-The LDAP utilities package provides a program called ldapsearch that can be -used to execute direct queries to the database. Generally this is done by -putting -
-HOST db.debian.org -BASE dc=debian,dc=org --in ~/.ldaprc. Then queries can be performed, for instance -
-samosa{jgg}~#ldapsearch uid=wakkerma keyfingerprint
-uid=wakkerma,ou=users,dc=debian,dc=org
-keyfingerprint=38444C2CA6AD756EB4A2E5FA612AFF59
-keyfingerprint=576E100B518D2F1636B028053CB892502FA3BC2D
-
-Shows the PGP key finger prints for the wakkerma user. The first word
-in the command is the query to perform, the rest of command line are the
-attributes to return, if omitted then all readable attributes are returned.
-More complicated queries are possible, for instance:
-
-samosa{jgg}~#ldapsearch '(&(!(loginshell=/bin/bash))(uid=*))' loginshell
-uid=admin,ou=users,dc=debian,dc=org
-
-uid=mryan,ou=users,dc=debian,dc=org
-loginshell=/usr/bin/tcsh
-
-uid=jkominek,ou=users,dc=debian,dc=org
-loginshell=/usr/bin/zsh
-
-uid=caelum,ou=users,dc=debian,dc=org
-loginshell=/usr/bin/zsh
-[..]
-
-Shows users that do not use bash as their shell. Some other interesting
-queries are:
--The GQ package has a graphical LDAP browser that can browse the debian.org -tree. It is somewhat ungainly with the large number of entries in our -directory, but it does work nonetheless. Configuration is similar, use the -preferences dialog to add a new host with the information given above. -
-Netscape has a browser for their mailer, but I have never been able to get -it to work, please email if you have any luck. -
-To my knowledge there are no interfaces for popular mailers like mutt and -gnus. Such an interface would allow using the directory as an enhanced address -book. diff --git a/web/doc-general.wml b/web/doc-general.wml deleted file mode 100644 index 61419c7..0000000 --- a/web/doc-general.wml +++ /dev/null @@ -1,48 +0,0 @@ -#use wml::db.d.o title="General LDAP Documentation" - -
-debian.org uses a single LDAP driven directory for account management across -all the project run machines. This directory -also provides services for leaving vacation notices, updating -xplanet coordinates, -email forwarding, ssh authentication keys and other information. - -
-Note: the 'passwd' program and 'chfn' do not work with LDAP information. -Please use the web page or email gateway for the time being. All machines -running OpenSSH are using replicated SSH RSA authentication keys. - -
-developer-only information includes precise location information -[postalcode, postal address, lat/long] telephone numbers, and the vacation -message. - -
-Admin-only/user-only information includes email forwarding, ssh keys and -the encrypted password. Note that email forwarding is necessarily publicly -viewable from accounts on the actual machines. - -
-Entries in the directory are keyed to the developers PGP key, whoever has that -key can make any change to the directory through the mail interface. - -
-Lost or forgotten password instructions diff --git a/web/domains.tab b/web/domains.tab deleted file mode 100644 index fd7d1d7..0000000 --- a/web/domains.tab +++ /dev/null @@ -1,255 +0,0 @@ -ad Andorra -ae United Arab Emirates -af Afghanistan -ag Antigua and Barbuda -ai Anguilla -al Albania -am Armenia -an Netherlands Antilles -ao Angola -aq Antarctica -ar Argentina -arpa Old style Arpanet -as American Samoa -at Austria -au Australia -aw Aruba -az Azerbaidjan -ba Bosnia-Herzegovina -bb Barbados -bd Bangladesh -be Belgium -bf Burkina Faso -bg Bulgaria -bh Bahrain -bi Burundi -bj Benin -bm Bermuda -bn Brunei Darussalam -bo Bolivia -br Brazil -bs Bahamas -bt Bhutan -bv Bouvet Island -bw Botswana -by Belarus -bz Belize -ca Canada -cc Cocos (Keeling) Islands -cd Democratic Republic of Congo -cf Central African Republic -cg Congo -ch Switzerland -ci Ivory Coast (Cote D'Ivoire) -ck Cook Islands -cl Chile -cm Cameroon -cn China -co Colombia -com Commercial -cr Costa Rica -cs Czech Republic and Slovakia -cu Cuba -cv Cape Verde -cx Christmas Island -cy Cyprus -cz