Greetings from a potential new contributor
by Jorn Argelo
Hi guys and girls,
Following the getting started page on the wiki I saw an introducion
e-mail to the list was recommended. So here is mine.
Allow me to introduce myself. My name is Jorn Argelo, 23 years old
coming from the Netherlands. I was born and raised in Amsterdam, and
always had a keen interest for computers when I was a kid. IT was
something I knew was going to be my job when I was young. After high
school I studied for basic system administration and after that I
studied some basic application development. Then I ended up at my
current employer. Last month I passed my RHCE exam, with
#805009993038409 for those interested. I also followed the Cluster and
Storage training course.
I am employed by a large printer and imaging company, and work in their
European datacenter where I do all the internet infrastructure for the
EMEAR region. I started working there fulltime when I was 19, and I have
been in internship there twice for 6 months, starting when I was 17.
Before that I played around with Red Hat 8, so that is how Linux all
started for me. When I was hired I was a junior, and now I'm a medior.
(or internally we call it an engineer and a specialist, so I'm the
latter now.) With that said, I hope my age does not put anyone off.
As I sort of already mentioned, I do everything with internet
infrastructure on a daily base. I administrate webservers, proxies,
e-mail servers, DNS, their operating systems and everything else
regarding internet. With two people we built the infrastructure for the
new web environment, based on 60 RHEL4 & 5 boxes and Jboss. This also
includes two RHEL5 clusters, webservers running mod_jk, squid and Apache
and so on. Next to that also all of the infrastructure supporting this
is admistrated by us, and we also have a Satellite server running there.
Other than I have experience with various other Linux distrution, BSD
and Solaris. When it comes to scripting, I can do bash scripting and
Perl scripting primarily. I know Red Hat / Fedora uses Python
extensively but so far I did not see a need for me to learn this, as I
can do everything I want with Perl.
So why am I applying here? Because I think Red Hat as a company shares
similar goals as I do, and of course being able to help out the Fedora
project is a great oppertunity to contribute to that. I believe my
knowledge can be put to use in the infrastructure team, seeing as that
is my job as well. (I hope that doesn't sound arrogant as that is
certainly not the intend) Next to that I am also willing to learn new
things should that be required. Maybe I get a reason to learn Python.
Well, I suppose that's about it. I hope I didn't make this too long, and
I'm looking forward to hear from you guys.
Thanks,
Jorn
14 years, 10 months
Change Request - email alias handling
by Toshio Kuratomi
Right now FAS constructs email aliases only for accounts that are
active. This is causing us two problems.
1) We have recently implemented a "bot" status for accounts that makes
it so the account can't be logged into and don't go inactive. This
status needs to be allowed to get email as well.
2) inactive accounts are bouncing mail, not just from the pkgdb which
I've been handling and have a mid-term and long-term plan for fixing but
also for the wiki watch-page function which we currently don't have a
good mid-term plan for. Restoring aliases for inactive accounts seems
like the best short-term solution for this.
Fixing these requires updating the fas server code. Attaching a patch
to hotfix our servers with to do this. The patch has been tested on
fas1.stg successfully.
-Toshio
14 years, 10 months
Gone on Friday
by Mike McGrath
Hey all, just a heads up I won't be around on Friday. Helping my father
in law move.
-Mike
14 years, 10 months
Change Freeze Breakage
by Mike McGrath
Unfortunately I'm not totally in control of these things sometime.
Someone will be on site today to replace the tapes in our backup server
and give it a new drive. backup1 is in the change freeze though, can I
get 2+1's to have this work done?
-Mike
14 years, 10 months
introduction
by Miguel Lopes
Hi
My name is Miguel, now i'm working on projects that require php mysql
and javascript, i'm building backoffices that manage reports and give
information to the client of a database in a different network, this
network has another webserver with php that decrypts and handle the
querys and return the results.I also know python and the basic on C. On
python i modified a msn messenger client for a newer protocol, made a
key generator for a application that my company is working on and a
small program that downloads and updatloads a file to an FTP server.
14 years, 10 months
[PATCH] Creating sftp disable mechanism
by Mike McGrath
Also disabling sftp on fedorahosted boxes
---
manifests/servergroups/hosted.pp | 1 +
modules/ssh/manifests/init.pp | 6 ++++++
modules/ssh/templates/sshd_config.erb | 2 +-
3 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/manifests/servergroups/hosted.pp b/manifests/servergroups/hosted.pp
index 30142e2..24d3720 100644
--- a/manifests/servergroups/hosted.pp
+++ b/manifests/servergroups/hosted.pp
@@ -4,6 +4,7 @@ class hosted {
$restrictedApp = '/usr/bin/run-git'
$sshd_config_PasswordAuthentication = 'no'
$sshd_config_AllowTcpForwarding = 'no'
+ $sshd_config_sftp = '/bin/false'
include global
include hosted-server
include fas::fas
diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp
index 9c8b62d..4972851 100644
--- a/modules/ssh/manifests/init.pp
+++ b/modules/ssh/manifests/init.pp
@@ -17,6 +17,12 @@ class ssh::sshd {
default => $sshd_config_StrictModes
}
+ $sshd_config_sftp = $sshd_config_sftp ? {
+ '' => "/usr/libexec/openssh/sftp-server",
+ default => $sshd_config_sftp
+ }
+
+
file { "/etc/ssh/sshd_config":
content => template("ssh/sshd_config.erb"),
mode => 0600,
diff --git a/modules/ssh/templates/sshd_config.erb b/modules/ssh/templates/sshd_config.erb
index ea656ec..2e90a99 100644
--- a/modules/ssh/templates/sshd_config.erb
+++ b/modules/ssh/templates/sshd_config.erb
@@ -116,4 +116,4 @@ X11Forwarding yes
#Banner /some/path
# override default of no subsystems
-Subsystem sftp /usr/libexec/openssh/sftp-server
+Subsystem sftp <%= sshd_config_sftp %>
--
1.5.5.6
14 years, 10 months