summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
root [Tue, 5 May 2009 16:20:22 +0000 (18:20 +0200)]
Merge commit 'origin/template' into www
* commit 'origin/template':
rsyslog: Use another format for forwarding messages.
ssh: Disable changing of the oom_adj value.
ssh: Add default initscript configuration.
Matthijs Kooijman [Tue, 5 May 2009 16:09:52 +0000 (18:09 +0200)]
rsyslog: Use another format for forwarding messages.
The syslog protocol 23 format seems to be broken in rsyslog for messages
that were originally generated by legacy applications (i.e., do not have
a structured-data field).
See http://bugzilla.adiscon.com/show_bug.cgi?id=125
Matthijs Kooijman [Tue, 5 May 2009 15:07:10 +0000 (17:07 +0200)]
ssh: Disable changing of the oom_adj value.
This value is meant for making sure ssh is never killed by the oom
killer, but that is not allowed inside vservers.
Matthijs Kooijman [Tue, 5 May 2009 15:06:45 +0000 (17:06 +0200)]
ssh: Add default initscript configuration.
root [Tue, 5 May 2009 14:26:48 +0000 (16:26 +0200)]
Merge commit 'origin/template' into www
* commit 'origin/template':
rsyslog: Make the main queue disk-assisted as well.
rsyslog: Enable queuing of log messages.
nss: Add some comments.
rsyslog: Send all logs to the log vserver.
rsyslog: Move all rsyslog log files into a subdir.
rsyslog: Update logrotate config to new rsyslog config.
rsyslog: Add default logrotate config.
rsyslog: Disable logging of kernel messages.
rsyslog: Enable loggin of mark lines.
rsyslog: Clean up rsyslog configuration.
rsyslog: Add default configuration.
pam: Add pam_permit to the auth section of chfn.
nss: Update to use our custom LDAP schema.
apt: Set the Default-Release to "stable".
pam: Let pam.d/cron include common-account.
pam: Let pam.d/su include common{account,session}.
pam: Make common-account also support unix users.
pam: Add .so to module names in pam.d/other.
Matthijs Kooijman [Tue, 5 May 2009 13:55:27 +0000 (15:55 +0200)]
rsyslog: Make the main queue disk-assisted as well.
Matthijs Kooijman [Tue, 5 May 2009 13:07:22 +0000 (15:07 +0200)]
rsyslog: Enable queuing of log messages.
This prevents messages from getting lost when the log vserver is
temporarily unavailable.
Matthijs Kooijman [Tue, 5 May 2009 09:17:28 +0000 (11:17 +0200)]
nss: Add some comments.
Matthijs Kooijman [Tue, 5 May 2009 08:52:30 +0000 (10:52 +0200)]
rsyslog: Send all logs to the log vserver.
This happens in addition to local logging.
Matthijs Kooijman [Tue, 5 May 2009 08:17:52 +0000 (10:17 +0200)]
rsyslog: Move all rsyslog log files into a subdir.
This allows us to use *.log in the logrotate configuration, without
conflicting with logfiles not created by rsyslog.
Matthijs Kooijman [Mon, 4 May 2009 20:41:06 +0000 (22:41 +0200)]
rsyslog: Update logrotate config to new rsyslog config.
Matthijs Kooijman [Mon, 4 May 2009 20:37:56 +0000 (22:37 +0200)]
rsyslog: Add default logrotate config.
Matthijs Kooijman [Mon, 4 May 2009 20:31:27 +0000 (22:31 +0200)]
rsyslog: Disable logging of kernel messages.
The vservers won't have access to the kernel messages anyway.
Matthijs Kooijman [Mon, 4 May 2009 20:26:54 +0000 (22:26 +0200)]
rsyslog: Enable loggin of mark lines.
Matthijs Kooijman [Mon, 4 May 2009 20:00:15 +0000 (22:00 +0200)]
rsyslog: Clean up rsyslog configuration.