Czech Republic -de Germany -dj Djibouti -dk Denmark -dm Dominica -do Dominican Republic -dz Algeria -ec Ecuador -edu USA Educational -ee Estonia -eg Egypt -eh Western Sahara -er Eritrea -es Spain -et Ethiopia -fi Finland -fj Fiji -fk Falkland Islands -fm Micronesia -fo Faroe Islands -fr France -fx France (European Territory) -ga Gabon -gb Great Britain -gd Grenada -ge Georgia -gf French Guyana -gg Guernsey -gh Ghana -gi Gibraltar -gl Greenland -gm Gambia -gn Guinea -gov USA Government -gp Guadeloupe (French) -gq Equatorial Guinea -gr Greece -gs S. Georgia & S. Sandwich Isls. -gt Guatemala -gu Guam (USA) -gw Guinea Bissau -gy Guyana -hk Hong Kong -hm Heard and McDonald Islands -hn Honduras -hr Croatia -ht Haiti -hu Hungary -id Indonesia -ie Ireland -il Israel -im Isle of Man -in India -int International -io British Indian Ocean Territory -iq Iraq -ir Iran -is Iceland -it Italy -je Jersey -jm Jamaica -jo Jordan -jp Japan -ke Kenya -kg Kyrgyzstan -kh Cambodia -ki Kiribati -km Comoros -kn Saint Kitts & Nevis Anguilla -kp North Korea -kr South Korea -kw Kuwait -ky Cayman Islands -kz Kazakhstan -la Laos -lb Lebanon -lc Saint Lucia -li Liechtenstein -lk Sri Lanka -lr Liberia -ls Lesotho -lt Lithuania -lu Luxembourg -lv Latvia -ly Libya -ma Morocco -mc Monaco -md Moldavia -mg Madagascar -mh Marshall Islands -mil USA Military -mk Macedonia -ml Mali -mm Myanmar -mn Mongolia -mo Macau -mp Northern Mariana Islands -mq Martinique (French) -mr Mauritania -ms Montserrat -mt Malta -mu Mauritius -mv Maldives -mw Malawi -mx Mexico -my Malaysia -mz Mozambique -na Namibia -nato NATO -nc New Caledonia (French) -ne Niger -net Network -nf Norfolk Island -ng Nigeria -ni Nicaragua -nl Netherlands -no Norway -np Nepal -nr Nauru -nt Neutral Zone -nu Niue -nz New Zealand -om Oman -org Non-Profit Making Organisations -pa Panama -pe Peru -pf Polynesia (French) -pg Papua New Guinea -ph Philippines -pk Pakistan -pl Poland -pm Saint Pierre and Miquelon -pn Pitcairn Island -pr Puerto Rico -pt Portugal -pw Palau -py Paraguay -qa Qatar -re Reunion (French) -ro Romania -ru Russia -rw Rwanda -sa Saudi Arabia -sb Solomon Islands -sc Seychelles -sd Sudan -se Sweden -sg Singapore -sh Saint Helena -si Slovenia -sj Svalbard and Jan Mayen Islands -sk Slovak Republic -sl Sierra Leone -sm San Marino -sn Senegal -so Somalia -sr Suriname -st Saint Tome and Principe -su Former USSR -sv El Salvador -sy Syria -sz Swaziland -tc Turks and Caicos Islands -td Chad -tf French Southern Territories -tg Togo -th Thailand -tj Tadjikistan -tk Tokelau -tm Turkmenistan -tn Tunisia -to Tonga -tp East Timor -tr Turkey -tt Trinidad and Tobago -tv Tuvalu -tw Taiwan -tz Tanzania -ua Ukraine -ug Uganda -uk United Kingdom -um USA Minor Outlying Islands -us United States -uy Uruguay -uz Uzbekistan -va Vatican City State -vc Saint Vincent & Grenadines -ve Venezuela -vg Virgin Islands (British) -vi Virgin Islands (USA) -vn Vietnam -vu Vanuatu -wf Wallis and Futuna Islands -ws Samoa -ye Yemen -yt Mayotte -yu Yugoslavia -za South Africa -zm Zambia -zw Zimbabwe diff --git a/web/forward.wml b/web/forward.wml deleted file mode 100644 index a07030c..0000000 --- a/web/forward.wml +++ /dev/null @@ -1,89 +0,0 @@ -#use wml::db.d.o title="Email Forwarding" - -
-Emails to @debian.org addresses now go through a LDAP distributed email system. -This system uses the forwarding field in the LDAP directory to route mail -without passing it through a users .forward file on a single host. -Multiple machines participate in the forwarding to provide redudancy. - -
-Each forwarders inspects the LDAP database -to see if foo@debian.org has forwarding set to an address, if so the envelope -to address is rewritten and the message redirected to the new address. -Otherwise the message is relayed to master.debian.org for processing by the -users .forward files. If email forwarding is setup then .forward files are -NOT considered. Extension addresses (foo-lists) are always routed -directly to master for processing. - -
