Peter Palfrader [Tue, 24 Mar 2015 08:04:35 +0000 (09:04 +0100)]
Add dinis-lvm
Peter Palfrader [Mon, 23 Mar 2015 17:58:22 +0000 (18:58 +0100)]
Add plummer to PORTERBOXES
Peter Palfrader [Mon, 23 Mar 2015 17:32:25 +0000 (18:32 +0100)]
Add plummer
Peter Palfrader [Mon, 23 Mar 2015 12:38:19 +0000 (13:38 +0100)]
Allow running dsa-check-stunnel-sanity as root from nagios
Peter Palfrader [Mon, 23 Mar 2015 10:38:34 +0000 (11:38 +0100)]
Set SO_KEEPALIVE, maybe it helps
Peter Palfrader [Mon, 23 Mar 2015 09:53:06 +0000 (10:53 +0100)]
New 29.172.in-addr.arpa trust anchor
Peter Palfrader [Sat, 21 Mar 2015 08:48:56 +0000 (09:48 +0100)]
Add moszumanska to postgres-make-base-backups
Héctor Orón Martínez [Thu, 19 Mar 2015 10:11:32 +0000 (11:11 +0100)]
porterbox: avoid d-i user removal (used for di-autobuilding)
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Paul Wise [Thu, 19 Mar 2015 04:59:06 +0000 (12:59 +0800)]
Do not use the apt-get --force-yes option as it is dangerous and insecure.
This option causes apt's OpenPGP signature checks as well as other errors
to be warned about but ignored.
Paul Wise [Wed, 18 Mar 2015 14:46:43 +0000 (22:46 +0800)]
Fix blacklist entry
Paul Wise [Tue, 17 Mar 2015 09:33:54 +0000 (17:33 +0800)]
Blacklist paytm.com, no opt-in, no opt-out
Stephen Gran [Mon, 16 Mar 2015 20:28:20 +0000 (20:28 +0000)]
AT LAST, SIR TERRY, WE MUST WALK TOGETHER.
Signed-off-by: Stephen Gran <steve@lobefin.net>
Julien Cristau [Mon, 16 Mar 2015 12:20:18 +0000 (13:20 +0100)]
no backups for x86-grnet-01
Signed-off-by: Julien Cristau <jcristau@debian.org>
Héctor Orón Martínez [Sun, 15 Mar 2015 11:14:37 +0000 (12:14 +0100)]
buildd.d.o: update archive key
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Martin Zobel-Helas [Sun, 15 Mar 2015 10:19:26 +0000 (10:19 +0000)]
grnet-node01 has ekey now
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Héctor Orón Martínez [Sun, 15 Mar 2015 10:18:57 +0000 (11:18 +0100)]
di-autobuilding: allow d-i group builds on porterboxes
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Paul Wise [Fri, 6 Mar 2015 07:10:20 +0000 (15:10 +0800)]
Decommission senfl.debian.org
Martin Zobel-Helas [Wed, 4 Mar 2015 09:53:27 +0000 (09:53 +0000)]
SSL certificate for search.debian.org
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Héctor Orón Martínez [Wed, 25 Feb 2015 19:33:52 +0000 (20:33 +0100)]
buildd: add jessie suite
Signed-off-by: Héctor Orón Martínez <zumbi@debian.org>
Peter Palfrader [Thu, 19 Feb 2015 20:14:17 +0000 (21:14 +0100)]
no more static-update-component lintian on lilburn
Peter Palfrader [Thu, 19 Feb 2015 20:09:32 +0000 (21:09 +0100)]
lintian moved to lindsay. Move its master from bizet to dillon too
Peter Palfrader [Thu, 19 Feb 2015 19:37:15 +0000 (20:37 +0100)]
bm autofs for lindsay
Peter Palfrader [Wed, 18 Feb 2015 13:42:11 +0000 (14:42 +0100)]
make armhf and armel chroot on arm64
Peter Palfrader [Wed, 18 Feb 2015 11:15:15 +0000 (12:15 +0100)]
dsa-check-libs: Allow -v for --verbose
Peter Palfrader [Wed, 18 Feb 2015 11:13:17 +0000 (12:13 +0100)]
dsa-check-libs: Ignore deleted directories that we happen to be in
Peter Palfrader [Sun, 15 Feb 2015 18:16:24 +0000 (19:16 +0100)]
spacing
Peter Palfrader [Sun, 15 Feb 2015 18:16:10 +0000 (19:16 +0100)]
more zani swap messing
Peter Palfrader [Sun, 15 Feb 2015 18:14:05 +0000 (19:14 +0100)]
change order
Peter Palfrader [Sun, 15 Feb 2015 18:11:19 +0000 (19:11 +0100)]
Revert "more quoting"
This reverts commit
389d5d780402be55af5779e918bfefefdbc157a7.
