Timeline


and

10/21/09:

22:30 Changeset [24120] by broder
Revert r24119 (Fix a typo in /etc/issue.net.no_network). I can't read.
22:28 Ticket #393 (remove renew and add from debathena-dotfiles) closed by broder
fixed: Whoops - forgot to close this, but the fix was moved into production …
22:28 Ticket #417 (Renew doesn't work properly on Karmic) closed by broder
fixed: Whoops - forgot to close this, but the fix was moved into production …
21:50 Changeset [24119] by broder
In pam-config: * Fix a typo in /etc/issue.net.no_network.
13:30 Changeset [24118] by broder
Add fftw-dev to thirdparty-libraries at alexp's request.
09:26 Changeset [24117] by broder
Now that evolution is using GSSAPI, the krb4-enabled evolution-data-server is no longer necessary.

10/20/09:

22:16 Ticket #272 (debathena-tellme: tellme has no manpage) closed by broder
fixed
22:15 Ticket #414 (mark firefox-extension compatible with 3.5) closed by broder
fixed
22:15 Ticket #402 (evolution-wrapper should support krb5 auth) closed by broder
fixed
16:42 Changeset [24116] by broder
DEB_TRANSFORM_FILES needs to have paths with the .debathena suffix (again, kerberos-config).
16:29 Changeset [24115] by broder
And...we need to split up the stuff that triggers config-package-dev and the stuff that uses config-package-dev's definitions in kerberos-config.
16:08 Changeset [24114] by broder
In kerberos-config, if we're hacking together our own version of DEB_TRANSFORM_FILES, like we do for usr.sbin.cupsd.debathena, it needs to come after the include so we can use functions defined by config-package-dev.
15:32 Changeset [24113] by broder
Put all of the config-package-dev configuration in kerberos-config before the includes.
15:15 Changeset [24112] by broder
In kerberos-config: * Apparently /etc/apparmor.d/abstractions/kerberosclient has to still exist, so switch back to DEB_TRANSFORM_FILES for that, but keep using DEB_REMOVE_FILES for the CUPS config file.
14:33 Changeset [24111] by broder
Cleanup one more stale diversion on kerberos-config.
14:25 Changeset [24110] by broder
In kerberos-config: * Clean up the upgrade path from 1.7 by undoing the DEB_TRANSFORM_FILES before replacing it with a DEB_REMOVE_FILES.
12:34 Changeset [24109] by broder
In kerberos-config, why don't we use makefile syntax instead of shell syntax?
12:17 Changeset [24108] by broder
Use the same logic for determining at build time whether to configure krb4 as is used in the postinst for determining whether to keep krb4 configured. Otherwise systems (such as Karmic) which don't have krb4, but do come with a krb4-config, would install the transformed files and then immediately undo the transformations on upgrades.
12:17 Changeset [24107] by broder
Add missing new build-dep to maybe-krb4-config
12:10 Changeset [24106] by broder
Testing installability in maybe-krb4-config didn't work either, so instead let's examine the version of kerberos-configs that's available ot us.
11:46 Changeset [24105] by broder
In maybe-krb4-config: * Because we already have packages depending on krb4-config, it's always going to be in apt's cache. A better question is whether or not we can install the package.
11:31 Ticket #340 (Metrics gathering) closed by broder
fixed: This has been moved into production, along with documentation on the …
11:31 Changeset [24104] by broder
Move the DEB_TRANSFORM_FILES setup in kerberos-config above the config-package.mk include. Because of how make processes Makefiles, if it comes after, the krb.conf and krb.realms files never get transformed.
11:04 Changeset [24103] by broder
In kerberos-config: * Only configure krb4 on systems that have it. (Trac: #379)
10:38 Ticket #382 (Quickstation login times are unacceptable) closed by broder
fixed: This was deployed last evening. Obviously we should revisit this when we …
00:47 Changeset [24102] by broder
In the pam_krb5 config, instead of just skipping the pam_echo in case of failure, immediately die. This works around a bug in pam-auth-update where default=1 is treated differently depending on whether or not the "end" in success=end has been replaced with a number. This was causing pam-auth-update to spuriously detect changes to /etc/pam.d/common-auth. This change does have the effect that a failure of pam_krb5 will no longer bubble down to any other potential auth providers. However, I think that the scenario of (a) using >=debathena-login, (b) having a second PAM auth module you want to use that, (c) is managed by pam-auth-update and not by hand and (d) comes after pam_krb5 in pam-auth-update's ordering scheme is pretty unlikely.

