# # ChangeLog for server/fedora # # Generated by Trac 1.0.2 # Oct 26, 2025, 5:32:46 PM Wed, 21 May 2008 21:29:00 GMT quentin [758] * server/fedora/config/etc/nagios/check_afs (modified) Avoid spew in cases of serious error Wed, 21 May 2008 21:27:41 GMT quentin [757] * server/fedora/config/etc/nagios/check_afs (added) * server/fedora/config/etc/nagios/nrpe.cfg (modified) Add AFS monitoring to Nagios Wed, 14 May 2008 12:53:22 GMT andersk [755] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Oops, missed a spot. Wed, 14 May 2008 12:48:26 GMT andersk [754] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Use the scripts private key for *.scripts as well (the previous ... Thu, 08 May 2008 13:28:51 GMT andersk [751] * server/fedora/config/etc/nsswitch.conf (added) Configure nsswitch.conf to use nss_nonlocal. Thu, 08 May 2008 13:27:32 GMT andersk [750] * server/common/oursrc/nss_nonlocal (added) * server/common/oursrc/nss_nonlocal/Makefile (added) * server/common/oursrc/nss_nonlocal/README (added) * server/common/oursrc/nss_nonlocal/libnss_nonlocal.map (added) * server/common/oursrc/nss_nonlocal/nonlocal-group.c (added) * server/common/oursrc/nss_nonlocal/nonlocal-passwd.c (added) * server/common/oursrc/nss_nonlocal/nonlocal-shadow.c (added) * server/common/oursrc/nss_nonlocal/nonlocal.h (added) * server/common/oursrc/nss_nonlocal/nsswitch-internal.h (added) * server/fedora/Makefile (modified) * server/fedora/specs/nss_nonlocal.spec (added) Add nss_nonlocal. Wed, 07 May 2008 02:55:03 GMT andersk [749] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Nope. Don't care. Fri, 02 May 2008 22:45:13 GMT andersk [740] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Update SSL configuration directives from Fedora's ssl.conf. Notably, ... Fri, 02 May 2008 11:52:57 GMT andersk [739] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) spew-- Thu, 01 May 2008 12:22:00 GMT andersk [738] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) SHUT. THE. FUCK. UP. Thu, 24 Apr 2008 04:36:50 GMT andersk [734] * server/fedora/config/etc/httpd/conf.d/vhosts-common-ssl.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Turn on KeepAlive for SSL and increase timeouts, to avoid ... Mon, 07 Apr 2008 10:47:10 GMT quentin [715] * server/fedora/config/etc/sysconfig/iptables (modified) Allow syn to access nrpe through iptables Mon, 07 Apr 2008 01:28:25 GMT quentin [712] * server/fedora/config/etc/nagios/nrpe.cfg (modified) Allow syn to monitor scripts Wed, 02 Apr 2008 03:36:37 GMT geofft [708] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) * server/fedora/config/etc/krb5.conf (modified) * server/fedora/config/etc/sudoers (modified) * server/fedora/config/etc/sysconfig/openafs (modified) * server/fedora/config/etc/yum.conf (modified) Add rebecca to sudoers. Wed, 02 Apr 2008 03:03:31 GMT andersk [707] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) This sucker has had it coming for a long time. Sat, 08 Mar 2008 07:07:37 GMT quentin [690] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Ignore more syslog messages Fri, 07 Mar 2008 17:20:54 GMT andersk [687] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) We might as well present the *.scripts.mit.edu certificate for ... Fri, 07 Mar 2008 16:50:44 GMT andersk [685] * server/common/patches/httpd-2.2.x-broken-ldap-caching.patch (added) * server/fedora/specs/httpd.spec.patch (modified) Fix a stupid mod_ldap caching bug. Fri, 07 Mar 2008 16:49:54 GMT andersk [684] * server/fedora/specs/httpd.spec.patch (modified) Make the packaged suexec work. Fri, 07 