Timeline


and

Apr 16, 2010:

5:40 AM Changeset [1540] by mitchb
Two's company and three's a crowd, but have an orgy if you must Apache 2.2.15 includes support for RFC 5746, which specifies the TLS Renegotiation Indication Extension and fixes the protocol flaw that allows CVE-2009-3555. Unfortunately, secure renegotiations require support in both the server and the client, and so it will take some time until most webservers and most browsers have been upgraded to support this extension. While we want to support and enforce secure renegotiation for clients that are capable of it, and we want to encourage everyone to upgrade ASAP, refusing to renegotiate with clients that haven't yet gotten support would most likely break many sites for many users. This setting should be temporary, but it's not yet clear how long we may have to wait.
5:21 AM Changeset [1539] by mitchb
Upgrade to Apache 2.2.15 Also drop the CVE-2010-0434 patch which is now incorporated upstream.

Apr 11, 2010:

9:49 AM Changeset [1538] by mitchb
Renewed certificate for bc.mit.edu
6:38 AM Changeset [1537] by mitchb
Upstream krb5 update

Apr 10, 2010:

10:50 PM Ticket #127 (zephyr discussion of tickets should get cross-posted to RT) created by adehnert
Generally speaking, when I look at a ticket that's been around a …
9:16 PM Changeset [1536] by ezyang
Certificate and Apache config for quickprint.

Apr 8, 2010:

3:41 AM Changeset [1535] by mitchb
Update moira snapshot

Apr 7, 2010:

5:43 PM Ticket #126 (o hai i hacked ur servers) created by quentin
im a systems administrator and u suck
5:25 PM Ticket #125 (Set up issue tracking for private scripts.mit.edu Trac tickets) created by andersk
Keeping private issues in memory and secret zephyr classes is lossy. …

Apr 1, 2010:

5:57 AM Changeset [1534] by mitchb
Make procmail and cron try harder to actually mail the signup user At present, we try to set up the initial crontab or procmailrc to send mail to the user who signed a locker up for the cron or mail service by stripping off the @REALM from the Kerberos principal. We need to also strip non-null instances off to get the username. (If you're doing signups for lockers using machine or service principals, you ought to be able to fend for yourself.)
5:04 AM Ticket #124 (Update or punt phpical autoinstaller) created by adehnert
Our phpical installer is currently version 2.22, which appears to date …
5:01 AM Changeset [1533] by adehnert
Set a timezone for phpical (Trac: #5)

Mar 31, 2010:

7:26 PM Changeset [1532] by quentin
Add an index on scriptsVhostAccount, so that Pony's query will be happy

Mar 30, 2010:

3:09 AM Changeset [1531] by mitchb
Upstream openssh release bump

Mar 29, 2010:

12:18 AM Changeset [1530] by mitchb
Teach scripts-remove about locker.scripts.mit.edu URLs scripts-start learned about the new-style URLs long ago. Removals of autoinstalls should prompt you to fill in the URL you actually recognize your install as being at (and should attempt to unconfuse you if your install is from the old era). Also don't quit before declaring success if a database was dropped as part of the process. (Merge of r1221:1526 from branches/locker-dev to trunk, from adehnert)

Mar 28, 2010:

11:29 PM Changeset [1529] by mitchb
New certificate for tibetforum.mit.edu
3:58 AM Ticket #114 (better story for importing outside Django sites) closed by adehnert
fixed: I couldn't find the old instructions, so I wrote up a new set at …

Mar 27, 2010:

6:11 PM Changeset [1528] by andersk
trac: Mangle HTTP_REFERER to let the login link keep you on the same page.
6:11 PM Changeset [1527] by andersk
Import trac from production.

