[monkeysphere.git] / doc / george / changelog

******************************************************************************
*                                                                            *
*                       george system log                                    *
*                                                                            *
******************************************************************************
*  Please add new entries in reverse chronological order whenever you make   *
*  changes to this system (first command at top, last at bottom)             *
******************************************************************************

2010-02-23 - dkg
        * add lenny-backports repo.
        * remove monkeysphere repo.
        * aptitude update && aptitude full-upgrade (including monkeysphere
        0.28-1~bpo50+1, and backported gpg)
        
2010-01-12 - dkg
        * aptitude update && aptitude full-upgrade (including monkeysphere
        0.27-1)

2009-10-26 - dkg
        * upgrade nginx in response to DSA-1920-1
        
2009-09-14 - dkg
        * aptitude update && aptitude full-upgrade (bunch of lenny
        updates, plus ikiwiki security upgrade)
        
2009-04-21 - jrollins
        * apt-get update && dist-upgrade (a bunch of stuff (monkeysphere,
        screen, gnupg, dash, onak, git-core...)
        * extended host key by 3 months
        
2009-04-21 - micah
        * aptitude update && aptitude full-upgrade (git-core DSA)
        
2009-04-12 - dkg
        * aptitude update && aptitude full-upgrade
        * (checked and found that monkeysphere version 0.24-1 is already
        installed; don't know how that happened, coulda been me, just
        sloppy about not noting it in the changelog)
        * extended host key by 4 months
        
2009-02-22 - jrollins
        * fixed /etc/crontab line for update-users (was trying to run
        monkeysphere-server instead of monkeysphere-authentication).

2009-02-21 - dkg
        * upgraded to the latest versions of packages for lenny.
        * upgraded george to monkeysphere 0.23.1.  the transition upgrade
        failed due to the way that gpg exports self-signatures secret
        keys; it only exports the first self-sig for each user id, even if
        that one is expired.  Then any subsequent import fails, even if
        the target import keyring knows about some valid self-signatures.
        * i man-handled the upgrade into place so that george doesn't just
        fail on us, but this is a pretty major bug in the transition process.
        
2009-01-31 - jrollins
        * applied diff represented in commit
        f75a5747a8b99e04c02c475791c476f1fbd2b674 to change log level for
        unacceptable untranslatable keys.

2009-01-30 - micah
        * Replaced nullmailer with postfix, nullmailer doesn't handle aliases
          and insisted either on constantly respooling mail when there was no
          where to go. 

2009-01-24 - micah
        * Configured /etc/aliases to have root go to mjgoins, micah, dkg, jrollins
        * Configured /etc/nullmailer/remotes to have mail.riseup.net so remote delivery will work
        * Removed the hundreds of queued cron emails that had resulted in 30gig of mail.err logs
        * Rotated the giant logs out 

2009-01-11 - dkg
        * extended the expiration date for george's key three months into
        the future.
        * aptitude update && aptitude full-upgrade (brings monkeysphere to
        0.22-1)
        
2008-10-29 - dkg
        * aptitude update && aptitude full-upgrade
        * brought monkeysphere up to 0.19-1
        * removed tasksel
        
2008-10-25 - dkg
        * aptitude update && aptitude full-upgrade
        * brought monkeysphere up to 0.16-1
        * repointed keyserver usage to pool.sks-keyservers.net
        
2008-09-04 - dkg
        * added two mime-type declarations in /etc/mathopd.conf so .debs
          and .tar.gz files come out reasonably; restarted mathopd for the
          re-read.
        * built monkeyshell (from src/monkeyshell) and installed as
          /usr/local/bin/monkeyshell, added to /etc/shells.
        * created new account "monkey" which has monkeyshell as the shell
          for non-privileged test access.  To let someone test this out,
          make sure they're well-connected to george's web of trust, and
          then add their User ID to
          ~monkey/.monkeysphere/authorized_user_ids
        * more mime types for mathopd: image/png image/x-icon
        
2008-09-03 - micah
        * migrated /home/*/.config/monkeysphere/authorized_user_ids to new
        agreed location: /home/*/.monkeysphere/authorized_user_ids and created
        a symlink in the original location for transition purposes. Also,
        did /root's as well. I used this hackish mechanism:
        $ for user in `find . -wholename './*/.config/monkeysphere/authorized_user_ids' \
        | cut -d/ -f2`; do mkdir -v ${user}/.monkeysphere; chown ${user}:${user} \
        ${user}/.monkeysphere; mv -v ${user}/.config/monkeysphere/authorized_user_ids \
        ${user}/.monkeysphere; ln -s /home/${user}/.monkeysphere/authorized_user_ids \
        ${user}/.config/monkeysphere/authorized_user_ids; done

           - dkg
        * added the monkeysphere archive repository signing key
        * aptitude update && aptitude full-upgrade (brings in monkeysphere 0.13-1)
        * cleaned up /etc/skel to reflect correct location of the
          monkeysphere config directory.
        * micah moved all the existing config stuff over, and left
          symlinks so people aren't disoriented.
        