Peter Palfrader [Sun, 15 Feb 2015 18:10:19 +0000 (19:10 +0100)]
more quoting
Peter Palfrader [Sun, 15 Feb 2015 18:09:13 +0000 (19:09 +0100)]
Make rc.local a template, make swap on zani
Peter Palfrader [Sun, 15 Feb 2015 09:54:42 +0000 (10:54 +0100)]
mail-big-homedirs: never touch the homedir of the buildd user
Peter Palfrader [Sat, 14 Feb 2015 21:43:37 +0000 (22:43 +0100)]
Add buildd to sbuild
Peter Palfrader [Sat, 14 Feb 2015 21:39:22 +0000 (22:39 +0100)]
whitespace fix
Peter Palfrader [Sat, 14 Feb 2015 21:38:35 +0000 (22:38 +0100)]
buildd user exists facter
Peter Palfrader [Sat, 14 Feb 2015 21:34:20 +0000 (22:34 +0100)]
But we do want to create a ~buildd/stats
Peter Palfrader [Sat, 14 Feb 2015 21:30:13 +0000 (22:30 +0100)]
get rid of status
Peter Palfrader [Sat, 14 Feb 2015 21:15:21 +0000 (22:15 +0100)]
install buildd keys
Peter Palfrader [Sat, 14 Feb 2015 14:18:21 +0000 (15:18 +0100)]
only hostname, not fqdn
Peter Palfrader [Sat, 14 Feb 2015 14:13:08 +0000 (15:13 +0100)]
remove extra whitespace
Peter Palfrader [Sat, 14 Feb 2015 14:11:57 +0000 (15:11 +0100)]
fix template
Peter Palfrader [Sat, 14 Feb 2015 14:08:57 +0000 (15:08 +0100)]
create authorized_keys for wb-buildd
Peter Palfrader [Sat, 14 Feb 2015 14:01:00 +0000 (15:01 +0100)]
create ssh key for buildd
Peter Palfrader [Sat, 14 Feb 2015 12:00:26 +0000 (13:00 +0100)]
owner/group for .forward
Peter Palfrader [Sat, 14 Feb 2015 11:57:57 +0000 (12:57 +0100)]
Ship 99builddsourceslist on jessie systems
Peter Palfrader [Sat, 14 Feb 2015 11:52:28 +0000 (12:52 +0100)]
buildd directories and files as requested by aurel
Peter Palfrader [Fri, 13 Feb 2015 19:14:01 +0000 (20:14 +0100)]
stricter regex
Peter Palfrader [Fri, 13 Feb 2015 18:57:01 +0000 (19:57 +0100)]
export ubc multipath config to boito
Luca Filipozzi [Fri, 13 Feb 2015 18:48:30 +0000 (18:48 +0000)]
remove rossini and salieri
Peter Palfrader [Fri, 13 Feb 2015 18:00:42 +0000 (19:00 +0100)]
export ubc multipath config to bertali
Peter Palfrader [Fri, 13 Feb 2015 17:40:29 +0000 (18:40 +0100)]
export ubc multipath config to tristano
Peter Palfrader [Fri, 13 Feb 2015 16:40:21 +0000 (17:40 +0100)]
ubc: Ignore sda on p410 blades
Peter Palfrader [Fri, 13 Feb 2015 16:32:50 +0000 (17:32 +0100)]
export ubc multipath config to pasquini
Peter Palfrader [Fri, 13 Feb 2015 16:32:14 +0000 (17:32 +0100)]
multipath-ubc-ganeti: remove old volumes
Tollef Fog Heen [Wed, 11 Feb 2015 15:17:10 +0000 (16:17 +0100)]
Make syslog-ng require the network and unbound to be up before starting
Tollef Fog Heen [Wed, 11 Feb 2015 14:11:24 +0000 (15:11 +0100)]
Turn off forwarding of systemd journal messages to syslog-ng
Modern syslogs (such as rsyslog and syslog-ng > 3.6) pull from the
systemd journal themselves. Tell systemd to not forward the messages
to syslog. Also change it so syslog-ng no longer hooks into the
syslog.socket early boot stuff, since that causes headaches when it
tries to connect to loghost and can't resolve names.
