Jul 14, 2011:

4:11 PM Changeset [1929] by achernya
Update krb5.spec.patch to 1.9.1

Jul 9, 2011:

8:55 PM Ticket #214 (Catalog installed webapps) created by adehnert
The infrastructure from #213 might be used for cataloging webapps. It …
8:52 PM Ticket #213 (Search users' web_scripts for known vulnerabilities) created by adehnert
We should occasionally scan our users' web_scripts for known …

Jul 8, 2011:

11:00 PM Ticket #212 (Add FastCGI support to node.js) created by geofft
In theory it might be nice to support node.js as an application …
10:51 PM Ticket #211 (Cassandra support) created by geofft
For certain applications it may or may not be nice to support the …
10:49 PM Ticket #210 (RabbitMQ support) created by geofft
For certain applications it would be nice to support …
10:46 PM Ticket #209 (memcached support) created by geofft
For certain applications it would be nice to support …

Jul 5, 2011:

3:56 PM Changeset [1928] by achernya
Certificate and configuration for ailg-bdf.mit.edu [help.mit.edu #1657448]
3:53 PM Changeset [1927] by achernya
Certificate and configuration for nudelta.mit.edu [help.mit.edu #1657447]

Jul 2, 2011:

3:01 PM Changeset [1926] by mitchb
Unbork yum-plugin-post-transaction-actions We tried to be too clever for ourselves; stop doing that. Our intent was to make sure that permission changes were made on both installs and updates of packages containing relevant files, but we didn't want to duplicate each line, so we chose to trigger on "any" instead of "install" and "update". An update actually consists of installation of one package and removal of its previous version, and filelists aren't available to yum or rpm for removed packages, so if your trigger is a filename on a removed package, the plugin fails ungracefully. Since an update includes an install of the new package version, the "install" package set includes all updated packages, and we should only trigger on it. Additionally, the -f option we gave chmod to blow through errors silently when files weren't there (for removal of a package) won't be necessary as a result.

Jul 1, 2011:

4:33 PM Changeset [1925] by geofft
It helps to edit curl.spec instead of curl.spec.orig
4:17 PM Changeset [1924] by geofft
curl.spec.patch: Don't run tests
11:04 AM Changeset [1923] by geofft
Fix file name in curl.spec.patch
10:58 AM Changeset [1922] by geofft
Patch curl for CVE-2011-2192: do not delegate tickets over HTTP
2:00 AM Ticket #208 (We deleted the known_hosts file) closed by achernya
fixed: Updated known_hosts in r1921.
1:55 AM Changeset [1921] by achernya
Enumerate all hosts for known_hosts Enumerate all 9 scripts servers, scripts, scripts-vhosts, scripts-test, and IP addresses.
1:18 AM Changeset [1920] by achernya
Bring known_hosts under version control Bring the known_hosts file under version control. It previous had been sitting in the ssh/ directory in the locker. Additionally, correct the scripts-ssh and ssh scripts to point to this new location. Note that this requires the creation of the etc -> checkout/etc symlink in the locker.

Jun 30, 2011:

9:44 PM Ticket #208 (We deleted the known_hosts file) created by geofft
And so autoinstalls prompt about host keys. We should fix this.

Jun 28, 2011:

2:45 PM Changeset [1919] by mitchb
statoverride yum post-transaction action o Name the file as we'd discussed o Fill in missing entry o Don't clutter it with the documentation that's in the sample
4:07 AM Changeset [1918] by achernya
Create yum post-actions: setugid-override.action This file is to be used with yum-plugin-post-transaction-actions. The specified files will be stripped of their set[ug]id bits upon installation or update.
4:05 AM Ticket #207 (/etc/rc.d/rc.local is not executable) created by andersk
So we’ve been failing to execute /etc/rc.d/rc.local for who knows how …
3:54 AM Ticket #206 (We forgot to keep disabling new PHP extensions) created by andersk
[…] We should consider disabling these for F15, and add a step to …
3:35 AM Changeset [1917] by achernya
Create check-setugid cronjob This cronjob and associated whitelist will search the Scripts servers daily for set[ug]id binaries, and complain if any unexpected ones are found.

Jun 26, 2011:

1:55 PM Changeset [1916] by achernya
aliases: correct file format The /etc/aliases file can't have comments at an arbitrary position in the line. According to aliases(5), only "Lines beginning with # are comments."

Jun 25, 2011:

3:36 PM Changeset [1915] by adehnert
Disable mail for dbriggs and ro21531

Jun 21, 2011:

5:24 PM Changeset [1914] by achernya
Restore openafs-localcsdb.patch Mitch points out that the localcsdb patch was just Scripts configuration, and not actually relevant to the Scripts AFS patch. Therefore, the patch has been brought back, split out into a separte file as it was before.

Jun 20, 2011:

7:07 PM Changeset [1913] by achernya
Update OpenAFS from 1.4.14 to 1.6.0pre6 kaduk finished porting the openafs-scripts patch to 1.6.0, which was then lightly modified be me to get it to compile -- mostly fixing typos. The openafs.spec.patch was also fixed, including another chmod +x hack on some libraries to get rpm to properly process them for Provides directives. Interestingly, these libraries had the correct mode in 1.4.14. The patches that were added to get 1.4.14 to compile have also been removed, as 1.6.0pre6 compiles on kernel 2.6.38 unmodified. openafs-numsysnames is getting removed because 32 is now the default. openafs-localcsdb is getting removed because the change was included in kaduk's patchset.

Jun 19, 2011:

12:08 AM Ticket #120 (autoinstalled scripts should be uninstallable without interacting with ...) reopened by achernya

Jun 18, 2011:

11:18 PM Ticket #120 (autoinstalled scripts should be uninstallable without interacting with ...) closed by achernya
wontfix: r1904 punted phpical.
10:38 PM Ticket #179 (resolv.conf gets overwritten on reboot) closed by achernya
fixed: On Fedora 15, the culprit was ifcfg-eth0 specifying DNS servers, …
3:41 PM Changeset [1912] by quentin
Uhh, actually depend on c-p-d

Jun 17, 2011:

8:40 PM Changeset [1911] by achernya
Make d_zroot work properly d_zroot.pl was copied to a-h, and it was noticed that it failed quite horribly. Fixed by Quentin, these changes are also relevant to the Fedora VMs.
6:39 PM Changeset [1910] by achernya
Make ghc-cgi installonly ghc-cgi exists in Fedora, but is an older version than the Scripts package. This allows the yum depsolver to correctly install ghc-* without trying to install i686 packages.
6:35 PM Changeset [1909] by achernya
Allow weak crypto in krb5.conf Without this configuration, F15 would not work with the MIT KDC.

Jun 16, 2011:

2:37 PM Changeset [1908] by achernya
Fix createrepo recommendation in upgrade-tips upgrade-tips has a section on officializing everything, added the `createrepo -d` recommendation there as well.
2:32 PM Changeset [1907] by achernya
Change createrepo recommendation Previously, the Scripts repo was generated without sqlite databases for yum. These would be nice to have, as they make the yum update process better (yum would have to generate the databases itself, slowing it down). Recommendation is now to do `createrepo -d`, to generate the databases. This recommendation has not been added to upgrade-tips, because it doesn't really matter for mock-local.
Note: See TracTimeline for information about the timeline view.