2008-09-01 - dkg
        * set up http://dkg.monkeysphere.info so that i could play around
          with ikiwiki updates
        * moved apt repository over to http://archive.monkeysphere.info/
        * aptitude update && aptitude dist-upgrade
        * canonicalizing hostname for normal web access to
          http://web.monkeysphere.info
        
2008-08-26 - dkg
        * aptitude update && aptitude full-upgrade
        * added account 'daniel' for Dan Scott, and set him up with a way
          to publish to http://daniel.monkeysphere.info
        
2008-08-20 - dkg
        * aptitude update && aptitude dist-upgrade: this includes
          monkeysphere 0.11-1 and OpenSSH 5.1p1-2
        
2008-08-18 - dkg
        * moved monkeysphere apt repo entry to
          /etc/apt/sources.list.d/monkeysphere.list
        * aptitude update && aptitude full-upgrade (including monkeysphere
          0.9-1)
        * switched george's monkeysphere-server preferred keyserver to
          monkeysphere.info for the moment.  Both pgp.mit.edu and
          subkeys.pgp.net are sluggish right now :/
        
2008-08-16 - jrollins
        * removed stale branches from jrollins from the master repo
        * aptitude update && aptitude full-upgrade
        * restarted services to clear up dependencies on old libraries
        
2008-08-13 - dkg
        * aptitude update && aptitude full-upgrade
        * restarted services to clear up dependencies on old libraries
        
2008-08-07 - dkg
        * aptitude update && aptitude dist-upgrade
        * removed debian's experimental from the sources.list
        * removed experimental stanza from /etc/apt/preferences (now the
          monkeysphere packages should upgrade automatically)
        * upgraded to monkeysphere 0.7-1
        * installed runit
        * set up a public git daemon service to serve git repos from
          george, using runit. (root-served repos are served from
          /srv/git, but ~USER/public_git is supported as well, if anyone
          wants to use that for publication).
        
2008-08-03 - dkg
        * aptitude update && aptitude dist-upgrade
        * installed iproute
        * added my User ID to ~webmaster/.config/monkeysphere/authorized_user_ids

2008-08-02 - jrollins
        * aptitude update && aptitude dist-upgrade
        * restarted cron, nullmailer, sshd
        * aptitude install git-core ikiwiki
        * adduser webmaster
        * su - webmaster
        * created a bare repo at ~webmaster/monkeysphere.git.  I then
        pushed into this repo from my working directory on servo to verify
        that it was accepting.
        * cloned above repo at ~webmaster/monkeysphere
        * created ~webmaster/ikiwiki.setup
        * ikiwiki --setup ikiwiki.setup
        * linked post-receive to new post-commit hook in monkeysphere.git
        * changed default keyserver to be pgp.mit.edu (subkeys.pgp.net
        blows)
        * updated /etc/skel with ssh and monkeysphere stuff
        * made authorzied_user_ids file for webmaster and ran
        "monkeysphere-server u webmaster".
        
2008-06-23 - dkg
        * added monkeysphere apt repository to /etc/apt/sources.list
        * added dkg's key to apt's list of trusted keys.
        * ran aptitude dist-upgrade
        * upgraded to monkeysphere 0.2-1
        * moved authorized_user_ids files into users' home directories.
        * installed lockfile-progs
        
2008-06-22 - dkg
        * installed screen (mjgoins and i were collaborating)
        
2008-06-21 - micah
        * Restored /etc/init.d/ssh to original package state and changed
        /etc/default/ssh to have 'unset SSHD_OOM_ADJUST' instead.
        
2008-06-20 - micah
        * Commented out the 'export SSHD_OOM_ADJUST=-17' from the
        /etc/init.d/ssh initscript, and the 'SSHD_OOM_ADJUST=-17' from
        /etc/default/ssh in order to make this error go away:
        "error writing /proc/self/oom_adj: Operation not permitted"
        (c.f. Debian #487325)
        
2008-06-20 - dkg
        * touched /etc/environment to get rid of some spurious auth.log
        entries.
        * turned up sshd's LogLevel from INFO to DEBUG
        
2008-06-19 - dkg
        * installed rsync (for maintaining a public apt repo)
        
        * configured mathopd to listen on port 80, serving /srv/www as /
        and /srv/apt as /debian.  We've got nothing in /srv/www at the
        moment, though.

        * installed lsof and psmisc as sysadmin utilities.  sorry for the
        bloat!

        * installed strace to try to figure out why onak is segfaulting.
        
2008-06-19 - dkg
        * removed etch sources, switched "testing" to "lenny", added
        lenny/updates, removed all contrib and non-free.
        
        * removed testing pin in /etc/apt/preferences
        * ran the upgrade
        
        * reset emacs22 to emacs22-nox (avoiding dependencies)
        
        * removed sysklog and klogd because of errors restarting klogd.
        Installed syslog-ng in their stead, which still gives errors
        related to /proc/kmsg unreadability, but the install completes :/
        
        * added experimental
        * juggled pinning: experimental: 1, unstable: 2 
        * added mathopd onak, tweaked /etc/mathopd.conf and /etc/onak.conf
        
        * installed monkeysphere v0.1-1, changed host key, published
        them via the local keyserver (see host-key-publication)

        * added local unprivileged user accounts for everyone listed in
        /usr/share/doc/monkeysphere/copyright

        * configured authorized_user_ids for every user account based on
        my best guess at their OpenPGP User ID (see
        user-id-configuration).

        * set up a cronjob (in /etc/crontab) to run "monkeysphere-server
        update-users" at 26 minutes past the hour.
        
2008-06-18 - jrollins
        * installed less, emacs;
        * aptitude update && aptitude dist-upgrade

2008-06-18 - micah
        * debootstrap'd debian etch install
        * installed /etc/apt/sources.list with local proxy sources for etch,
          testing, unstable, backports and volatile
        * configured /etc/apt/preferences and apt.conf.d/local-conf to
          pin etch, but make testing, sid and backports available
        * added backports.org apt-key
        * installed openssh-server and openssh-client packages
        * added dkg, jrollins, mjgoins ssh public_keys to /root/.ssh/authorized_keys