This removes some commented out lines, and reorganizes the existing
logfiles to be more consistent.
Matthijs Kooijman [Mon, 4 May 2009 19:50:28 +0000 (21:50 +0200)]
rsyslog: Add default configuration.
Matthijs Kooijman [Fri, 24 Apr 2009 19:39:58 +0000 (21:39 +0200)]
php: Add a vim filetype to php5.ini.local.
Matthijs Kooijman [Fri, 24 Apr 2009 19:39:09 +0000 (21:39 +0200)]
php: Display errors in the log, not to the client.
Matthijs Kooijman [Fri, 24 Apr 2009 19:38:11 +0000 (21:38 +0200)]
php: Add a local configuration override file.
Matthijs Kooijman [Fri, 24 Apr 2009 19:35:38 +0000 (21:35 +0200)]
addsite: Add some comments.
Matthijs Kooijman [Fri, 24 Apr 2009 19:33:33 +0000 (21:33 +0200)]
addsite: Run update-php.ini.
Matthijs Kooijman [Fri, 24 Apr 2009 19:18:37 +0000 (21:18 +0200)]
fastcgi: Enable php for evolution-events.nl.
Matthijs Kooijman [Fri, 17 Apr 2009 13:15:44 +0000 (15:15 +0200)]
system: Set hostname and mailname
Matthijs Kooijman [Wed, 15 Apr 2009 17:47:16 +0000 (19:47 +0200)]
phpldapadmin: Display displayName whenever possible.
Matthijs Kooijman [Wed, 15 Apr 2009 17:45:40 +0000 (19:45 +0200)]
phpldapadmin: Start autonumbering at 0, for uniqueNumber.
We want to use phpldapadmin's autonumber feature for uniqueNumbers as
well as uidNumbers. This makes sure that uniqueNumbers don't jump up to
1000.
Matthijs Kooijman [Mon, 13 Apr 2009 15:48:38 +0000 (17:48 +0200)]
pam: Add pam_permit to the auth section of chfn.
The chfn command did not work before, since it checks account as well as
auth.
Matthijs Kooijman [Mon, 13 Apr 2009 15:22:39 +0000 (17:22 +0200)]
nss: Update to use our custom LDAP schema.
This uses the uniqueMember attribute containing dns instead of the
memberUid attribute containing usernames for forming groups.
Additionally, it tells nss-ldap about our replacement for the posixGroup
objectClass.
Matthijs Kooijman [Mon, 13 Apr 2009 15:21:33 +0000 (17:21 +0200)]
apt: Set the Default-Release to "stable".
Matthijs Kooijman [Tue, 7 Apr 2009 20:38:37 +0000 (22:38 +0200)]
lighttpd: Re-enable cgi handling for gitweb.
This was accidentally disabled in a previous commit.
Matthijs Kooijman [Sun, 5 Apr 2009 09:21:12 +0000 (11:21 +0200)]
lighttpd: Load mod_auth before other modules.
Loading mod_auth last broke authentication on fastcgi enabled urls.
Matthijs Kooijman [Fri, 3 Apr 2009 11:30:11 +0000 (13:30 +0200)]
fastcgi: Add trac for stderr.nl.
Matthijs Kooijman [Fri, 3 Apr 2009 11:29:53 +0000 (13:29 +0200)]
fastcgi: Pass the site dir to each fastcgi daemon.
Matthijs Kooijman [Fri, 3 Apr 2009 11:28:56 +0000 (13:28 +0200)]
lighttpd: Update indigetes.stderr.nl to blues.
Also point the configuration at the new trac fcgi server.
Matthijs Kooijman [Fri, 3 Apr 2009 11:15:54 +0000 (13:15 +0200)]
lighttpd: Use a patched version of phpldapadmin.
root [Sun, 29 Mar 2009 21:40:00 +0000 (23:40 +0200)]
addsite: Give webmasters and www-data access to the data dir.
root [Sun, 29 Mar 2009 21:39:31 +0000 (23:39 +0200)]
lighttpd: Add configuration for weblog.ninniach.nl.
