I am new to the fedora infrastructure group. I am going throug few of the links in the site to get a feel of the work. I have submitted my .ssh_rsa_key.pub from the site. I think I will get some intimation on this. Please someone can let me know further proceedings from here onwards.
Regards & Thanks Prabir Senapati mailto: senapati2001(a)yahoo.com
I've been lurking on the mailing list for a while and I finally
registered for my fedora account today (username: chrisj)
I'm interested in helping out as time permits. I got on irc once
(lurking again) and haven't really logged in since. I'll try to make a
few meetings after the holidays
I'm planning to get my personal test systems setup soon. I just moved
and still getting things straight at home. Bought a 750GB drive last
night and will be installing F10 over the weekend. I had been running
the U... distro and it's time to get back to the fedora/RH rpm way of
doing things :-)
I've used RedHat since before Fedora existed (I think 6 was the first
one). Started as a hobbyist, 2 years. Then got a job as an admin and
have been doing Linux admin and Cisco networks for the last 5 years.
My current employer is a Win shop so I just get to run the DNS,
email, and network, but the network is 50 remote offices and 3
different data centers in the midwest. I don't mind the Windows too
much and can find my way around them, it's also kinda fun to get the
Linux and MS products to play nice together. I've worked with a lot of
different linux and OSS software products including: postfix,
openldap, apache, bind, samba, mailman, pam, built some custom rpm's,
etc. I use RHEL mostly at work and some fedora and Cent for testing
(some suse, deb, and slackware in the past). I used to do lots of
security firewall apliances with various linux distros (I was a big
fan of LRP when it would fit on a floppy), most of this is now done
with Cisco in my world. I can shell script pretty well and I've
written several perl scripts in the last few years (dabbled in php but
not enough to know it well). I've always been interested in python but
don't have much if any exp with it. I also don't have much experience
with SQL/DB or source control.
I was looking at the FIGs and would be interested in the base sysadmin
and sysadmin-noc for now while I figure out where everything is and
what it does. I'm also interested in more info on the sysadmin-tools
and sysadmin-web FIG.
So, next just apply for the FIGs, keep lurking, ask some questions,
show up for IRC meetings?
On Sat, 2009-01-31 at 20:10 +0200, Axel Thimm wrote:
> a current rsync shows that thousands of files have been changed in the
> last week. This is not expected as /releases/ is considered to only
> change for the release day and then never again.
> The files have a date of Jan 23rd. Although I don't have a copy to
> compare with looking at the internal date it looks like the files have
> just been `touch'ed (but I only checked a coupl of the 2000+ changed
> ones). Could someone bring back the old dates to make it consistent
> again? Thanks!
Hrm, there was no action on my part to touch everything, so I'll have to
do some investigation into what's going on.
Looking on the server, all the files in
releases/10/Everything/i386/os/Packages/ have varying timestamps, but I
do indeed see some things with a stamp as new as Jan 22. Its certainly
not every file, but I'm still not quite finding any commonality in my
brief looking. More investigation to follow.
Fedora -- Freedom² is a feature!
The Mediawiki auth plugin has to contact admin.fedoraproject.org in
order to lookup the users and verify their passwords. It's using curl
to do so. One of the options being given to curl is the following:
# This is only required because of the wildcard cert on pt10
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
That turns off verifying the host via SSL. From the comment it appears
to only be needed with the test FAS server. I'd like to comment this
This is a flaw that potentially opens us to a DNS spoofing attack to
compromise authentication. Luckily for us, there is a problem with
routing to admin.fedoraproject.org within PHX so we have an /etc/hosts
entry for admin.fp.o that directs the wiki to use an internal IP
address. That means for this flaw to affect us, someone would have to
compromise the /etc/hosts files rather than a DNS server. So we should
fix this but compromising it is not as easy.
If this fails, we will see authentication failures when we try to login
to the wiki and can revert.
Can I get a couple +1's?
I sent this to the docs list when they started considering Zikula. Now
that we're setting up a test instance and getting some people on the
infrastructure team to work on it it seems like a good point in time to
forward it here.
-------- Original Message --------
Date: Fri, 23 Jan 2009 16:55:03 -0800
From: Toshio Kuratomi <a.badger(a)gmail.com>
Paul W. Frields wrote:
> I think we should also be considering the other major players in the
> CMS game, if there are people available to deploy and maintain them.
> Drupal and Joomla! immediately come to mind, the latter especially
> because it actually has some DocBook XML support. Features aren't
> particularly compelling, though, if we have no one around to help with
> the maintenance.
One of the things I didn't know until I did some browsing around their
website is that Zikula started off as PostNuke but that they changed the
name in June. So they are a long term player in the CMS market.
> None of this has any bearing on the quality of Zikula, which I'm sure
> is excellent.
