Mar 10, 2008:

10:44 PM Ticket #61 (get certs signed by a real CA) created by price
It's poor that users outside MIT or who otherwise haven't installed …

Mar 8, 2008:

7:36 PM Changeset [691] by geofft
Per RT #583975, warning about the SQL password being copied
2:07 AM Changeset [690] by quentin
Ignore more syslog messages

Mar 7, 2008:

9:12 PM Changeset [689] by andersk
Better detection in gfind that works on Macs.
7:21 PM Changeset [688] by andersk
Use built-in ldap_bv2escaped_filter_value instead of a custom escaping function.
12:20 PM Changeset [687] by andersk
We might as well present the *.scripts.mit.edu certificate for *.scripts too.
12:01 PM Changeset [686] by andersk
tabs -> spaces.
11:50 AM Changeset [685] by andersk
Fix a stupid mod_ldap caching bug.
11:49 AM Changeset [684] by andersk
Make the packaged suexec work.
11:48 AM Changeset [683] by andersk
Add SNI support to the httpd package.
10:40 AM Changeset [682] by andersk
Revert r681; this doesn't actually work.
10:28 AM Changeset [681] by andersk
Drop to nobody in case of a terrible mod_vhost_ldap disaster.
6:16 AM Changeset [680] by andersk
Simplify construction of wildcard hostnames.
5:07 AM Changeset [679] by andersk
Skip to the fallback vhost for hostname == NULL.

Mar 6, 2008:

2:53 PM Changeset [678] by quentin
Bump scripts' load warning levels
3:09 AM Changeset [677] by andersk
Remove hacks-old.
3:09 AM Changeset [676] by quentin
Remove hacks-old from ldirectord config

Mar 5, 2008:

7:56 PM Changeset [675] by geofft
Also check wildcard entries before falling back on the default.
7:51 PM Changeset [674] by geofft
This one's better, e.g., it works.
7:15 PM Changeset [673] by geofft
Right, when you're copying things you use two variables, not one.
7:08 PM Changeset [672] by geofft
Escape the hostname before inserting it in an LDAP query.

Mar 2, 2008:

11:18 PM Ticket #60 (Apache handlers for PHP and static content) created by andersk
We currently launch PHP and static-cat directly from suexec. We …
4:57 PM Ticket #59 (web_scripts_tmp is a stupid name (and a poor concept in general)) created by andersk
I really don’t like how scripts decided to litter its users’ home …

Feb 27, 2008:

11:58 PM Ticket #28 (Nagios should check for nearly-expired certificates) closed by quentin
fixed: I configured this for scripts and scripts-cert, and presbrey patched …
11:55 PM Changeset [671] by quentin
Remove broken configuration for deprecated mime_magic module, as we don't even use it.
11:27 PM Ticket #26 (upgrade PCRE, if it's old enough to be vulnerable) closed by quentin
fixed: Ran the command "yum --enablerepo=updates-testing update pcre" to …
2:06 AM Changeset [670] by presbrey
SNI certificate stuff; someone else's LVS stuff

Feb 26, 2008:

5:59 PM Changeset [669] by geofft
disable X11 forwarding; allow forwarding $EDITOR and $VISUAL because emacs annoys me
1:56 AM Changeset [668] by quentin
Ignore more meaningless sshd logs

Feb 25, 2008:

11:42 PM Changeset [667] by quentin
Don't log logins from non-root users
11:29 PM Changeset [666] by quentin
Change syslog zephyring to coalesce messages
4:26 PM Changeset [665] by quentin
Make Zephyrs more useful and move to -c scripts-auto
4:19 PM Changeset [664] by andersk
-c scripts -> -c scripts-auto.
4:22 AM Ticket #58 (signup-sql doesn't attach locker, or check validity) closed by geofft
3:14 AM Changeset [663] by geofft
Make signup-sql attach a locker before using it (per price, Trac #58)
3:04 AM Ticket #58 (signup-sql doesn't attach locker, or check validity) created by price
Below is signup-sql failing on a locker because it's not attached. …

