16 years quentin Allow syn to monitor scripts
(edit) @708   16 years geofft Add rebecca to sudoers.
(edit) @707   16 years andersk This sucker has had it coming for a long time.
(edit) @690   16 years quentin Ignore more syslog messages
(edit) @687   16 years andersk We might as well present the *.scripts.mit.edu certificate for ...
(edit) @682   16 years andersk Revert r681; this doesn't actually work.
(edit) @681   16 years andersk Drop to nobody in case of a terrible mod_vhost_ldap disaster.
(edit) @677   16 years andersk Remove hacks-old.
(edit) @671   16 years quentin Remove broken configuration for deprecated mime_magic module, as we ...
(edit) @669   16 years geofft disable X11 forwarding; allow forwarding $EDITOR and $VISUAL because ...
(edit) @668   16 years quentin Ignore more meaningless sshd logs
(edit) @667   16 years quentin Don't log logins from non-root users
(edit) @666   16 years quentin Change syslog zephyring to coalesce messages
(edit) @665   16 years quentin Make Zephyrs more useful and move to -c scripts-auto
(edit) @664   16 years andersk -c scripts -> -c scripts-auto.
(edit) @662   16 years quentin Save log and pid in the right places
(edit) @661   16 years quentin Run whoisd on startup
(edit) @657   16 years quentin Run if_ plugin as root so it can determine the interface speed
(edit) @656   16 years andersk And finally the vhosts directory is unused.
(edit) @653   16 years andersk Convert framewrapper vhosts to real vhosts in LDAP.
(edit) @649   16 years presbrey httpd.conf: configure SNI support for *:444
(edit) @648   16 years presbrey httpd.conf: configure SNI support
(edit) @646   16 years quentin Send to host-specific instance, and send for both root and logview
(edit) @645   16 years quentin syslog-ng configuration for zephyring when root logs in
(edit) @644   16 years quentin Remove overrides of session.save_path and include_path (old ...
(edit) @643   16 years quentin Commit outstanding change allowing ldap backups
(edit) @642   16 years andersk Only check .htaccess files inside web_scripts, thus eliminating a past ...
Note: See TracRevisionLog for help on using the revision log.