I was impressed by a few of the things I've learned since this morning
:-) The answers to how proactive the security is was a nice change from
the usual thoughts I've seen::
Here's my naive search of cve.mitre.org for issues reported in 2008.
Note that some people would say to exclude plugins from this but my view
is that we're going to be running plugins as part of our deployment and
we'll want to know if we can expand our capabilities by pulling in
functionality via plugins without compromising security. So knowing
this does a *little* towards understanding whether the Core provides an
API for writing secure plugins and the plugin community is security
minded as well as Core developers. And like I say, this is naive :-)
91 Joomla -- Lots of plugins a few in core
79 Drupal -- Lots of plugins a few in core
60 Wordpress -- Lots of plugins, a few in core
53 Mambo --Lots of plugins, at least one in core
4 zikula + postnuke -- 1 in Core, 3 in plugins
For reference, mediawiki, which we think has an acceptable
security-to-benefit ratio had 8 vulnerabilities reported in 2008 using
the same naive count.
I have just subscribed to both the fedora-infrastructure-list and the
fedora-docs-list to keep you (and myself) updated about the
My name is Arjen Tebbenhof, 32 years old and currently employed at
AMB-IT / ChampionChip in the Netherlands as a (web) software engineer.
In this function, I maintain a backend-portal for our clients, and I am
responsible for planning and implementation in this specific field
(using PHP and an Oracle DBMS). Before this, I owned a company
specialized in delivering CMS solutions, but that never really got
lucrative enough to make a living :) I have a Bachelors Degree in
Econometrics and Operations Research, at the Erasmus University
Rotterdam, The Netherlands.
I am the current maintainer of the packaging environment for the Zikula
Application Framework for the last year or so. Besides that, I am the
team leader of the Dutch Zikula Community for the last five years, and
maintain all dutch translations for the project. I never really
contributed any code to the project, but behaved more as a sidekick
between developers and the users, mainly providing support. I have basic
knowledge of *nix systems, but have better specialties in PHP OOP,
Databases, CVS/SVN repositories and packaging.
For the Documentation Project, I will assist Simon and the rest of the
newly involved list members with the new Fedora Docs portal. And
therefore have applied to the sysadmin and sysadmin-test groups.
Arjen (aka Teb)
Let me first apologize for what will inevitably be a stream of people
introducing themselves for work on setting up Zikula.
My name is David Nalley, and I am ke4qqq on IRC. Eric (sparks) has
asked me to come work with the Zikula guys on getting things setup on
I work as a mainly Linux sysadmin in Liberty, SC and have done so for
around 6-7 years now. The bulk of my work focusing on RHEL/CentOS 3-5.
So as far as identifying what I want to work on, Ticket 1155 is I
suppose my first priority, though I did tell Mike I'd volunteer to do
some inventory-type stuff for him.
I've applied for sysadmin and sysadmin-test for the time being.
Let me know if there is more needed of me.
Hey all. I've placed our security policy CSI docs in a standard location
now. Just a reminder: If you have shell access on any of our servers you
need to be compliant with all of these rules by the end of March. Which
should be plenty of time to get any oddities worked out.
Having just requested access to the sysadmin and sysadmin-test groups on FAS
and on the advice of David Nalley I thought I should introduce myself. I
have been working with the docs team over the last week on the possibility
of running the Zikula Application Framework as the CMS behind
docs.fedoraproject.org. I am a member of the board of the Zikula Software
Foundation and the Zikula Steering Committee, and I have been acting as the
lead in discussions about how to best address the needs of the docs project
on their website, and the needs of the Fedora project at large.
My name is Simon Birtwistle, and I'm currently located in Cambridge in the
UK. I am in the final year of studying for a degree in Computer Science at
Cambridge University, and providing all goes well I'll be graduating in
June. I've used Fedora on and off for years and years, though despite
thinking about it I never got around to contributing. Most of my time is
taken up with the Zikula project, where my work with the Steering Committee
involves project management and day to day organisation, but I'm hoping that
I can combine my work there with useful work on the Fedora websites where
Skills wise, I am mainly a web developer, as you'd expect, with a good
knowledge of PHP and MySQL. I also have experience with Java as well as C#
.NET and some other less well known languages from my degree course. I have
also used Docbook in the past for Zikula project documentation, so I at
least have a vague idea where the docs project are coming from.
I'm hoping that I, and Zikula as a project, will be able to provide a big
boost to the docs project's publishing workflow.
Since the change on fedorapeople was a success, we need to make this
change on the builders as well.
The problem is that when we create rawhide each night, we have random
builders create a chroot in order to run pungi in. The chroot is
generated from the freshly made rawhide repos, which have the newer
sha256 sum in them. We need a newer yum and the python-hashlib build in
order for the host yum to be able to process that metadata and generate
Fedora -- Freedom² is a feature!