Mar 26, 2010:

7:29 AM Changeset [1526] by adehnert
Have a paren
7:17 AM Changeset [1525] by adehnert
Clearer message given some people could predate *.scripts
7:13 AM Changeset [1524] by mitchb
Kill off the $scriptsstar mess... mostly (It looks like onserver_star is still being used by gallery2)
7:11 AM Changeset [1523] by mitchb
Stop referring to the $scriptsstar mess
6:46 AM Changeset [1522] by mitchb
Make it possible to build packages that haven't been committed yet
6:21 AM Changeset [1521] by mitchb
Send cronjob mail to the user who signed up a locker by default Previously, we set up crontabs to send mail to lockername@mit.edu. This was fine when scripts didn't support non-user lockers. It's not necessarily a fine assumption in the case of group lockers that the address is appropriate (or even exists). We could send mail to the scripts user, but that only works if the user is signed up for mail_scripts. Instead, we'll default it to the user who signed the locker up for cron_scripts (the same logic mail_scripts uses for the initial procmailrc) and tell them to change it if it should go elsewhere when they set up their crontab. Also move the crontab template to bin instead of deploy so that it can be under revision control. Finally, correct a whitespace error in the ASCII art (reported by kaduk).
6:07 AM Changeset [1520] by mitchb
Copy initial production crontab to locker-dev branch
4:02 AM Changeset [1519] by mitchb
Upstream update of krb5 packages

Mar 23, 2010:

6:38 AM Ticket #123 (scripts-remove works poorly with non-Athena accounts) created by adehnert
It's unclear that we should care, but scripts-remove handles being …
6:24 AM Ticket #122 (scripts-remove doesn't delete Rails databases) created by adehnert
If you autoinstall a Rails app and then remove it, you'll still be …
6:20 AM Ticket #121 (Uninstalling applications can destroy un-associated user data) created by adehnert
If I have a database with user data that is unassociated with an …
6:14 AM Ticket #120 (autoinstalled scripts should be uninstallable without interacting with ...) created by adehnert
At the moment, if I don't know my sql.mit.edu password, I can't …
6:06 AM Ticket #86 (Running multiple autoinstalled instances of Trac causes them all to ...) closed by adehnert
fixed: This seems to no longer be an issue. Recent Trac autoinstalls seem to …
5:48 AM Ticket #119 (scripts-remove shouldn't sign users up for sql.mit.edu) created by adehnert
As far as I can tell, scripts-remove will sign users up for …
5:01 AM Ticket #118 (Autoinstallers should be more controllable from the command-line) created by adehnert
It would be neat if you could pre-answer a bunch of the autoinstaller …
4:28 AM Changeset [1518] by adehnert
People with DB's want to know their uninstall worked, too
4:26 AM Changeset [1517] by adehnert
Remove /~$lname/ from a couple more places
4:14 AM Changeset [1516] by adehnert
"What's this /~$lname/ thing?" Provide a prompt that talks about http://$lname.scripts.mit.edu/ instead of http://scripts.mit.edu/~$lname/, since the latter has been dead for about a year.
12:12 AM Changeset [1515] by mitchb
Put the initial user crontab under revision control

Mar 22, 2010:

10:44 PM Ticket #85 (Trac autoinstaller should configure trac.ini properly when using git) closed by mitchb
fixed: Fixed by Alex in r1512, merged to trunk in r1514 and deployed.
10:39 PM Changeset [1514] by mitchb
Fix Trac's git browser plugin in autoinstalls Closes Trac #85 (Merge of r1511:1512 from branches/locker-dev to trunk, from adehnert)
10:31 PM Ticket #113 (Django auto-installs on a machine where USER != ATHENA_USER get wrong ...) closed by mitchb
fixed: Merged to trunk in r1513 and deployed to the locker.
10:26 PM Changeset [1513] by mitchb
Make autoinstallers use ATHENA_USER instead of USER Closes Trac #113 (Merge of r1510:1511 from branches/locker-dev to trunk, from adehnert)
3:40 AM Ticket #95 (Onserver scripts hard-code deploy directory) closed by ezyang
fixed: Yup.

Mar 20, 2010:

8:29 PM Ticket #3 (Interface for automatic vhost management) closed by xavid
fixed: Yeah, I think we can close this now.
8:22 PM Changeset [1512] by adehnert
Fix Trac's git browser plugin in autoinstalls
7:10 PM Changeset [1511] by adehnert
Make autoinstallers use ATHENA_USER instead of USER Closes Trac #113

Mar 18, 2010:

1:18 AM Changeset [1510] by mitchb
It's a new thing! It's a nice thing! It's... Supe^WOpenAFS 1.4.12!
Note: See TracTimeline for information about the timeline view.