******************************************************************************
*                                                                            *
*               	george system log		                     *
*                                                                            *
******************************************************************************
*  Please add new entries in reverse chronological order whenever you make   *
*  changes to this system (first command at top, last at bottom)             *
******************************************************************************
2009-02-22 - jrollins
	* fixed /etc/crontab line for update-users (was trying to run
	monkeysphere-server instead of monkeysphere-authentication).

2009-02-21 - dkg
	* upgraded to the latest versions of packages for lenny.
	* upgraded george to monkeysphere 0.23.1.  the transition upgrade
	failed due to the way that gpg exports self-signatures secret
	keys; it only exports the first self-sig for each user id, even if
	that one is expired.  Then any subsequent import fails, even if
	the target import keyring knows about some valid self-signatures.
	* i man-handled the upgrade into place so that george doesn't just
	fail on us, but this is a pretty major bug in the transition process.
	
2009-01-31 - jrollins
	* applied diff represented in commit
	f75a5747a8b99e04c02c475791c476f1fbd2b674 to change log level for
	unacceptable untranslatable keys.

2009-01-30 - micah
	* Replaced nullmailer with postfix, nullmailer doesn't handle aliases
	  and insisted either on constantly respooling mail when there was no
	  where to go. 

2009-01-24 - micah
	* Configured /etc/aliases to have root go to mjgoins, micah, dkg, jrollins
	* Configured /etc/nullmailer/remotes to have mail.riseup.net so remote delivery will work
	* Removed the hundreds of queued cron emails that had resulted in 30gig of mail.err logs
	* Rotated the giant logs out 

2009-01-11 - dkg
	* extended the expiration date for george's key three months into
	the future.
	* aptitude update && aptitude full-upgrade (brings monkeysphere to
	0.22-1)
	
2008-10-29 - dkg
	* aptitude update && aptitude full-upgrade
	* brought monkeysphere up to 0.19-1
	* removed tasksel
	
2008-10-25 - dkg
	* aptitude update && aptitude full-upgrade
	* brought monkeysphere up to 0.16-1
	* repointed keyserver usage to pool.sks-keyservers.net
	
2008-09-04 - dkg
	* added two mime-type declarations in /etc/mathopd.conf so .debs
	  and .tar.gz files come out reasonably; restarted mathopd for the
	  re-read.
	* built monkeyshell (from src/monkeyshell) and installed as
	  /usr/local/bin/monkeyshell, added to /etc/shells.
	* created new account "monkey" which has monkeyshell as the shell
	  for non-privileged test access.  To let someone test this out,
	  make sure they're well-connected to george's web of trust, and
	  then add their User ID to
	  ~monkey/.monkeysphere/authorized_user_ids
	* more mime types for mathopd: image/png image/x-icon
	
2008-09-03 - micah
	* migrated /home/*/.config/monkeysphere/authorized_user_ids to new
	agreed location: /home/*/.monkeysphere/authorized_user_ids and created
	a symlink in the original location for transition purposes. Also,
	did /root's as well. I used this hackish mechanism:
	$ for user in `find . -wholename './*/.config/monkeysphere/authorized_user_ids' \
	| cut -d/ -f2`; do mkdir -v ${user}/.monkeysphere; chown ${user}:${user} \
	${user}/.monkeysphere; mv -v ${user}/.config/monkeysphere/authorized_user_ids \
	${user}/.monkeysphere; ln -s /home/${user}/.monkeysphere/authorized_user_ids \
	${user}/.config/monkeysphere/authorized_user_ids; done

	   - dkg
	* added the monkeysphere archive repository signing key
	* aptitude update && aptitude full-upgrade (brings in monkeysphere 0.13-1)
	* cleaned up /etc/skel to reflect correct location of the
	  monkeysphere config directory.
	* micah moved all the existing config stuff over, and left
	  symlinks so people aren't disoriented.
	
2008-09-01 - dkg
	* set up http://dkg.monkeysphere.info so that i could play around
	  with ikiwiki updates
	* moved apt repository over to http://archive.monkeysphere.info/
	* aptitude update && aptitude dist-upgrade
	* canonicalizing hostname for normal web access to
	  http://web.monkeysphere.info
	
2008-08-26 - dkg
	* aptitude update && aptitude full-upgrade
	* added account 'daniel' for Dan Scott, and set him up with a way
	  to publish to http://daniel.monkeysphere.info
	
2008-08-20 - dkg
	* aptitude update && aptitude dist-upgrade: this includes
	  monkeysphere 0.11-1 and OpenSSH 5.1p1-2
	
2008-08-18 - dkg
	* moved monkeysphere apt repo entry to
	  /etc/apt/sources.list.d/monkeysphere.list
	* aptitude update && aptitude full-upgrade (including monkeysphere
	  0.9-1)
	* switched george's monkeysphere-server preferred keyserver to
	  monkeysphere.info for the moment.  Both pgp.mit.edu and
	  subkeys.pgp.net are sluggish right now :/
	
