- ******************************************************************************
- * *
- * george system log *
- * *
- ******************************************************************************
- * Please add new entries in reverse chronological order whenever you make *
- * changes to this system (first command at top, last at bottom) *
- ******************************************************************************
- 2010-01-12 - dkg
- * aptitude update && aptitude full-upgrade (including monkeysphere
- 0.27-1)
- 2009-10-26 - dkg
- * upgrade nginx in response to DSA-1920-1
-
- 2009-09-14 - dkg
- * aptitude update && aptitude full-upgrade (bunch of lenny
- updates, plus ikiwiki security upgrade)
-
- 2009-04-21 - jrollins
- * apt-get update && dist-upgrade (a bunch of stuff (monkeysphere,
- screen, gnupg, dash, onak, git-core...)
- * extended host key by 3 months
-
- 2009-04-21 - micah
- * aptitude update && aptitude full-upgrade (git-core DSA)
-
- 2009-04-12 - dkg
- * aptitude update && aptitude full-upgrade
- * (checked and found that monkeysphere version 0.24-1 is already
- installed; don't know how that happened, coulda been me, just
- sloppy about not noting it in the changelog)
- * extended host key by 4 months
-
- 2009-02-22 - jrollins
- * fixed /etc/crontab line for update-users (was trying to run
- monkeysphere-server instead of monkeysphere-authentication).
- 2009-02-21 - dkg
- * upgraded to the latest versions of packages for lenny.
- * upgraded george to monkeysphere 0.23.1. the transition upgrade
- failed due to the way that gpg exports self-signatures secret
- keys; it only exports the first self-sig for each user id, even if
- that one is expired. Then any subsequent import fails, even if
- the target import keyring knows about some valid self-signatures.
- * i man-handled the upgrade into place so that george doesn't just
- fail on us, but this is a pretty major bug in the transition process.
-
- 2009-01-31 - jrollins
- * applied diff represented in commit
- f75a5747a8b99e04c02c475791c476f1fbd2b674 to change log level for
- unacceptable untranslatable keys.
- 2009-01-30 - micah
- * Replaced nullmailer with postfix, nullmailer doesn't handle aliases
- and insisted either on constantly respooling mail when there was no
- where to go.
- 2009-01-24 - micah
- * Configured /etc/aliases to have root go to mjgoins, micah, dkg, jrollins
- * Configured /etc/nullmailer/remotes to have mail.riseup.net so remote delivery will work
- * Removed the hundreds of queued cron emails that had resulted in 30gig of mail.err logs
- * Rotated the giant logs out
- 2009-01-11 - dkg
- * extended the expiration date for george's key three months into
- the future.
- * aptitude update && aptitude full-upgrade (brings monkeysphere to
- 0.22-1)
-
- 2008-10-29 - dkg
- * aptitude update && aptitude full-upgrade
- * brought monkeysphere up to 0.19-1
- * removed tasksel
-
- 2008-10-25 - dkg
- * aptitude update && aptitude full-upgrade
- * brought monkeysphere up to 0.16-1
- * repointed keyserver usage to pool.sks-keyservers.net
-
- 2008-09-04 - dkg
- * added two mime-type declarations in /etc/mathopd.conf so .debs
- and .tar.gz files come out reasonably; restarted mathopd for the
- re-read.
- * built monkeyshell (from src/monkeyshell) and installed as
- /usr/local/bin/monkeyshell, added to /etc/shells.
- * created new account "monkey" which has monkeyshell as the shell
- for non-privileged test access. To let someone test this out,
- make sure they're well-connected to george's web of trust, and
- then add their User ID to
- ~monkey/.monkeysphere/authorized_user_ids
- * more mime types for mathopd: image/png image/x-icon
-
- 2008-09-03 - micah
- * migrated /home/*/.config/monkeysphere/authorized_user_ids to new
- agreed location: /home/*/.monkeysphere/authorized_user_ids and created
- a symlink in the original location for transition purposes. Also,
- did /root's as well. I used this hackish mechanism:
- $ for user in `find . -wholename './*/.config/monkeysphere/authorized_user_ids' \
- | cut -d/ -f2`; do mkdir -v ${user}/.monkeysphere; chown ${user}:${user} \
- ${user}/.monkeysphere; mv -v ${user}/.config/monkeysphere/authorized_user_ids \
- ${user}/.monkeysphere; ln -s /home/${user}/.monkeysphere/authorized_user_ids \
- ${user}/.config/monkeysphere/authorized_user_ids; done
- - dkg
- * added the monkeysphere archive repository signing key
- * aptitude update && aptitude full-upgrade (brings in monkeysphere 0.13-1)
- * cleaned up /etc/skel to reflect correct location of the
- monkeysphere config directory.
- * micah moved all the existing config stuff over, and left
- symlinks so people aren't disoriented.