Matthijs Kooijman [Sun, 29 Mar 2009 19:36:45 +0000 (21:36 +0200)]
addsite: Give webmasters write access to the data dir.
Matthijs Kooijman [Sun, 29 Mar 2009 19:24:20 +0000 (21:24 +0200)]
fastcgi: Enable php for ninniach.nl.
Matthijs Kooijman [Sun, 29 Mar 2009 19:18:29 +0000 (21:18 +0200)]
lighttpd: Add configuration for ninniach.nl.
Matthijs Kooijman [Sun, 29 Mar 2009 19:18:02 +0000 (21:18 +0200)]
lighttpd: Enable phpldapadmin on stderr.nl/ldap.
Matthijs Kooijman [Sun, 29 Mar 2009 19:16:37 +0000 (21:16 +0200)]
lighttpd: Enable blosxom on www.stderr.nl/blosxom.
This is not the final configuration, but it should make blosxom work for
now.
Matthijs Kooijman [Sun, 29 Mar 2009 19:15:44 +0000 (21:15 +0200)]
lighttpd: Enable mod_setenv.
Matthijs Kooijman [Sun, 29 Mar 2009 19:15:12 +0000 (21:15 +0200)]
lighttpd: Add comment.
Matthijs Kooijman [Sun, 29 Mar 2009 16:18:18 +0000 (18:18 +0200)]
addsite: Create the directory properly.
Matthijs Kooijman [Sun, 29 Mar 2009 16:17:45 +0000 (18:17 +0200)]
addsite: Add www users and groups in their own OU's.
Matthijs Kooijman [Sun, 29 Mar 2009 15:50:10 +0000 (17:50 +0200)]
phpldapadmin: Make SSHA default password hashing.
Matthijs Kooijman [Sun, 29 Mar 2009 15:48:39 +0000 (17:48 +0200)]
Update the list of allowed shells.
Matthijs Kooijman [Sun, 29 Mar 2009 15:48:02 +0000 (17:48 +0200)]
phpldapadmin: User /home/%uid as homedir.
Matthijs Kooijman [Sun, 29 Mar 2009 15:47:10 +0000 (17:47 +0200)]
phpldapadmin: Add hostObject to new user accounts.
Matthijs Kooijman [Sun, 29 Mar 2009 14:56:29 +0000 (16:56 +0200)]
phpldapadmin: Add phpldapadmin configuration.
Matthijs Kooijman [Mon, 5 Jan 2009 14:49:34 +0000 (15:49 +0100)]
gitweb: Update the urls that gitweb publishes.
The http url no longer needs /git/ and ssh no longer needs
/data/vcs/git/.
Matthijs Kooijman [Mon, 5 Jan 2009 14:48:12 +0000 (15:48 +0100)]
lighttpd: Redirect git.stderr.nl/*.git to /data/vcs/git.
This replaces the symlink in the htdocs directory and removes the /git/
from the url.
Matthijs Kooijman [Mon, 5 Jan 2009 08:58:56 +0000 (09:58 +0100)]
lighttpd: Enable phpmyadmin on /mysql on all vhosts.
Matthijs Kooijman [Mon, 5 Jan 2009 08:56:22 +0000 (09:56 +0100)]
fastcgi: Enable php for stderr.nl
Matthijs Kooijman [Tue, 30 Dec 2008 23:00:45 +0000 (00:00 +0100)]
pam: Let pam.d/cron include common-account.
The changes to common-account make the custom account section of
pam.d/cron unneeded.
Matthijs Kooijman [Tue, 30 Dec 2008 22:58:24 +0000 (23:58 +0100)]
pam: Let pam.d/su include common{account,session}.
Since pam.d/other was removed, su was missing the account and session
entries and failed.