2008-08-16 - jrollins
	* removed stale branches from jrollins from the master repo
	* aptitude update && aptitude full-upgrade
	* restarted services to clear up dependencies on old libraries
	
2008-08-13 - dkg
	* aptitude update && aptitude full-upgrade
	* restarted services to clear up dependencies on old libraries
	
2008-08-07 - dkg
	* aptitude update && aptitude dist-upgrade
	* removed debian's experimental from the sources.list
	* removed experimental stanza from /etc/apt/preferences (now the
	  monkeysphere packages should upgrade automatically)
	* upgraded to monkeysphere 0.7-1
	* installed runit
	* set up a public git daemon service to serve git repos from
	  george, using runit. (root-served repos are served from
	  /srv/git, but ~USER/public_git is supported as well, if anyone
	  wants to use that for publication).
	
2008-08-03 - dkg
	* aptitude update && aptitude dist-upgrade
	* installed iproute
	* added my User ID to ~webmaster/.config/monkeysphere/authorized_user_ids

2008-08-02 - jrollins
	* aptitude update && aptitude dist-upgrade
	* restarted cron, nullmailer, sshd
	* aptitude install git-core ikiwiki
	* adduser webmaster
	* su - webmaster
	* created a bare repo at ~webmaster/monkeysphere.git.  I then
	pushed into this repo from my working directory on servo to verify
	that it was accepting.
	* cloned above repo at ~webmaster/monkeysphere
	* created ~webmaster/ikiwiki.setup
	* ikiwiki --setup ikiwiki.setup
	* linked post-receive to new post-commit hook in monkeysphere.git
	* changed default keyserver to be pgp.mit.edu (subkeys.pgp.net
	blows)
	* updated /etc/skel with ssh and monkeysphere stuff
	* made authorzied_user_ids file for webmaster and ran
	"monkeysphere-server u webmaster".
	
2008-06-23 - dkg
	* added monkeysphere apt repository to /etc/apt/sources.list
	* added dkg's key to apt's list of trusted keys.
	* ran aptitude dist-upgrade
	* upgraded to monkeysphere 0.2-1
	* moved authorized_user_ids files into users' home directories.
	* installed lockfile-progs
	
2008-06-22 - dkg
	* installed screen (mjgoins and i were collaborating)
	
2008-06-21 - micah
	* Restored /etc/init.d/ssh to original package state and changed
	/etc/default/ssh to have 'unset SSHD_OOM_ADJUST' instead.
	
2008-06-20 - micah
	* Commented out the 'export SSHD_OOM_ADJUST=-17' from the
	/etc/init.d/ssh initscript, and the 'SSHD_OOM_ADJUST=-17' from
	/etc/default/ssh in order to make this error go away:
	"error writing /proc/self/oom_adj: Operation not permitted"
	(c.f. Debian #487325)
	
2008-06-20 - dkg
	* touched /etc/environment to get rid of some spurious auth.log
	entries.
	* turned up sshd's LogLevel from INFO to DEBUG
	
2008-06-19 - dkg
	* installed rsync (for maintaining a public apt repo)
	
	* configured mathopd to listen on port 80, serving /srv/www as /
	and /srv/apt as /debian.  We've got nothing in /srv/www at the
	moment, though.

	* installed lsof and psmisc as sysadmin utilities.  sorry for the
	bloat!

	* installed strace to try to figure out why onak is segfaulting.
	
2008-06-19 - dkg
	* removed etch sources, switched "testing" to "lenny", added
	lenny/updates, removed all contrib and non-free.
	
	* removed testing pin in /etc/apt/preferences
	* ran the upgrade
	
	* reset emacs22 to emacs22-nox (avoiding dependencies)
	
	* removed sysklog and klogd because of errors restarting klogd.
	Installed syslog-ng in their stead, which still gives errors
	related to /proc/kmsg unreadability, but the install completes :/
	
	* added experimental
	* juggled pinning: experimental: 1, unstable: 2	
	* added mathopd onak, tweaked /etc/mathopd.conf and /etc/onak.conf
	
	* installed monkeysphere v0.1-1, changed host key, published
	them via the local keyserver (see host-key-publication)

	* added local unprivileged user accounts for everyone listed in
	/usr/share/doc/monkeysphere/copyright

	* configured authorized_user_ids for every user account based on
	my best guess at their OpenPGP User ID (see
	user-id-configuration).

	* set up a cronjob (in /etc/crontab) to run "monkeysphere-server
	update-users" at 26 minutes past the hour.
	
2008-06-18 - jrollins
	* installed less, emacs;
	* aptitude update && aptitude dist-upgrade

2008-06-18 - micah
	* debootstrap'd debian etch install
	* installed /etc/apt/sources.list with local proxy sources for etch,
	  testing, unstable, backports and volatile
	* configured /etc/apt/preferences and apt.conf.d/local-conf to
	  pin etch, but make testing, sid and backports available
	* added backports.org apt-key
	* installed openssh-server and openssh-client packages
	* added dkg, jrollins, mjgoins ssh public_keys to /root/.ssh/authorized_keys