Mar 2008 16:48:44 GMT andersk [683] * server/common/patches/httpd-2.2.8-sni.patch (added) * server/fedora/specs/httpd.spec.patch (modified) Add SNI support to the httpd package. Fri, 07 Mar 2008 15:40:09 GMT andersk [682] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) Revert r681; this doesn't actually work. Fri, 07 Mar 2008 15:28:43 GMT andersk [681] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) Drop to nobody in case of a terrible mod_vhost_ldap disaster. Thu, 06 Mar 2008 08:09:30 GMT andersk [677] * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:3 (deleted) Remove hacks-old. Thu, 28 Feb 2008 04:55:38 GMT quentin [671] * server/fedora/config/etc/php.d/scripts.ini (modified) Remove broken configuration for deprecated mime_magic module, as we ... Tue, 26 Feb 2008 22:59:41 GMT geofft [669] * server/fedora/config/etc/ssh/sshd_config (modified) disable X11 forwarding; allow forwarding $EDITOR and $VISUAL because ... Tue, 26 Feb 2008 06:56:50 GMT quentin [668] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Ignore more meaningless sshd logs Tue, 26 Feb 2008 04:42:55 GMT quentin [667] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Don't log logins from non-root users Tue, 26 Feb 2008 04:29:16 GMT quentin [666] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Change syslog zephyring to coalesce messages Mon, 25 Feb 2008 21:26:46 GMT quentin [665] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Make Zephyrs more useful and move to -c scripts-auto Mon, 25 Feb 2008 21:19:01 GMT andersk [664] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) -c scripts -> -c scripts-auto. Sun, 17 Feb 2008 21:25:36 GMT quentin [662] * server/fedora/config/etc/cron.d/whoisd (modified) Save log and pid in the right places Sun, 17 Feb 2008 21:21:44 GMT quentin [661] * server/fedora/config/etc/cron.d (added) * server/fedora/config/etc/cron.d/whoisd (added) Run whoisd on startup Tue, 12 Feb 2008 18:11:36 GMT quentin [657] * server/fedora/config/etc/munin/plugin-conf.d/munin-node (modified) Run if_ plugin as root so it can determine the interface speed Tue, 12 Feb 2008 05:28:53 GMT andersk [656] * server/fedora/config/etc/httpd (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) * vhosts (deleted) And finally the vhosts directory is unused. Tue, 12 Feb 2008 04:56:48 GMT andersk [653] * server/fedora/config/etc/httpd/conf.d/vhosts-vhost-names.conf (deleted) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Convert framewrapper vhosts to real vhosts in LDAP. Mon, 11 Feb 2008 20:10:38 GMT presbrey [649] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) httpd.conf: configure SNI support for *:444 Mon, 11 Feb 2008 19:39:32 GMT presbrey [648] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) httpd.conf: configure SNI support Mon, 11 Feb 2008 18:01:37 GMT quentin [646] * server/fedora/config/etc/syslog-ng/d_zroot.pl (modified) Send to host-specific instance, and send for both root and logview Mon, 11 Feb 2008 06:28:47 GMT quentin [645] * server/fedora/config/etc/syslog-ng (added) * server/fedora/config/etc/syslog-ng/d_zroot.pl (added) * server/fedora/config/etc/syslog-ng/syslog-ng.conf (added) syslog-ng configuration for zephyring when root logs in Mon, 11 Feb 2008 06:27:55 GMT quentin [644] * server/fedora/config/etc/php.d/scripts.ini (modified) Remove overrides of session.save_path and include_path (old ... Mon, 11 Feb 2008 06:22:08 GMT quentin [643] * server/fedora/config/etc/sudoers (modified) Commit outstanding change allowing ldap backups Sun, 10 Feb 2008 14:54:11 GMT andersk [642] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Only check .htaccess files inside web_scripts, thus eliminating a ... Fri, 08 Feb 2008 01:21:07 GMT andersk [635] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Enable mod_expires. Sat, 02 Feb 2008 11:29:54 GMT quentin [624] * server/fedora/config/etc/munin/munin-node.conf (modified) Allow monitoring by syn.mit.edu Sat, 02 Feb 2008 11:24:23 GMT quentin [623] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) Move the heartbeat script to /__scripts/heartbeat so we can serve it ... Sun, 13 Jan 2008 19:54:56 GMT quentin [607] * server/fedora/config/etc/ntp.conf (modified) Add a second NTP server, for good measure. Fri, 11 Jan 2008 00:04:36 GMT andersk [605] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) blah blah APACHE HAS NO GODDAMN ABSTRACTION BARRIERS blah blah blah. Thu, 10 Jan 2008 22:57:59 GMT andersk [604] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (modified) Prevent vhost access controls from applying to /__scripts. Thu, 10 Jan 2008 22:46:59 GMT andersk [603] * server/fedora/config/etc/httpd/conf.d/scripts-special.conf (added) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Modularize the redirect-to-certs kludge so that users just need to ... Thu, 10 Jan 2008 02:04:03 GMT andersk [602] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) /icons -> /__scripts/icons to avoid shadowing vhost namespace. Tue, 08 Jan 2008 02:47:15 GMT quentin [584] * lvs/debian/config/etc/ha.d/ldirectord.cf (modified) * lvs/debian/config/etc/network/if-up.d/iptables (modified) * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:3 (added) Support hacks.mit.edu Mon, 07 Jan 2008 07:14:28 GMT geofft [583] * server/fedora/config/etc/postfix/virtual (modified) oops, webmaster@szs is a special case Sat, 05 Jan 2008 02:59:44 GMT geofft [566] * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:2 (added) webzephyr IP address Thu, 03 Jan 2008 07:24:12 GMT geofft [556] * server/fedora/config/etc/postfix/main.cf (modified) * server/fedora/config/etc/postfix/virtual (added) Postfix changes for webzephyr Tue, 01 Jan 2008 21:15:49 GMT geofft [548] * server/fedora/config/etc/aliases (modified) i can has root@scripts? Mon, 31 Dec 2007 08:27:44 GMT andersk [547] * server/fedora/Makefile (modified) Add some missing deps. Thu, 29 Nov 2007 05:02:51 GMT andersk [520] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Enable mod_negotiation. Fri, 16 Nov 2007 23:57:35 GMT andersk [516] * server/fedora/Makefile (modified) Make it easier to override kvariants and kernvers. Thu, 08 Nov 2007 04:31:32 GMT andersk [512] * server/fedora/config/etc/ldap.conf (modified) Use ldapi:// url. Tue, 06 Nov 2007 05:49:53 GMT andersk [511] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Re-enable sendfile now that it works. Tue, 06 Nov 2007 05:48:06 GMT andersk [510] * server/common/patches/openafs-splice.patch (added) * server/fedora/specs/openafs.spec.patch (modified) Implement splice_write and splice_read so that sendfile() works on ... Mon, 05 Nov 2007 22:08:08 GMT andersk [509] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Apparently sendfile() breaks with kernel 2.6.23 and openafs 1.4.5. Fri, 02 Nov 2007 05:27:49 GMT andersk [507] * server/fedora/Makefile (modified) * server/fedora/meta-patches/openafs-client.init.patch (deleted) * server/fedora/specs/openafs.spec.patch (modified) Bump to OpenAFS 1.4.5. Mon, 22 Oct 2007 22:01:26 GMT quentin [503] * server/fedora/config/etc/munin/plugin-conf.d/hddtemp_smartctl (added) * server/fedora/config/etc/munin/plugin-conf.d/munin-node (added) Add smart monitoring to munin Thu, 18 Oct 2007 02:38:31 GMT andersk [500] * server/fedora/config/etc/httpd/conf.d/scripts-vhost-names.conf (modified) Add b-m and o-f aliases. Tue, 16 Oct 2007 04:01:31 GMT andersk [493] * server/fedora/config/etc/httpd/conf.d/scripts-vhost-names.conf (modified) Make 127.0.0.1 work, for Munin monitoring. Mon, 15 Oct 2007 13:38:21 GMT andersk [487] * server/fedora/config/etc/sudoers (modified) Not used anymore. Mon, 15 Oct 2007 13:36:18 GMT andersk [486] * server/fedora/config/etc/openafs/SuidCells (modified) * server/fedora/config/etc/sysconfig/network (deleted) Oops, clean up a few things from r484. Mon, 15 Oct 2007 12:33:52 GMT andersk [485] * server/common/oursrc/accountadm/configure.in (modified) * server/common/oursrc/accountadm/signup-scripts-backend.in (modified) * server/fedora/specs/accountadm.spec (modified) Make new signups go to LDAP! Mon, 15 Oct 2007 11:37:01 GMT andersk [484] * server/fedora/config/etc/ha.d/ha.cf (modified) * server/fedora/config/etc/ha.d/haresources (modified) * server/fedora/config/etc/ldap.conf (added) * server/fedora/config/etc/openafs/SuidCells (modified) * server/fedora/config/etc/postfix/main.cf (modified) * server/fedora/config/etc/sysconfig/iptables (modified) * server/fedora/config/etc/sysconfig/network (modified) * server/fedora/config/etc/sysconfig/openafs (modified) * server/fedora/config/etc/yum.conf (modified) /etc/ldap.conf. Mon, 15 Oct 2007 11:34:35 GMT andersk [482] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) ou=vhosts -> ou=VirtualHosts. Mon, 15 Oct 2007 10:31:22 GMT andersk [480] * server/common/oursrc/httpdmods/Makefile.in (modified) * server/fedora/specs/httpdmods.spec (modified) Build mod_vhost_ldap. Mon, 15 Oct 2007 09:27:38 GMT geofft [478] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) more ldap chocolatey goodness Mon, 15 Oct 2007 00:05:54 GMT andersk [477] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Don't IndexIgnore HEADER* README*. Sun, 14 Oct 2007 08:32:34 GMT andersk [471] * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:0 (moved) * server/fedora/config/etc/sysconfig/network-scripts/ifcfg-lo:1 (moved) ifcfg-lo_0 -> ifcfg-lo:0 so it comes up on boot. Fri, 12 Oct 2007 07:04:50 GMT geofft [455] * server/fedora/config/etc/httpd/conf.d/vhost_ldap.conf (added) prelim ldap stuff Fri, 12 Oct 2007 07:04:26 GMT geofft [454] * server/fedora/config/etc/httpd/conf.d/scripts-vhost.conf (modified) * server/fedora/config/etc/httpd/conf/httpd.conf (modified) prelim ldap stuff Tue, 02 Oct 2007 01:24:17 GMT andersk [437] * server/common/patches/openssh-4.5p1-multihomed.patch (added) * server/fedora/Makefile (modified) * server/fedora/specs/openssh.spec.patch (added) Add OpenSSH multihomed patch (derived from asedeno) to enable ssh to ... Tue, 25 Sep 2007 04:46:40 GMT andersk [426] * server/fedora/config/etc/aliases (modified) Add more users to aliases. Tue, 25 Sep 2007 03:25:08 GMT andersk [425] * server/fedora/config/etc/selinux/strict/contexts/users/root (modified) Not sure what this is, but it's on both servers. Tue, 25 Sep 2007 03:24:07 GMT andersk [424] * server/fedora/config/etc/krb.conf (modified) * server/fedora/config/etc/krb.realms (modified) * server/fedora/config/etc/krb5.conf (modified) Kerberos config from o-f. Tue, 25 Sep 2007 03:12:05 GMT quentin [423] * server/fedora/config/etc/issue.net.no_tkt (added) * server/fedora/config/etc/issue.net.no_user (added) * server/fedora/config/etc/pam.d/sshd (added) * server/fedora/config/etc/ssh/sshd_config (modified) Tell users when they don't have tickets or don't exist Tue, 25 Sep 2007 02:41:12 GMT quentin [422] * server/fedora/config/etc/aliases (modified) Update root mail recipients Tue, 25 Sep 2007 02:40:25 GMT quentin [421] * server/fedora/config/etc/sysctl.conf (modified) Enabling magic sysrq Tue, 25 Sep 2007 02:30:40 GMT quentin [420] * server/fedora/config/etc/php.d/scripts.ini (modified) Removing arbitrary limits (to sync repository to actual state) Tue, 25 Sep 2007 02:27:06 GMT quentin [419] * server/fedora/config/etc/hosts (modified) Committing live hosts file (was same on both servers) Tue, 25 Sep 2007 01:53:42 GMT quentin [418] * server/fedora/config/etc/sysconfig/openafs (modified) Committing unknown change (rpm upgrade?); it's true on both servers. Tue, 25 Sep 2007 01:37:54 GMT quentin [417] * server/fedora/config/etc/httpd/conf.d/scripts-vhost.conf (modified) Enable munin apache graphing by turning on server-status Tue, 25 Sep 2007 01:26:35 GMT quentin [416] * server/fedora/config/etc/munin (added) * server/fedora/config/etc/munin/apache-htpasswd (added) * server/fedora/config/etc/munin/munin-node.conf (added) * server/fedora/config/etc/munin/plugin-conf.d (added) * server/fedora/config/etc/munin/plugin-conf.d/apache_accesses (added) * server/fedora/config/etc/munin/plugin-conf.d/apache_processes (added) * server/fedora/config/etc/munin/plugin-conf.d/apache_volume (added) * server/fedora/config/etc/munin/plugins (added) * server/fedora/config/etc/munin/plugins/apache_accesses (added) * server/fedora/config/etc/munin/plugins/apache_processes (added) * server/fedora/config/etc/munin/plugins/apache_volume (added) Added munin configuration for monitoring apache Wed, 19 Sep 2007 04:58:21 GMT andersk [409] * server/fedora/config/etc/httpd/conf/httpd.conf (modified) Remove SSLUserName, because mod_auth_sslcert is better and having the ... Wed, 19 Sep 2007 03:33:16 GMT andersk [408] * server/fedora/config/etc/httpd/conf.d/vhosts-common-ssl-cert.conf (modified) SSLVerifyClient optional. Mon, 17 Sep 2007 20:42:35 GMT andersk [407] * server/fedora/Makefile (modified) Fix the stupid rpmbuild symlink bug. Mon, 17 Sep 2007 18:42:45 GMT presbrey [404] * server/fedora/Makefile (modified) slight Makefile correction for suexec Mon, 10 Sep 2007 20:58:39 GMT andersk [399] * server/fedora/config/etc/httpd/conf.d/vhosts-vhost-names.conf (modified) Add www.* names for non-mit.edu fake vhosts. Sat, 08 Sep 2007 08:37:28 GMT andersk [395] * server/fedora/config/etc/httpd/conf.d/vhosts-vhost-names.conf (modified) Make lombana a real vhost. Wed, 05 Sep 2007 20:07:01 GMT andersk [392] * server/fedora/specs/accountadm.spec (modified) Don't fail if signup user/group already exist. Sun, 02 Sep 2007 10:23:00 GMT andersk [391] * server/fedora/config/etc/httpd/conf.d/auth_sslcert.conf (modified) Enable mod_auth_optional. Sun, 02 Sep 2007 10:17:43 GMT andersk [390] * server/common/oursrc/httpdmods/Makefile.in (modified) * server/common/oursrc/httpdmods/mod_auth_optional.c (added) * server/common/oursrc/httpdmods/mod_auth_sslcert.c (modified) * server/fedora/specs/httpdmods.spec (modified) httpd module updates, including support for optional authentication. Sun, 02 Sep 2007 10:09:03 GMT andersk [389] * server/common/oursrc/httpdmods/Makefile.in (modified) * server/fedora/specs/httpdmods.spec (modified) Use apxs to build Apache modules. Sat, 25 Aug 2007 05:10:22 GMT andersk [384] * server/fedora/config/etc/httpd/conf.d/auth_sslcert.conf (modified) Allow mod_auth_sslcert configuration to be overridden in .htaccess.