-All machines also use the forwarding attribute as a default destination for -email. If the user has a home directory and no .forward file the mail is -forwarded rather than delivered to /var/spool/mail. This makes sure cron -reports, bug responses and other unexpected emails are not misplaced. - -
-If you set the forwarding address to be a specific Debian machine and do -not create a forward file then that machine will spool the mail to -/var/spool/mail instead of creating a mail loop. - -
-The email forwarding can be easially reconfigured using GnuPG: -
-echo "emailforward: foo@bar.com" | gpg --clearsign | mail change@db.debian.org --or by visiting db.debian.org - -
-You can test the email routing by using the command /usr/sbin/exim -bt -foo@debian.org - -
-The correct way to invoke procmail for extension addresses is "|/usr/bin/procmail [options]" -Ignore the IFS=".." stuff in the procmail man page. - -
-Mailbox format files "/debian/home/foo/Mbox"
-
Maildir format files "/debian/home/foo/MDir/"
-
-
-To deliver to /var/spool/mail/foo use a construct like '|/usr/bin/procmail --m /dev/null'. Putting the mailbox path will not work. You must use -absolute paths for mailboxes, qmail-like ./ paths are not supported by -Exim. - -
-Also, 'Exim Filter' files are deliberately turned off. - -
-'Standard' Env Variables: -
-'Qmail' Env Variables: -
-Such that, $RECIPIENT = $LOCAL-$EXTENSION@<something>. - diff --git a/web/hostinfo.wml b/web/hostinfo.wml deleted file mode 100644 index 4a5fc81..0000000 --- a/web/hostinfo.wml +++ /dev/null @@ -1,20 +0,0 @@ -#use wml::db.d.o title="debian.org Developer Machines" - -
|
-Lookup: - - |
-
- -~hostdetails~ - - |
-
Debian development machines
-
Lost or forgotten password instructions
-
-If you have lost or forgotten your LDAP password (and by extension, your -machine login password) you can have it reset by sending a PGP signed -message to the mail gateway: -
-echo "Please change my Debian password" | gpg --clearsign | mail chpasswd@db.debian.org -or -echo "Please change my Debian password" | pgp -fast | mail chpasswd@db.debian.org --The daemon will then respond with a new randomized password encrypted -with your key. You can then use the -SSL Web pages to change your -password to something you can remember. You cannot set a new password via the -mail gateway. - -
-Alternatively, you can do without a password and use PGP to manipulate your -LDAP information through the mail gateway and use -SSH RSA Authentication to access the servers. To setup OpenSSH for RSA you -need to first generate a private RSA key using ssh-keygen and select -a good passphrase for it. Then send the public portion of the key to the LDAP -directory: -
-gpg --clearsign < ~/.ssh/identity.pub | mail change@db.debian.org --You can then use this key to authenticate to the machines. Using ssh-agent -(automatically run by Debian's X configuration) you can use ssh-add to 'cache' -your passphrase once. - diff --git a/web/searchform.wml b/web/searchform.wml deleted file mode 100644 index c455892..0000000 --- a/web/searchform.wml +++ /dev/null @@ -1,287 +0,0 @@ -#use wml::db.d.o title="debian.org Developers LDAP Search" - -
Debian development machines
-
Documentation
-
Lost or forgotten password instructions
-
Debian.org Email Forwarding
-
-To look up information about Debian developers, enter your search criteria -in the form. Results are returned which match all of the search criteria. -Wildcards may be used. For example, entering *de* in the last name
-field will return all developers whose surname contains the substring
-de. Matches are case-insensitive, and all searching criteria that
-are left empty will be ignored. Selecting the "fuzzy search" option will turn
-on approximate searching.- -The "On vacation" field will return all developers who have left a vacation -message. - - |
-{#mainbody#:
diff --git a/web/update.wml b/web/update.wml
deleted file mode 100644
index e879e52..0000000
--- a/web/update.wml
+++ /dev/null
@@ -1,368 +0,0 @@
-#use wml::db.d.o title="debian.org Developers LDAP Maintainance"
-
-