Peter Palfrader [Wed, 11 Feb 2015 13:22:00 +0000 (14:22 +0100)]
system shutdown check with systemd
Tollef Fog Heen [Wed, 11 Feb 2015 12:51:18 +0000 (13:51 +0100)]
Drop no longer in use office network
Peter Palfrader [Tue, 10 Feb 2015 10:38:40 +0000 (11:38 +0100)]
Replace a tab with spaces in python code
Peter Palfrader [Tue, 10 Feb 2015 10:38:20 +0000 (11:38 +0100)]
Kill evil spaces
Peter Palfrader [Mon, 9 Feb 2015 18:22:01 +0000 (19:22 +0100)]
Make ud-replicated depend on syslog.service
Peter Palfrader [Mon, 9 Feb 2015 12:01:14 +0000 (13:01 +0100)]
make dsa-check-libs +x
Peter Palfrader [Mon, 9 Feb 2015 09:30:18 +0000 (10:30 +0100)]
Fix path
Peter Palfrader [Mon, 9 Feb 2015 09:28:16 +0000 (10:28 +0100)]
Ship dsa-check-libs via puppet for now
Peter Palfrader [Sun, 8 Feb 2015 13:01:55 +0000 (14:01 +0100)]
apache 2.4 config for default vhost
Peter Palfrader [Sun, 8 Feb 2015 07:58:55 +0000 (08:58 +0100)]
rossini out of ekey
Peter Palfrader [Sat, 7 Feb 2015 18:58:31 +0000 (19:58 +0100)]
remove villa from no-backup
Peter Palfrader [Sat, 7 Feb 2015 18:31:53 +0000 (19:31 +0100)]
set listen=NO in vsftpd
Peter Palfrader [Sat, 7 Feb 2015 18:20:42 +0000 (19:20 +0100)]
apache 2.4 compatbile security.d.o
Peter Palfrader [Sat, 7 Feb 2015 18:19:19 +0000 (19:19 +0100)]
Make a template out of the security.d.o apache conf
Peter Palfrader [Sat, 7 Feb 2015 18:12:14 +0000 (19:12 +0100)]
syntax fix
Peter Palfrader [Sat, 7 Feb 2015 18:11:28 +0000 (19:11 +0100)]
apache 2.4 sites stuff
Tollef Fog Heen [Wed, 4 Feb 2015 19:32:03 +0000 (20:32 +0100)]
postmasterish is not a spam trap, put that after host and sender address blacklist
Luca Filipozzi [Mon, 2 Feb 2015 03:16:26 +0000 (03:16 +0000)]
move entropy key from salieri to rossini
Peter Palfrader [Wed, 28 Jan 2015 17:30:31 +0000 (18:30 +0100)]
Get rid of always broken http.d.net
Peter Palfrader [Wed, 28 Jan 2015 13:24:31 +0000 (14:24 +0100)]
Ignore /etc/nagios/check-libs.conf
Peter Palfrader [Wed, 28 Jan 2015 13:16:40 +0000 (14:16 +0100)]
Push nagios check-libs.conf via puppet
Peter Palfrader [Wed, 28 Jan 2015 13:09:30 +0000 (14:09 +0100)]
Add nagios plugins to root's PATH
Peter Palfrader [Tue, 27 Jan 2015 23:15:52 +0000 (00:15 +0100)]
Allow nagios to run dsa-check-libs under sudo
Peter Palfrader [Mon, 26 Jan 2015 20:37:27 +0000 (21:37 +0100)]
Add minkus to porterboxes
Peter Palfrader [Thu, 22 Jan 2015 09:37:49 +0000 (10:37 +0100)]
Blacklist hatemshaheen21@yahoo.com
Peter Palfrader [Thu, 15 Jan 2015 22:36:56 +0000 (23:36 +0100)]
Make buildd-schroot-aptitude-kill work on jessie
Peter Palfrader [Wed, 14 Jan 2015 21:56:32 +0000 (22:56 +0100)]
I think we want to ignore errors here
Peter Palfrader [Wed, 14 Jan 2015 21:43:28 +0000 (22:43 +0100)]
Try porting torproject changes: support excluding mirror for a single static component
