All:
----
Add a section in the cf.services.file for netatalk.
Move all the fake domains to bind/fake from bind/pri.
Add squid support: Search /etc/squid.conf for "YOUR OWN RULE" and add "acl localnet src $(LOCALNET)" and "http_access allow localnet".
Add integrit support: Remove all relevant comments in /etc/integrit/integrit.conf and "# ! " in /etc/cron.daily.integrit.
Implement meta-hints about filesharing: ftp should use "-l" and "~ users" when default users are dummy users. And the local user-init, adduser.local and deluser.local should be generic.
Figure out if bind or bind9 is installed as nameserver (currently both are reloaded, which is non-optimal and _can_ lead to errors)
Calibrate max open files based on available memory (as suggested at http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap6sec72.html and http://www.xenoclast.org/doc/benchmark/HTTP-benchmarking-HOWTO/node7.html):
	FILEMAX = (INSTALLED_RAM*256)/4
	/etc/sysctl.conf: fs.file-max = FILEMAX
	/etc/security/limits.conf: * soft nofile 1024
	/etc/security/limits.conf: * hard nofile FILEMAX
Use m4 to make sharefiles and cfengine cleanup files for samba.
Move zonefiles out of local-COMMON and into separate CVS modules.
Check that m4 is installed before using it in cfengine!
Figure out a smarter way to do the following on the command line:
 for host in xayide coreander jawa.homebase.dk gmork satsbutikken ida cherry.107b.dk tulle; do fping $host && ssh -t ${host/tulle/tulle -p 53} "for dir in /etc/local-COMMON /usr/local/bin /usr/local/sbin; do (cd \$dir && cvs update -dP); done; /etc/cfengine/cfengine.conf -q; /etc/local-COMMON/postfix/postfix.sh"; done

Xenux: 
------
Finish the cf.services.fai file

DONE:
-----
samba/netlogon/common.bat is XENUX-centric
Correct dns (and other places like samba?) to use FQDN, not only host.
Move all domain files to local-COMMON