10/19/09:

11:59 Changeset [24101] by rbasch
In dotfiles: * Fix the test of from's availability.

10/18/09:

02:44 Ticket #420 (How to configure VPN on Ubuntu 9.04) closed by geofft
wontfix: This is a support issue, not a bug. I've answered via e-mail.
02:34 Ticket #420 (How to configure VPN on Ubuntu 9.04) created by cgao
I was following the steps …

10/17/09:

15:04 Changeset [24100] by broder
14:58 Changeset [24099] by broder
In kerberos-config: * Reload apparmor on upgrades (Trac: #326)
14:52 Changeset [24098] by broder
Don't try to DEB_UNREMOVE the files we replace for apparmor in kerberos-configs - it's not necessary, because the files aren't vanishing or anything.
12:56 Changeset [24097] by broder
In shell-config: * Only pass -45 to kinit on systems that still have a krb4. (Trac: #417)
12:29 Changeset [24096] by broder
In dotfiles: * Stop defining add and renew in the Athena dotfiles - they should be getting defined in the system dotfiles anyway. (Trac: #393)
04:00 Ticket #419 (debathena-nmh depends on krb4) created by broder
This is a problem on platforms that don't have krb4, such as Karmic and …
03:54 Ticket #418 (pam-config enables libpam-krb524 on krb4-less systems) created by broder
Right now we're still enabling libpam-krb524 on Squeeze and Karmic. Since …
03:50 Changeset [24095] by broder
In dotfiles: * If we're not running from, don't run mailquota either - they're both provided by mitmailutils.
03:19 Changeset [24094] by broder
There's one more package in debathena-clients that depends on debathena-mitmailutils, so let's demote it to a reocommendation (and promote it to a cluster dependency) as well!

10/16/09:

23:59 Changeset [24093] by geofft
In reactivate: * Fix init script metadata (overlooked in 1.21).
17:52 Changeset [24092] by broder
In mutt-config: * Now that mutt is using GSSAPI instead of krb4, we no longer need to depend on libsasl2-krb4-mit.
17:51 Changeset [24091] by broder
Demote nmh to a recommendation as well, pending getting it working without krb4. Again, promote it to a dependency of cluser, to make sure it sticks around there.
17:17 Changeset [24090] by broder
Start building packages for Karmic by default.
17:01 Changeset [24089] by broder
In dotfiles: * Only run from at login if it's available, and demote it to a recommendation.
16:36 Changeset [24088] by broder
So long as we're not depending on mitmailutils in clients, depend on it in cluster to make sure it stays installed there.
16:29 Changeset [24087] by broder
In evolution-wrapper: * Update evolution wrapper to use username.mail.mit.edu and GSSAPI instead of Hesiod and krb4. (Trac: #402)
16:28 Changeset [24086] by broder
Demote mitmailutils to a recommendation in debathena-clients, pending us getting a version of mitmailutils that works with GSSAPI.
14:28 Changeset [24085] by broder
In tellme: * Add a manpage for tellme. (Trac: #272)

10/15/09:

19:49 Ticket #417 (Renew doesn't work properly on Karmic) created by ismith
Error: "Kerberos 4 is no longer supported". Presumably this is a result …

10/14/09:

18:27 Changeset [24084] by rbasch
In firefox-extension: * Bump the max supported version for Firefox 3.5. (Trac: #414) * Update help and home page URLs.
14:48 Changeset [24083] by broder
In reactivate: * geofft's transformation of /etc/pam.d/su was running outside the chroot, and editing the file in place, thus clobbering the symlink. We need to fix all of this in the postinst.
14:38 Changeset [24082] by broder
In reactivate: * geofft's transformation of /etc/pam.d/su in athena-login-snapshot isn't being overwritten by package upgrades, so we'll have to cleanup for it in the postinst by hand.
14:04 Changeset [24081] by broder
In reactivate: * Always lecture users trying to sudo on quickstations. * Stop editing /etc/pam.d/sudo in the snapshot setup, since we're no longer diverting it.
12:41 Changeset [24080] by broder
In cluster-login-config: * Deny everybody sudo privileges by default, then override that for the admin group. This makes sure that everybody is somewhere in the sudoers file, which also ensures that they get lectured. In reactivate: * Specify both of the lecture files in /etc/sudoers: error for everybody, and warning for the admin group. The latter overrides the former.
11:29 Changeset [24079] by broder
Add convenience repo-management scripts dacopy and daremove, and change damove to use those.
09:03 Changeset [24078] by geofft
reactivate: Use PAM even more differently on quickstations. My previous implementation was all kinds of wrong.
08:54 Ticket #416 (reactivate's transform scripts never fail) created by geofft
If for some reason the PAM config no longer includes `@include …
07:43 Changeset [24077] by geofft
reactivate: Fix .install file.
07:20 Changeset [24076] by geofft
reactivate: Use PAM more differently on quickstations.

10/13/09:

14:50 Ticket #415 (Write authenticator daemon to conspire with PyHesiodFS to get tokens) created by broder
One of the few things we still need an attach command for is acquiring …
14:32 Changeset [24075] by broder
In metrics: * If a process is being started inside the login chroot, strip off the /login prefix for path consistency. * Add an application blacklist for apps that always run in a login session.

10/12/09:

19:48 Changeset [24074] by broder
In alpine-config: * Revert 1.14, because it doesn't appear to be necessary anymore.
19:15 Changeset [24073] by broder
In alpine-config: * Replace the old creatdir patch from the debathenified alpine with equivalent code in the alpine wrapper script.
15:50 Changeset [24072] by broder
Punt the $Id$ tag from quota's Makefile - make doesn't seem to like it.
15:48 Changeset [24071] by broder
In reactivate: * Use PAM instead of the sudo lecture_file to lecture users.
14:59 Changeset [24070] by broder
In attach: * Now that liblocker doesn't require krb4, don't require it here either. * Since Debathena is building liblocker without krb4, don't build with it here either.
14:59 Changeset [24069] by broder
In locker: * Add a configure-time option to tear the NFS (and therefore the krb4) out of liblocker. * Shell out to aklog, instead of duplicating all of its code. * On Debathena, build without NFS support.
14:58 Changeset [24068] by broder
cd
13:21 Changeset [24067] by broder
Now that username.mail.mit.edu support GSSAPI, we no longer need to debathenify alpine to support krb4 and Hesiod.

10/11/09:

15:18 Ticket #414 (mark firefox-extension compatible with 3.5) created by geofft
Before Karmic releases, we should quickly check that there are no API …
13:03 Changeset [24066] by broder
In reactivate: * Display the sudo lecture file for all users, not just the admin group. This ensures it will show on quickstations, not just clusters.
13:03 Changeset [24065] by broder
In pam-config: * Merge in the libpam-krb5-config package.
00:57 Ticket #413 (alpine-config: ${ATHENA_USER:-$USER} doesn't work) created by geofft
alpine implements its own ${foo:-bar} parsing that's nonrecursive, so if …

10/09/09:

17:03 Ticket #412 (athena-auto-update should not run when the user is logged in) created by jdreed
We decided we don't care about machines being unavailable while they're …
16:08 Ticket #411 (We should honor $PRINTER, including in the GUI if possible) created by jdreed
Currently, $PRINTER is honored only on the command line (and the GTK …
16:06 Ticket #410 (We need a public workstation verification script) created by jdreed
As discussed some time ago, we need some sort of public workstation …

10/08/09:

22:38 Ticket #409 (ood-packages shouldn't require you to be debathena-root to work) created by geofft
There's a script "ood-packages" in the debathena locker that will give you …
15:50 Changeset [24064] by rbasch
In debathena-kiosk: * Enable the URL and search bars.
01:02 Ticket #408 (athena-auto-update should deal with upstream's anjuta/libgbf fail) created by geofft
Ubuntu released a version of the anjuta package that is supposed to …
00:50 Ticket #407 (athena-auto-update should dpkg --configure -a) created by geofft
A handful of machines in clusters have stopped updating with […] …
00:17 Ticket #406 (athena-auto-update does not retry configuring unconfigured packages) created by geofft
athena-auto-update checks aptitude --simulate --assume-yes full-upgrade

10/07/09:

23:45 Changeset [24063] by geofft
In gdm-config: * Don't make errors in reloading gdm's configuration fatal for upgrading the package.
23:36 Ticket #405 (Uninstalling debathena-thunderbird-config breaks thunderbird) created by kchen
I installed thunderbird and debathena-thunderbird-config, and shortly …
18:18 Changeset [24062] by broder
Begin gathering metrics on cluster machines.
14:22 Changeset [24061] by geofft
alpine-config: imaps://po10.mail.mit.edu is fixed now. This reverts r24060, "Revert 1.12 and 1.13 pending fixing of imaps://po10.mail.mit.edu."
12:52 Changeset [24060] by broder
In alpine-config: * Revert 1.12 and 1.13 pending fixing of imaps://po10.mail.mit.edu.
12:12 Ticket #401 (thunderbird-config should support krb5 auth) closed by broder
fixed: This is now in production.
12:11 Ticket #158 (distinguish cluster from workstation machine on login screen) closed by broder
fixed: This is now in production.
12:11 Ticket #380 (grenew FTBFS on releases without krb4) closed by broder
fixed: This is now in production.
12:11 Ticket #205 (ssh changes behavior from Athena 9, does not delegate tickets by default) closed by broder
fixed: And now in production.
12:06 Changeset [24059] by broder
In cluster-login-config, only declare machtype in the dependency list once.
12:05 Changeset [24058] by broder
Add the new sudo/su warnings for when you don't have root.
11:45 Changeset [24057] by broder
In cluster-login-config: * Unset the root password if the machine is a quickstation. In reactivate: * Don't put the user in a login snapshot on a quickstation.
00:45 Changeset [24056] by broder
In bugme: * Use machtype -q to determine if a workstation is a quickstation.

10/06/09:

15:14 Changeset [24055] by broder
In metrics: * Switch to facility local0. * Remove an extraneous space at the beginning of the log messages.
14:48 Changeset [24054] by broder
Add irb to thirdparty-languages.

10/05/09:

15:31 Changeset [24053] by broder
In machtype: * Add machtype -q, which outputs whether or not a workstation is a quickstation.
13:42 Ticket #404 (Research and report regression in OO.o) created by broder
The 3.0.1-9ubuntu3.1 security release for openoffice.org appears to have …
11:10 Changeset [24052] by broder
In alpine-config: * Disable GSSAPI on the command line if the user doesn't have tickets.
10:12 Changeset [24051] by broder
In reactivate: * Change back to mounting the login snapshot as ext3, since that was substantially hurting performance.
08:57 Changeset [24050] by broder
Removing KDE from extra-software again. I still don't understand exactly which metapackage brings in what in which version of Debian or Ubuntu, and I don't want other changes to this package to block on us figuring it out.
04:28 Changeset [24049] by broder
In thunderbird-config: * Kill the Kerberos settings stolen from the thunderbird locker - they don't seem to be necessary. * Set mail.server.server1.useSecAuth, which secretly means "use SASL."
03:34 Ticket #403 (mitmailutils should use krb5) created by broder
mitmailutils are currently using krb4 and Hesiod. Instead they should use …
03:33 Ticket #402 (evolution-wrapper should support krb5 auth) created by broder
The evolution wrapper currently uses krb4 authentication and Hesiod. …
03:30 Ticket #401 (thunderbird-config should support krb5 auth) created by broder
We need to figure out what configuration option corresponds to the "Use …