Julien Cristau [Sat, 10 Jan 2015 15:18:33 +0000 (16:18 +0100)]
Add root ssh key for jcristau
Signed-off-by: Julien Cristau <jcristau@debian.org>
Peter Palfrader [Fri, 9 Jan 2015 19:00:44 +0000 (20:00 +0100)]
New leap second
Paul Wise [Wed, 7 Jan 2015 15:12:58 +0000 (23:12 +0800)]
rt-mailgate needs the ca-debian workaround too
Paul Wise [Wed, 7 Jan 2015 07:06:52 +0000 (15:06 +0800)]
The snakeoil key is handled by puppet also.
Paul Wise [Wed, 7 Jan 2015 06:43:04 +0000 (14:43 +0800)]
We still have some debian.org certs signed by SPI and USERFirst
Paul Wise [Wed, 7 Jan 2015 06:11:01 +0000 (14:11 +0800)]
Trailing line ending characters are sometimes nice
Paul Wise [Wed, 7 Jan 2015 06:09:14 +0000 (14:09 +0800)]
Fix typo
Paul Wise [Wed, 31 Dec 2014 02:32:55 +0000 (10:32 +0800)]
Enforce SSL configuration using puppet, add dirs for debian and global CAs
Peter Palfrader [Tue, 6 Jan 2015 20:20:04 +0000 (21:20 +0100)]
Remove any references to ahbl.org blocklists as they have shut down (re: RT#5684)
Paul Wise [Tue, 6 Jan 2015 16:52:49 +0000 (00:52 +0800)]
Fix typo
Paul Wise [Tue, 6 Jan 2015 14:53:24 +0000 (22:53 +0800)]
Skip processes that no longer exist
Paul Wise [Sat, 3 Jan 2015 03:46:06 +0000 (11:46 +0800)]
cdn.debian.net has been deprecated, replace it with http.debian.net
https://lists.debian.org/CAG2RKXMdBLL-vSFW6dEu4P0NwT7qqor3PxVQDu-mwrM1J-6opw@mail.gmail.com
Tollef Fog Heen [Fri, 2 Jan 2015 17:19:30 +0000 (18:19 +0100)]
Work around service(8) not reloading syslog-ng correctly
It seems systemd fails to mark syslog-ng as reloadable, which in turn
leads to invoke-rc.d failing. Just call systemctl directly if we're
running systemd to work around this.
James McCoy [Wed, 31 Dec 2014 03:01:18 +0000 (22:01 -0500)]
dd-schroot-cmd: Relax session name check
As per schroot.conf(5):
A number of characters or words are not permitted in a chroot name,
session name or configuration filename. The name may not contain a
leading period (‘.’). The characters ‘:’ (colon), ‘,’ (comma) and ‘/’
(forward slash) are not permitted anywhere in the name. The name may
also not contain a trailing tilde (‘~’).
Relaxing the session name check in get_session_owner to better align
with schroot's actual restrictions reduces the chance that a user will
create a session yet be unable to manipulate it with dd-schroot-cmd.
Signed-off-by: James McCoy <jamessan@debian.org>
Signed-off-by: Paul Wise <pabs@debian.org>
Martin Zobel-Helas [Sun, 28 Dec 2014 09:57:45 +0000 (09:57 +0000)]
run ntp everywhere again
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
Martin Zobel-Helas [Sat, 27 Dec 2014 15:05:58 +0000 (15:05 +0000)]
Revert "disable oyens for now"
This reverts commit
57a38b9f3f9858c0619de09d7b3d01e86c599f9c.