Hi, all:
Two developments in the last couple of days:
Firstly, I re-converted the tree from SVN to git again. Back in 2005 I was trying to switch epylog to using kid templates and branched the stable sources into STABLE-1_0 subversion branch. As I didn't complete the template work, that resulted in subversion trunk being very badly broken, to the point of not being useful. It's my fault that I didn't advertise this fact very publicly.
When Seth converted from subversion to git, he didn't import the STABLE-1_0 branch, so the git tree didn't have the actually working code any more. :) Thankfully, he still had the subversion tree stashed away, so after some git wrangling I was able to re-convert the project and push it back to the git repository (spamming the world in the process, sorry!).
You can browse the git tree here: http://git.fedorahosted.org/git/?p=epylog.git
So, as things are right now:
origin/master former STABLE-1_0 branch with everyone's post-2005 work re-applied (for the most part, I omitted a few inconsequential things that didn't cleanly apply)
origin/stable-1.0.x former STABLE-1_0 branch
origin/old-svn-trunk former very broken SVN trunk. Nobody should want this.
I released 1.0.5 today, only adding two features:
* Add systemd-logind to logins module, so Fedora 16 and all other things using systemd can report logins accurately. * Add gpg encryption of email reports. Signing also works, though there appear to be a few kinks, as evolution pretends that it's not a valid format (thunderbird and mutt have no problem, on the other hand). I will note that gpg-signing is added for completeness and requires personal paranoia level set firmly on 11.
You can grab the release here: https://fedorahosted.org/epylog/
I will also be pushing it to all things Fedora/EPEL in the near future.
Finally, I will be going through the things in master shortly and will release epylog-1.1 in the near future, which will be the new devel series.
Best,
On Tue, 24 Jan 2012 16:10:50 -0500 Konstantin Ryabitsev icon@fedoraproject.org wrote:
Hi, all:
Two developments in the last couple of days:
Firstly, I re-converted the tree from SVN to git again. Back in 2005 I was trying to switch epylog to using kid templates and branched the stable sources into STABLE-1_0 subversion branch. As I didn't complete the template work, that resulted in subversion trunk being very badly broken, to the point of not being useful. It's my fault that I didn't advertise this fact very publicly.
When Seth converted from subversion to git, he didn't import the STABLE-1_0 branch, so the git tree didn't have the actually working code any more. :) Thankfully, he still had the subversion tree stashed away, so after some git wrangling I was able to re-convert the project and push it back to the git repository (spamming the world in the process, sorry!).
You can browse the git tree here: http://git.fedorahosted.org/git/?p=epylog.git
So, as things are right now:
1. yay for new releases 1b. yay for me not having to do them!
- Add gpg encryption of email reports. Signing also works, though
there appear to be a few kinks, as evolution pretends that it's not a valid format (thunderbird and mutt have no problem, on the other hand). I will note that gpg-signing is added for completeness and requires personal paranoia level set firmly on 11.
If you want to not have to deal with any of this - don't email the reports at all. Just use the file outputter and mail the url to the report.
Then host the report on an ssl'd webserver protected by whatever authN you'd like.
It is possible someone could modify the report on the webserver but at that point you have a compromised box which would, effectively, defeat signing/encrypting from that same host, too.
-sv
On 24/01/12 04:17 PM, seth vidal wrote:
If you want to not have to deal with any of this - don't email the reports at all. Just use the file outputter and mail the url to the report.
Then host the report on an ssl'd webserver protected by whatever authN you'd like.
It is possible someone could modify the report on the webserver but at that point you have a compromised box which would, effectively, defeat signing/encrypting from that same host, too.
That is correct. The downside is having to set up a webserver and then manage authentication -- in some environments this is more work than gpg-encrypting the mail report. :)
Enabling encryption is actually very straightforward. As root, run:
# mkdir -m 0700 /etc/epylog/gpg # export GNUPGHOME=/etc/epylog/gpg # gpg --keyserver=subkeys.pgp.net --search YOURKEYID
You can repeat the last command multiple times to add additional people's ids to whom the email should be encrypted.
If your key isn't on the keyservers, you can "gpg --export", copy it over to the epylog server, and then instead of running "gpg --search", do "gpg --import" to the same effect.
Then all you have to do is set in /etc/epylog/epylog.conf, under the mail publisher section:
gpg_encrypt = yes gpg_keyringdir = /etc/epylog/gpg
This is all in the manpage.
Best,
On Tue, Jan 24, 2012 at 04:17:46PM -0500, seth vidal wrote:
- yay for new releases
Yay, indeed! Thanks Icon. Glad to see epylog getting some love. :)
Quick warning:
I just discovered that cron runs appear to be broken in this version, so hold off on upgrading until I push 1.0.6 that fixes this problem. Not sure what went haywire -- looks like there is some code in place that wasn't completed between 1.0.3 and 1.0.4.
Best, -K
On Tue, Jan 24, 2012 at 4:10 PM, Konstantin Ryabitsev < icon@fedoraproject.org> wrote:
Hi, all:
Two developments in the last couple of days:
Firstly, I re-converted the tree from SVN to git again. Back in 2005 I was trying to switch epylog to using kid templates and branched the stable sources into STABLE-1_0 subversion branch. As I didn't complete the template work, that resulted in subversion trunk being very badly broken, to the point of not being useful. It's my fault that I didn't advertise this fact very publicly.
When Seth converted from subversion to git, he didn't import the STABLE-1_0 branch, so the git tree didn't have the actually working code any more. :) Thankfully, he still had the subversion tree stashed away, so after some git wrangling I was able to re-convert the project and push it back to the git repository (spamming the world in the process, sorry!).
You can browse the git tree here: http://git.fedorahosted.org/git/?p=epylog.git
So, as things are right now:
origin/master former STABLE-1_0 branch with everyone's post-2005 work re-applied (for the most part, I omitted a few inconsequential things that didn't cleanly apply)
origin/stable-1.0.x former STABLE-1_0 branch
origin/old-svn-trunk former very broken SVN trunk. Nobody should want this.
I released 1.0.5 today, only adding two features:
- Add systemd-logind to logins module, so Fedora 16 and all other things
using systemd can report logins accurately.
- Add gpg encryption of email reports. Signing also works, though there
appear to be a few kinks, as evolution pretends that it's not a valid format (thunderbird and mutt have no problem, on the other hand). I will note that gpg-signing is added for completeness and requires personal paranoia level set firmly on 11.
You can grab the release here: https://fedorahosted.org/epylog/
I will also be pushing it to all things Fedora/EPEL in the near future.
Finally, I will be going through the things in master shortly and will release epylog-1.1 in the near future, which will be the new devel series.
Best,
Konstantin Ryabitsev LinuxFoundation.org Montréal, Québec