10/04/09:

23:56 Changeset [24048] by broder
In metrics: * Fix a typo in the install-pkg script.
22:32 Changeset [24047] by broder
Incorporate the debathena/metrics/connector.pxd file into connector.pyx Apparently Squeeze's pyrexc doesn't automatically include a .pxd file at the top of the correspondingly named .pyx file anymore.
22:25 Ticket #400 (disable nm-applet on clusters) created by geofft
Cluster machines have no wireless card and have wired networking …
22:08 Changeset [24046] by broder
In the metrics connector interface, don't use a potentially blocking loop if we get an event we don't know about.
22:03 Changeset [24045] by broder
Add logic to metrics code to wait for 1ms before actually reading events from the connector. This batches a bunch of quick successive events together, rather than continually waking up the gatherer, which minimizes the performance impact to the rest of the system.
21:37 Changeset [24044] by broder
Add a missing dependency on debathena-gdm-config to metrics.
21:34 Changeset [24043] by broder
Create debathena-metrics package for gathering information on how Athena is being used. This package will start a daemon at the beginning of a login session. This daemon captures any path executed by the user over the course of their session, any packages installed by the user, and the total length of the login session. The collected information is sent to wslogger when the user is logged out.

10/03/09:

23:25 Changeset [24042] by broder
In grenew: * Support building on systems where krb5 no longer comes with krb4. (Trac: #380)
16:56 Ticket #399 (look at f-u-s-a change to indicator-applet-session) created by geofft
fast-user-switch-applet went away in Karmic to be replaced by …

10/02/09:

19:39 Ticket #398 (Use CUPS by default) created by geofft
We're currently defaulting users to LPRng /etc/debathena-printing.conf; …
19:35 Ticket #397 (CUPS should probably support lpr -Pprinter2) created by geofft
For backwards-compatibility reasons, we should continue to support …
15:17 Changeset [24041] by broder
Incorporate alexp's changes to the thirdparty packages.
12:50 Ticket #396 (Rename "Locker Software" in the Applications menu) created by jdreed
"Locker Software" is meaningless to anyone new to MIT. Something like …
10:37 Ticket #395 (Ability to set AFS permissions from Nautilus) created by jdreed
I don't know how extensible Nautilus is, but it would be awesome if I …

10/01/09:

22:53 Changeset [24040] by broder
In linerva: * Don't accept the root password over ssh.
18:22 Changeset [24039] by broder
In ssh-server-config: * Put a blank line before and after any ticket/token warnings.
17:50 Changeset [24038] by broder
Miscellaneous, minor cleanups in shell-config.
17:45 Changeset [24037] by broder
In ssh-server-config, conditionalize the no tickets/tokens warning based on DEBATHENA_HOME_TYPE rather than if the user is nonlocal, be sure to always print errors to stderr, and only print the messages during an interactive session. Patch by Jessica Hamrick <jhamrick@mit.edu>
15:59 Ticket #394 (restore some login screen options/applets) created by geofft
Athena 9 had a number of pre-login options, including xcluster, MITVMA, …
12:52 Ticket #393 (remove renew and add from debathena-dotfiles) created by broder
The renew and add shell functions are being provided by …

09/30/09:

18:00 Changeset [24036] by rbasch
In reactivate: * Mount the login snapshot file system as ext2, with noatime.
17:20 Changeset [24035] by broder
Change the version number of alpine-config to something less dumb.
17:17 Changeset [24034] by broder
Don't actually punt the alpine dependency in alpine-config, just the debathena-alpine one.
17:10 Changeset [24033] by broder
In alpine-config, mutt-config, and thunderbird-config, use user.mail.mit.edu and GSSAPI instead of Hesiod and krb4.
16:16 Ticket #392 (test current LDAP clients (address books) against ldap-too) created by geofft
ldap-too.mit.edu is a better and more intentional version of ldap.mit.edu, …
15:50 Ticket #391 (Stop debathenifying bash and tcsh because no one uses double-tilde) created by jdreed
I assert that no one uses the double-tilde notation anymore for lockers, …