Matthijs Kooijman [Tue, 30 Dec 2008 22:56:17 +0000 (23:56 +0100)]
pam: Make common-account also support unix users.
This makes sure that common-account supports both unix users (from
passwd) and ldap users. A lot of services don't do real (password)
authentication, but do need to work for both ldap and unix users (cron,
su).
common-auth still only works for ldap users, since those are the only
ones with actual passwords.
Matthijs Kooijman [Tue, 30 Dec 2008 22:51:27 +0000 (23:51 +0100)]
pam: Add .so to module names in pam.d/other.
root [Tue, 30 Dec 2008 17:07:16 +0000 (18:07 +0100)]
Merge commit 'origin/template' into www
* commit 'origin/template':
pam: Deny everything in pam.d/other.
pam: Add default pam.d/other file.
pam: Fix pam configuration for cron.
pam: Don't allow console logins.
pam: Allow only root to change shells and user info.
pam: Add default pamd.d/{chfn,chsh,cron,login} files.
pam: Remove all but one line from pam.d/su.
pam: Add default pam.d/su file.
Matthijs Kooijman [Tue, 30 Dec 2008 16:04:28 +0000 (17:04 +0100)]
pam: Deny everything in pam.d/other.
Matthijs Kooijman [Tue, 30 Dec 2008 16:01:26 +0000 (17:01 +0100)]
pam: Add default pam.d/other file.
Matthijs Kooijman [Tue, 30 Dec 2008 15:50:45 +0000 (16:50 +0100)]
pam: Fix pam configuration for cron.
This allows non-ldap users (say, root) to use cron.
Matthijs Kooijman [Tue, 30 Dec 2008 10:38:15 +0000 (11:38 +0100)]
pam: Don't allow console logins.
We don't have a console on a vserver anyway...
Matthijs Kooijman [Tue, 30 Dec 2008 10:36:39 +0000 (11:36 +0100)]
pam: Allow only root to change shells and user info.
Since changing user info and shells for ldap users is not supported by
chfn and chsh anyway, and we have no real users that are not in ldap,
limiting this to just root makes sense.
Matthijs Kooijman [Tue, 30 Dec 2008 10:24:58 +0000 (11:24 +0100)]
pam: Add default pamd.d/{chfn,chsh,cron,login} files.
Matthijs Kooijman [Mon, 29 Dec 2008 19:03:51 +0000 (20:03 +0100)]
pam: Remove all but one line from pam.d/su.
The session modules seem useless, and the common files only include ldap
and don't know about root, so that only gives warnings when root is
trying to su.
This makes it impossible for non-root users to use su, but that's a
feature.
Matthijs Kooijman [Mon, 29 Dec 2008 19:03:15 +0000 (20:03 +0100)]
pam: Add default pam.d/su file.
Matthijs Kooijman [Wed, 17 Dec 2008 19:10:56 +0000 (20:10 +0100)]
system: Improve the permissions addsite sets.
Matthijs Kooijman [Wed, 17 Dec 2008 19:03:26 +0000 (20:03 +0100)]
lighttpd: Add initial configuration files.
Matthijs Kooijman [Wed, 17 Dec 2008 18:59:44 +0000 (19:59 +0100)]
system: Add acl-aware perl wrapper.
By default, permission checks in perl only use the normal mode bits,
instead of the access(2) function. Adding "use filetest 'access';" to
the program, or the equivalent "-mfiletest=access" to the commandline,
we get proper behaviour when ACLs are involved.
Matthijs Kooijman [Wed, 17 Dec 2008 18:58:27 +0000 (19:58 +0100)]
addsite: Give www-data read access to conf/ dirs.
root [Tue, 25 Nov 2008 00:12:10 +0000 (01:12 +0100)]
gitweb: Make gitweb publish http and ssh urls for every repos.
root [Tue, 25 Nov 2008 00:11:55 +0000 (01:11 +0100)]
gitweb: Point gitweb at /data/vcs/git.
root [Mon, 24 Nov 2008 23:26:25 +0000 (00:26 +0100)]
hgweb: Point hgwebdir.cgi at /etc/hgweb.conf.