Feb 22, 2008:

9:20 PM Ticket #57 (Autoinstallers should read sql configuration from common files) created by andersk
The autoinstallers should be modified to read the SQL username and …

Feb 17, 2008:

4:54 PM Ticket #56 (Disable global SSLUserName kludge) created by andersk
SSLUserName is an evil kludge in our global configuration that …
4:25 PM Changeset [662] by quentin
Save log and pid in the right places
4:21 PM Changeset [661] by quentin
Run whoisd on startup
3:48 PM Ticket #48 (SNI, giving certificates on *.scripts.mit.edu for FF 2 and IE 7) closed by price
fixed: This works for FF 2 and IE 7. This is probably the only solution we …
3:47 PM Ticket #55 (certificates on *.scripts.mit.edu as a separate IP address) created by price
(Split out from #48.) Currently lockername.scripts.mit.edu gives a …

Feb 16, 2008:

6:11 PM Changeset [660] by geofft
mkdir -p, to avoid errors if it's already there revert removal of 2>/dev/null from sshrun to suppress banner
5:35 PM Changeset [659] by broder
Don't blow errors to /dev/null

Feb 15, 2008:

10:25 PM Ticket #54 (Trac autoinstaller) created by price
Plenty of people use Trac -- and we can hardly deny their desire to do …
9:55 PM Ticket #53 (upgrade Gallery installer) created by price
We have an installer for Gallery 2.0. Gallery 2.1 and 2.2 now exist. …
3:25 PM Changeset [658] by andersk
Unbreak for sun machines.

Feb 14, 2008:

8:21 PM Ticket #35 (sql web interface should make the lockername+ prefix more obvious) closed by price
fixed: Fixed by presbrey. It's in SVN now.

Feb 12, 2008:

3:57 PM Ticket #52 (support per-vhost certs in mod_vhost_ldap) created by quentin
Per help.mit.edu 569297, we should support per-vhost certificates by …
1:11 PM Changeset [657] by quentin
Run if_ plugin as root so it can determine the interface speed
12:28 AM Changeset [656] by andersk
And finally the vhosts directory is unused.
12:25 AM Changeset [655] by andersk
Remove unused framewrapper vhost server.
12:23 AM Changeset [654] by andersk
Remove old framewrapper vhost settings.

Feb 11, 2008:

11:56 PM Changeset [653] by andersk
Convert framewrapper vhosts to real vhosts in LDAP.
10:26 PM Changeset [652] by andersk
Add default syslog-ng configuration.
6:04 PM Ticket #51 (old-faithful loses backend connection sql on reboot) created by andersk
After a reboot, old-faithful cannot connect to sql. This is fixed by …
6:03 PM Ticket #50 (Install automatic cron failover) created by andersk
We need to deploy an automatic cron failover system, potentially based …
4:51 PM Changeset [651] by andersk
Move sipb-tor to LDAP also, since the error log problem seems to have gone away.
4:04 PM Changeset [650] by andersk
We don't actually have any wildcard records pointing to us, so move these to LDAP also.
3:10 PM Changeset [649] by presbrey
httpd.conf: configure SNI support for *:444
2:39 PM Changeset [648] by presbrey
httpd.conf: configure SNI support
2:39 PM Changeset [647] by andersk
Move eastgate to LDAP.
1:01 PM Changeset [646] by quentin
Send to host-specific instance, and send for both root and logview
1:28 AM Changeset [645] by quentin
syslog-ng configuration for zephyring when root logs in
1:27 AM Changeset [644] by quentin
Remove overrides of session.save_path and include_path (old uncommitted change)
1:22 AM Changeset [643] by quentin
Commit outstanding change allowing ldap backups

Feb 10, 2008:

9:55 AM Ticket #32 (check for .htaccess files only inside ~/web_scripts) closed by andersk
9:54 AM Changeset [642] by andersk
Only check .htaccess files inside web_scripts, thus eliminating a past source of user confusion, and speeding up responses by about 1ms.
Note: See TracTimeline for information about the timeline view.