|  |  | @979 | 17 years | geofft | er, Fedora has a nontrivial vimrc | 
                
                  |  |  | @978 | 17 years | geofft | undo miscommit | 
                
                  |  |  | @977 | 17 years | geofft | Suppress writing .viminfo file | 
                
                  |  |  | @975 | 17 years | geofft | eastgate.mit.edu SSL cert and conf [help.mit.edu #792732] | 
                
                  |  |  | @974 | 17 years | andersk | Change sipb.mit.edu DocumentRoot to web_scripts/sipb. | 
                
                  |  |  | @973 | 17 years | geofft | Change default cert to *.scripts except for 18.181.0.43. | 
                
                  |  |  | @972 | 17 years | geofft | Uncommitted changes to httpd.conf.
These seem to involve performance ... | 
                
                  |  |  | @971 | 17 years | andersk | Get rid of the custom sipb.mit.edu aliases. | 
                
                  |  |  | @970 | 17 years | andersk | Change the IP for scripts.mit.edu and add scripts-vhosts.mit.edu. | 
                
                  |  |  | @969 | 17 years | andersk | Add scripts-vhosts. | 
                
                  |  |  | @968 | 17 years | andersk | Add 18.181.0.43 and scripts-vhosts.mit.edu. | 
                
                  |  |  | @967 | 17 years | geofft | oops | 
                
                  |  |  | @966 | 17 years | geofft | Add new scripts.mit.edu IP address | 
                
                  |  |  | @963 | 17 years | quentin | Add vhost entry for picker.mit.edu so it picks up its cert | 
                
                  |  |  | @962 | 17 years | geofft | SSL cert for picker.mit.edu | 
                
                  |  |  | @961 | 17 years | quentin | Add scripts LDAP schema to the repo | 
                
                  |  |  | @953 | 17 years | andersk | Revert r952. | 
                
                  |  |  | @952 | 17 years | quentin | Serve sipb.mit.edu wiki content directly via Apache | 
                
                  |  |  | @948 | 17 years | quentin | Try hostbased authentication in the client | 
                
                  |  |  | @947 | 17 years | quentin | Add shosts.equiv for allowing logins | 
                
                  |  |  | @946 | 17 years | quentin | Allow ssh hostbased authentication | 
                
                  |  |  | @943 | 17 years | geofft | Hacks because Apache makes things hard at the .htaccess level. | 
                
                  |  |  | @942 | 17 years | geofft | debathena.mit.edu vhost | 
                
                  |  |  | @941 | 17 years | geofft | cert for debathena.mit.edu | 
                
                  |  |  | @940 | 17 years | geofft | Whoops, forgot to reify-vhost.py sipb.mit.edu | 
                
                  |  |  | @939 | 17 years | geofft | Setting tty modes failed: Invalid argument | 
                
                  |  |  | @938 | 17 years | andersk | d_zroot.pl: Read .ssh/authorized_keys, not just authorized_keys2. ... | 
                
                  |  |  | @915 | 17 years | quentin | Support mDNS on scripts | 
                
                  |  |  | @914 | 17 years | quentin | Add if_err_eth2 to allowed munin commands (wtf?) | 
                
                  |  |  | @910 | 17 years | quentin | configuration for nss-ldapd | 
                
                  |  |  | @891 | 17 years | quentin | Add reuter to blocked mail accounts list, and prevent outbound mail | 
                
                  |  |  | @890 | 17 years | geofft | I think this works better | 
                
                  |  |  | @889 | 17 years | quentin | Fix geofft's typo | 
                
                  |  |  | @888 | 17 years | geofft | Display failed root logins from off campus only at 10+10k attempts. | 
                
                  |  |  | @887 | 17 years | quentin | Ignore non-fatal authentication failures | 
                
                  |  |  | @886 | 17 years | geofft | sipb.mit.edu certificate | 
                
                  |  |  | @885 | 17 years | geofft | and the vhosts they rode in on | 
                
                  |  |  | @884 | 17 years | geofft | More noms. | 
                
                  |  |  | @883 | 17 years | geofft | Re r882, make the resulting log zephyr public. (Thanks to price for ... | 
                
                  |  |  | @879 | 17 years | quentin | Update nscd configuration to cache smarter | 
                
                  |  |  | @878 | 17 years | quentin | Enable sshd verbose mode, so we can identify the public key used for login | 
                
                  |  |  | @877 | 17 years | quentin | Provide commented-out non-nss_nonlocal region in nsswitch | 
                
                  |  |  | @876 | 17 years | quentin | Uncommitted changes on b-k | 
                
                  |  |  | @872 | 17 years | geofft | forgot to fix SSLVerifyclient on familynet | 
                
                  |  |  | @870 | 17 years | geofft | yay SSL vhosts yay | 
                
                  |  |  | @869 | 17 years | geofft | SSLVerifyClient optional on port 444. Oops. ^_^;; | 
                
                  |  |  | @868 | 17 years | quentin | Ignore all partitions mounted under /mnt | 
                
                  |  |  | @867 | 17 years | quentin | Update postfix configuration for version 2.5.1 | 
                
                  |  |  | @866 | 17 years | quentin | Use scripts yum repository (yay!) | 
                
                  |  |  | @865 | 17 years | quentin | Use sudo to monitor hardware sensors for munin | 
                
                  |  |  | @864 | 17 years | quentin | Ignore f7root partitions when checking disk space | 
                
