Nov 8, 2009:

6:09 PM Changeset [1352] by geofft
SSL certificate renewals
3:59 PM Changeset [1351] by geofft
Punt textbooks.mit.edu's config because it is no longer on scripts
3:40 PM Changeset [1350] by geofft
Use a more accurate OU in certificates
12:16 PM Changeset [1349] by geofft
Fix documentation
11:31 AM Ticket #72 (https prompts for certificates way too often) closed by mitchb
fixed: Lo and behold, it fixes the problem! A new version of the patch in …
11:02 AM Changeset [1348] by mitchb
Prompt for certs once, not five bajillion times (fix SSL session caching) Clients that support both the SNI extension and the TLS Session Tickets extension have problems that, among other things, result in many of our cert-protected sites requesting the user's certs an inordinate number of times. This will supposedly be fixed in later versions of openssl, but in the meantime, this applies the patch proposed here: http://mail-archives.apache.org/mod_mbox/httpd-dev/200911.mbox/ajax/%3c4AF58A80.5080101@velox.ch%3e with the following modifications: o Remove the documentation chunk of the patch (it applies to the source XML file which isn't part of the distribution tarball) o Expand the macro SSL_CTX_set_tlsext_ticket_keys in two places to work around the typo in our version of openssl corrected by this upstream commit: http://marc.info/?l=openssl-cvs&m=124638969912935&w=2
5:23 AM Changeset [1347] by geofft
admof: Add a -noauth flag.

Nov 1, 2009:

11:13 PM Changeset [1346] by ezyang
Add the ability to pass custom flags to wizard install.
10:22 PM Changeset [1345] by ezyang
Make scriptsdev work with scripts-ssh.
10:10 PM Changeset [1344] by ezyang
Step two of using Wizard for new MediaWiki autoinstalls.
10:06 PM Changeset [1343] by ezyang
Step one of using Wizard for new MediaWiki autoinstalls.

Oct 24, 2009:

12:45 PM Changeset [1342] by mitchb
Improvements to check_ldap_mmr plugin o Don't put a newline after each replica's output; the Nagios status page only captures the first line, so run them all together on one line. o Don't return immediately upon finding an error; continue to check the other replicas and print status info about them. o If any replicas have issues, upgrade the return from "ERROR" (which is "UNKNOWN" and doesn't cause an alert) to "WARNING" (a replication failure is usually not a problem on the server running the plugin, so it's probably not a CRITICAL issue for that machine).

Oct 19, 2009:

7:52 PM Changeset [1341] by ezyang
Disable vhost logging.

Oct 15, 2009:

12:58 AM Changeset [1340] by mitchb
Revert r1329 - stop scriptsifying activesupport and actionpack gems We've convinced Fedora to revert to version 2.3.2 and apply the patch for CVE-2009-3009 there, allowing existing Rails apps to continue working in F11 with the upstream packages.

Oct 14, 2009:

10:40 AM Changeset [1339] by mitchb
Revert r1328 - accept Rails-related updates from Fedora again

Oct 13, 2009:

1:19 AM Changeset [1338] by geofft
execsys: Have binfmt_misc detect executable PHP scripts via magic, not extension. For PHP scripts run over the web, suexec runs php explicitly (and regardless of the .php file's executable bit), so this change isn't relevant. A recent kernel change reordered the binfmt_script and binfmt_misc priority; this allows executable PHP scripts that begin with <?php to continue being run via binfmt_misc, but those that begin with #! to use the interpreter they specify. PHP scripts that don't begin with <?php are assumed to be web pages, not scripts you'd explicitly exec. This is a slightly smaller hammer than removing the binfmt_misc line for PHP entirely, but really, you should be using a #! line if you intend to be able to exec your PHP script.
1:11 AM Changeset [1337] by geofft
execsys: Stop automatically generating the binfmt_misc configuration. While we're there, kill an autoconf macro that was never used.
Note: See TracTimeline for information about the timeline view.