09/29/09:

15:55 Ticket #390 (Figure out empathy support) created by broder
Karmic has switched from pidgin to empathy/telepathy as its default IM …
15:15 Changeset [24032] by broder
You need kdebase-workspace on Ubuntu to actually get offered a KDE session at gdm.
11:17 Ticket #389 (LiveCD Windows app lacks Debathena branding) created by jdreed
The Windows app that the LiveCD launches when inserted into a Windows …
04:29 Changeset [24031] by broder
Add debathena-language-support to workstation.
04:12 Changeset [24030] by broder
Create debathena-language-support to depend on all input methods available.
03:26 Changeset [24029] by broder
Fix a dumb typo in reactivate's control file.
02:58 Changeset [24028] by broder
In order to let gdm-config add the new diversions at approximately the same time that reactivate is dropping them, we can't use DEB_UNDIVERT_FILES, so write some more clever code of our own instead. (Because gdm-config's postinst was triggering before reactivate's, it was to trying and create the diversions before reactivate had removed them.)

09/28/09:

18:29 Changeset [24027] by geofft
gdm-config 1.15: Make the code break less, and add Trac closer
17:58 Changeset [24026] by geofft
Add -branding packages as dependencies of their metapackages.
17:57 Changeset [24025] by geofft
In gdm-config: * Display the OS version and Debathena metapackage in the corner of the login screen. * To implement this feature, create debathena-*-branding packages for metapackages that depend on gdm-config.
15:25 Changeset [24024] by broder
Use /usr/share/debathena-gdm-config/{Pre,Post}Session.d instead of /etc/gdm, to avoid potential conflicts with upstream.
14:49 Changeset [24023] by broder
In reactivate: * Use the new /etc/gdm/{Pre,Post}Session.d directories in gdm-config.
14:49 Changeset [24022] by broder
In gdm-config: * Provide /etc/gdm/{Pre,Post}Session.d directories so that multiple packages can insert scripts.
14:30 Changeset [24021] by broder
A 2G build chroot isn't big enough for building the live DVD, so make the chroots bigger.

09/27/09:

23:50 Changeset [24020] by broder
Change the autolivebuilder to write into a configurable directory, and sha{1,512}sum the individual files, instead of the entire directory.

09/26/09:

19:18 Ticket #388 (config-package-dev maintainer scripts don’t undivert on deconfigure) created by andersk
We currently undivert on prerm when [ "$1" = "remove" ]. This should …
15:49 Changeset [24019] by geofft
In alpine-config: * Suppress a Hesiod error when running alpine on a non-Athena account.

09/25/09:

15:27 Ticket #387 ("chmod 755 ~" dialog should offer to do so for you) created by geofft
This involves changing a message prompt to a zenity --question.

09/24/09:

22:54 Ticket #292 (debathena-cluster should turn sound off differently) closed by geofft
fixed: Tested by reinstalling lola-granola and hacking up the installer to work …
22:51 Ticket #368 (Change umask to 022 in /usr/lib/init/{ba,c}shrc) closed by geofft
fixed: I've heard no objections; moved to production.

09/22/09:

14:37 Ticket #386 (bugme isn't always always on top) created by geofft
I'm not sure why, but I've regularly been able to make my Firefox or xterm …
12:31 Ticket #385 (debathena-misc-glue has undeclared conflict with acroread) created by geofft
The debathena-misc-glue package installs a /usr/bin/acroread attachandrun …
12:21 InterMapTxt edited by geofft
add help.mit.edu (diff)
02:08 Ticket #384 (lpr.debathena should find the cups default printer, and prioritize it ...) created by mitchb
If the owner of a machine uses the GUI printing administration application …
00:38 Changeset [24018] by broder
In moira: * Add patch to fix builds without krb4.
00:16 Changeset [24017] by broder
In moira: * New CVS snapshot.

09/21/09:

02:00 Ticket #383 (config-package-dev quoting bug fails to disallow transformation of ...) created by andersk
Our original intention with the config-package-dev API was to disallow …
Note: See TracTimeline for information about the timeline view.