                  |  |  | @854 | 17 years | geofft | Add a script to convert LDAP vhosts into <VirtualHost> blocks,
so it's ... | 
                
                  |  |  | @853 | 17 years | andersk | Put the children out of their misery. | 
                
                  |  |  | @847 | 17 years | andersk | Run munin as an unprivileged user with sudo for root access when necessary | 
                
                  |  |  | @845 | 17 years | andersk | Use the local LDAP server (as is already the case on both servers). | 
                
                  |  |  | @842 | 17 years | andersk | Run php directly from suexec, so php scripts don’t need to be executable. | 
                
                  |  |  | @841 | 17 years | geofft | [help.mit.edu #694790] | 
                
                  |  |  | @831 | 17 years | andersk | MaxRequestsPerChild < Ridiculous | 
                
                  |  |  | @829 | 17 years | geofft | Debathena's reasoning seems sound enough. Add fuse_allow_other, which ... | 
                
                  |  |  | @822 | 17 years | geofft | OM NOM NOM NOM CERTIFICATES | 
                
                  |  |  | @821 | 17 years | geofft | I'm stupid. | 
                
                  |  |  | @820 | 17 years | geofft | Add server certS for random-hall.mit.edu and mitsoc.mit.edu | 
                
                  |  |  | @817 | 17 years | geofft | Added code to zephyr on OOM kills.
Also commented out a change by ... | 
                
                  |  |  | @814 | 17 years | geofft | As Anders would say... | 
                
                  |  |  | @813 | 17 years | geofft | This looks useful too | 
                
                  |  |  | @811 | 17 years | quentin | Add localhost to the list of scripts names | 
                
                  |  |  | @808 | 17 years | geofft | Probably a useful file to have. | 
                
                  |  |  | @807 | 17 years | quentin | Add routes for sql via eth1 | 
                
                  |  |  | @804 | 17 years | andersk | We don't actually have a deb.gif. | 
                
                  |  |  | @802 | 17 years | andersk | Allow a directory index of /__scripts/icons. | 
                
                  |  |  | @801 | 17 years | geofft | /etc: Add pki/tls/certs/*.pem to the repository. | 
                
                  |  |  | @799 | 17 years | geofft | Uncommitted changes from o-f: reboot on kernel panic (do we actually ... | 
                
                  |  |  | @794 | 17 years | quentin | Update sudoers based on F9 template | 
                
                  |  |  | @792 | 17 years | quentin | We don't share /tmp (eeew) | 
                
                  |  |  | @791 | 17 years | quentin | Add bees-knees and cats-whiskers to /etc/hosts | 
                
                  |  |  | @790 | 17 years | geofft | Oops, missed scripts-test's IP. | 
                
                  |  |  | @789 | 17 years | geofft | Update names for scripts[1-4] | 
                
                  |  |  | @787 | 17 years | geofft | Fix some stuff about our iptables rules, including:
- Remove ACCEPT ... | 
                
                  |  |  | @784 | 17 years | quentin | Use explicit recipients for non-root log messages | 
                
                  |  |  | @783 | 17 years | geofft | Make d_zroot.pl zephyr people in the .k5login in personals | 
                
                  |  |  | @781 | 17 years | quentin | munin needs to start as root so it can setuid to run the script; it ... | 
                
                  |  |  | @780 | 17 years | geofft | Munin should not run as root.
Remove munin's htpasswd file, since it's ... | 
                
                  |  |  | @779 | 17 years | geofft | mod_status is a serious privacy violation. | 
                
                  |  |  | @778 | 17 years | geofft | This list is a little better | 
                
                  |  |  | @777 | 17 years | geofft | Add more sysnames to differentiate between OS releases, and add the ... | 
                
                  |  |  | @775 | 17 years | geofft | Version nscd.conf, and reduce the negative TTL to 5 seconds to solve ... | 
                
                  |  |  | @770 | 17 years | quentin | Stop more spew; parse ssh keys and identify the used key when ... | 
                
                  |  |  | @768 | 17 years | geofft | Commented out scripts-spew. It is inappropriate to send syslogs about ... | 
                
                  |  |  | @759 | 17 years | quentin | Tweak httpd settings | 
                
                  |  |  | @758 | 17 years | quentin | Avoid spew in cases of serious error | 
                
                  |  |  | @757 | 17 years | quentin | Add AFS monitoring to Nagios | 
                
                  |  |  | @755 | 17 years | andersk | Oops, missed a spot. | 
                
                  |  |  | @754 | 17 years | andersk | Use the scripts private key for *.scripts as well (the previous ... | 
                
                  |  |  | @751 | 17 years | andersk | Configure nsswitch.conf to use nss_nonlocal. | 
                
                  |  |  | @749 | 17 years | andersk | Nope.  Don't care. | 
                
                  |  |  | @740 | 17 years | andersk | Update SSL configuration directives from Fedora's ssl.conf.  Notably, ... | 
                
                  |  |  | @739 | 17 years | andersk | spew-- | 
                
                  |  |  | @738 | 17 years | andersk | SHUT.  THE.  FUCK.  UP. | 
                
                  |  |  | @734 | 18 years | andersk | Turn on KeepAlive for SSL and increase timeouts, to avoid pathological ... | 
                
                  |  |  | @715 | 18 years | quentin | Allow syn to access nrpe through iptables | 
                
                  |  |  |