Fd.o status from Daniels S.
Jim Gettys
Jim.Gettys at hp.com
Fri Nov 19 08:00:19 PST 2004
<daniels> ok
<daniels> we now have two machines, gabe and kara. tycho is still
pending reinstallation.
<daniels> kara is running an ldap server, with userdir-ldap from debian.
very good, very clean solution.
<daniels> we're at the stage where we have working authentication, mail,
everything from ldap
<daniels> what we need to do at this stage is automate the process with
two cronjobs and some ssh keys, so it gets propagated
<daniels> when that's done, we can start mass-adding all the original
committers
<daniels> the current scripts depend on a gnupg key, and I'm honestly
not terribly inclined to change it
<daniels> uninterested in enforcing a web of trust (debian has massive
trouble doing so, and it's ~1k devs)
<daniels> but just forcing a gpg key is sane policy imo
<daniels> this system allows us to do proper machine ACLs
<daniels> so we can say 'this user has access to these hosts, everyone
in this group has access to this host', etc
<daniels> very, very good system
<daniels> bugzilla is up in rw and i'll add the /bugzilla/* redirects
later today
<daniels> pserver is already running iirc
<daniels> that's about it
<jg_> ok. Thanks.
<daniels> no worries
<daniels> no worries
<jg_> I see viewcvs is up as well.
<daniels> ah, yeah
<daniels> myself and adam have been bringing apache2 up with a sensible
configuration
<daniels> carl has been looking at moin
<jg_> I'll note that bugs.freedesktop.org is preferred for links into
bugzilla in the future.... Presumably we'll rewrite the URL properly
and redirect for old freedesktop/bugzilla URL's.
<daniels> yeah
<daniels> it'll be a permanent RedirectMatch
<jg_> the CVS repository is the 10/15 one?
<daniels> aiui, yes
<daniels> keithp set pserver up
<daniels> i haven't touched that side of the world -- being doing ldap
(mainly), mail, a2, basic setup; actually everything but pserver and
moin
<jg_> so everyone should do diffs to see if anything is messed with....
<daniels> yeah
<daniels> if people want to email me their GPG and SSH keys, I can start
adding accounts as soon as I finish work
<jg_> OK; we need to ensure no private keys happened to be in people's
home directories...
<jg_> it is easy to make that mistake.
<daniels> no gpg private keys
<daniels> of the X guys, egbert has an SSH privkey
<jg_> sigh...<daniels> mmm
<jg_> he'll have to presume it can be attacked, unless he's really good
at selecting passwords...
<daniels> right
More information about the release-wranglers
mailing list