-
- 2008-09-01 - dkg
- * set up http://dkg.monkeysphere.info so that i could play around
- with ikiwiki updates
- * moved apt repository over to http://archive.monkeysphere.info/
- * aptitude update && aptitude dist-upgrade
- * canonicalizing hostname for normal web access to
- http://web.monkeysphere.info
-
- 2008-08-26 - dkg
- * aptitude update && aptitude full-upgrade
- * added account 'daniel' for Dan Scott, and set him up with a way
- to publish to http://daniel.monkeysphere.info
-
- 2008-08-20 - dkg
- * aptitude update && aptitude dist-upgrade: this includes
- monkeysphere 0.11-1 and OpenSSH 5.1p1-2
-
- 2008-08-18 - dkg
- * moved monkeysphere apt repo entry to
- /etc/apt/sources.list.d/monkeysphere.list
- * aptitude update && aptitude full-upgrade (including monkeysphere
- 0.9-1)
- * switched george's monkeysphere-server preferred keyserver to
- monkeysphere.info for the moment. Both pgp.mit.edu and
- subkeys.pgp.net are sluggish right now :/
-
- 2008-08-16 - jrollins
- * removed stale branches from jrollins from the master repo
- * aptitude update && aptitude full-upgrade
- * restarted services to clear up dependencies on old libraries
-
- 2008-08-13 - dkg
- * aptitude update && aptitude full-upgrade
- * restarted services to clear up dependencies on old libraries
-
- 2008-08-07 - dkg
- * aptitude update && aptitude dist-upgrade
- * removed debian's experimental from the sources.list
- * removed experimental stanza from /etc/apt/preferences (now the
- monkeysphere packages should upgrade automatically)
- * upgraded to monkeysphere 0.7-1
- * installed runit
- * set up a public git daemon service to serve git repos from
- george, using runit. (root-served repos are served from
- /srv/git, but ~USER/public_git is supported as well, if anyone
- wants to use that for publication).
-
- 2008-08-03 - dkg
- * aptitude update && aptitude dist-upgrade
- * installed iproute
- * added my User ID to ~webmaster/.config/monkeysphere/authorized_user_ids
- 2008-08-02 - jrollins
- * aptitude update && aptitude dist-upgrade
- * restarted cron, nullmailer, sshd
- * aptitude install git-core ikiwiki
- * adduser webmaster
- * su - webmaster
- * created a bare repo at ~webmaster/monkeysphere.git. I then
- pushed into this repo from my working directory on servo to verify
- that it was accepting.
- * cloned above repo at ~webmaster/monkeysphere
- * created ~webmaster/ikiwiki.setup
- * ikiwiki --setup ikiwiki.setup
- * linked post-receive to new post-commit hook in monkeysphere.git
- * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net
- blows)
- * updated /etc/skel with ssh and monkeysphere stuff
- * made authorzied_user_ids file for webmaster and ran
- "monkeysphere-server u webmaster".
-
- 2008-06-23 - dkg
- * added monkeysphere apt repository to /etc/apt/sources.list
- * added dkg's key to apt's list of trusted keys.
- * ran aptitude dist-upgrade
- * upgraded to monkeysphere 0.2-1
- * moved authorized_user_ids files into users' home directories.
- * installed lockfile-progs
-
- 2008-06-22 - dkg
- * installed screen (mjgoins and i were collaborating)
-
- 2008-06-21 - micah
- * Restored /etc/init.d/ssh to original package state and changed
- /etc/default/ssh to have 'unset SSHD_OOM_ADJUST' instead.
-
- 2008-06-20 - micah
- * Commented out the 'export SSHD_OOM_ADJUST=-17' from the
- /etc/init.d/ssh initscript, and the 'SSHD_OOM_ADJUST=-17' from
- /etc/default/ssh in order to make this error go away:
- "error writing /proc/self/oom_adj: Operation not permitted"
- (c.f. Debian #487325)
-
- 2008-06-20 - dkg
- * touched /etc/environment to get rid of some spurious auth.log
- entries.
- * turned up sshd's LogLevel from INFO to DEBUG
-
- 2008-06-19 - dkg
- * installed rsync (for maintaining a public apt repo)
-
- * configured mathopd to listen on port 80, serving /srv/www as /
- and /srv/apt as /debian. We've got nothing in /srv/www at the
- moment, though.
- * installed lsof and psmisc as sysadmin utilities. sorry for the
- bloat!
- * installed strace to try to figure out why onak is segfaulting.
-
- 2008-06-19 - dkg
- * removed etch sources, switched "testing" to "lenny", added
- lenny/updates, removed all contrib and non-free.
-
- * removed testing pin in /etc/apt/preferences
- * ran the upgrade
-
- * reset emacs22 to emacs22-nox (avoiding dependencies)
-
- * removed sysklog and klogd because of errors restarting klogd.
- Installed syslog-ng in their stead, which still gives errors
- related to /proc/kmsg unreadability, but the install completes :/
-
- * added experimental
- * juggled pinning: experimental: 1, unstable: 2
- * added mathopd onak, tweaked /etc/mathopd.conf and /etc/onak.conf
-
- * installed monkeysphere v0.1-1, changed host key, published
- them via the local keyserver (see host-key-publication)
- * added local unprivileged user accounts for everyone listed in
- /usr/share/doc/monkeysphere/copyright
- * configured authorized_user_ids for every user account based on
- my best guess at their OpenPGP User ID (see
- user-id-configuration).
- * set up a cronjob (in /etc/crontab) to run "monkeysphere-server
- update-users" at 26 minutes past the hour.
-
- 2008-06-18 - jrollins
- * installed less, emacs;
- * aptitude update && aptitude dist-upgrade
- 2008-06-18 - micah
- * debootstrap'd debian etch install
- * installed /etc/apt/sources.list with local proxy sources for etch,
- testing, unstable, backports and volatile
- * configured /etc/apt/preferences and apt.conf.d/local-conf to
- pin etch, but make testing, sid and backports available
- * added backports.org apt-key
- * installed openssh-server and openssh-client packages
- * added dkg, jrollins, mjgoins ssh public_keys to /root/.ssh/authorized_keys
|