/etc/hgweb.conf points hgweb at /data/vcs/hg.
root [Mon, 24 Nov 2008 23:21:16 +0000 (00:21 +0100)]
Add example hgwebdir.cgi script.
root [Mon, 24 Nov 2008 21:51:18 +0000 (22:51 +0100)]
gitweb: Add default config file.
root [Fri, 7 Nov 2008 21:56:56 +0000 (22:56 +0100)]
fastcgi: Add init script for fastcgi processes.
This script will for now ignore its command line arguments and always
restart all scripts. This should be improved in the future.
root [Fri, 7 Nov 2008 11:41:14 +0000 (12:41 +0100)]
system: Let update-php.ini also include a php.ini.local
root [Fri, 7 Nov 2008 11:40:45 +0000 (12:40 +0100)]
system: Let addsite always make DIR absolute.
root [Fri, 7 Nov 2008 11:28:02 +0000 (12:28 +0100)]
system: Fix permission setting in addsite.
root [Thu, 6 Nov 2008 13:55:44 +0000 (14:55 +0100)]
system: Add update-php.ini script.
This script merges system php.ini with a per-site php.ini.override, to
compensate for the lack of a proper include statement in php's config
files.
root [Thu, 6 Nov 2008 13:50:44 +0000 (14:50 +0100)]
system: Add script to fix users and permissions for a site.
Matthijs Kooijman [Thu, 9 Oct 2008 20:20:13 +0000 (22:20 +0200)]
system: Set the timezone to Europe/Amsterdam.
Matthijs Kooijman [Thu, 9 Oct 2008 15:46:18 +0000 (15:46 +0000)]
apt: Move local repository from ~matthijs to /data.
Matthijs Kooijman [Thu, 9 Oct 2008 13:15:34 +0000 (13:15 +0000)]
bash: Include bash.bashrc from /etc/profile.
Matthijs Kooijman [Thu, 9 Oct 2008 13:14:52 +0000 (13:14 +0000)]
system: Add resolv.conf, pointing to the DNS vserver.
root [Tue, 30 Sep 2008 14:49:56 +0000 (14:49 +0000)]
bash: Add default global profile script.
root [Tue, 30 Sep 2008 14:33:29 +0000 (14:33 +0000)]
bash: Enable extended completion.
root [Tue, 30 Sep 2008 14:32:51 +0000 (14:32 +0000)]
bash: Add initial bashrc.
root [Fri, 26 Sep 2008 10:16:05 +0000 (10:16 +0000)]
nss: Don't use mdns for name resolution.
This change was automatically made by removing avahi-daemon.
root [Fri, 26 Sep 2008 10:15:05 +0000 (10:15 +0000)]
nullmailer: Add configuration.
root [Thu, 25 Sep 2008 15:36:02 +0000 (15:36 +0000)]
pam: Enable LDAP host attribute checking.
root [Thu, 25 Sep 2008 15:30:51 +0000 (15:30 +0000)]
pam: Only use LDAP for auth and account, remove unix authentication.
root [Thu, 25 Sep 2008 12:19:43 +0000 (12:19 +0000)]
pam: Simplify configuration.
root [Thu, 25 Sep 2008 10:24:14 +0000 (10:24 +0000)]
pam: Use LDAP for authentication.
root [Thu, 25 Sep 2008 10:23:45 +0000 (10:23 +0000)]
nss: Use LDAP for passwd and group.
root [Thu, 25 Sep 2008 07:48:37 +0000 (07:48 +0000)]
pam: Add default pam common- files.
root [Thu, 21 Aug 2008 16:04:27 +0000 (16:04 +0000)]
Add local debian repository.
root [Thu, 21 Aug 2008 15:45:24 +0000 (15:45 +0000)]
Import initial sources.list.