Erik Huelsmann | 7 May 10:41 2011
Picon

Migration status [2011-05-06]

These things happened last week:

 * ssh connections to cl-net were routed to new-cl-net
 * we were asked to install several applications on new-cl-net (emacs, zsh)
 * we started to create subdomains for services (first: git.cl.net)
 * after being reported that people were missing group memberships,
we've now migrated all project related groups with a gid < 1000;
because those numbers are reserved for system groups, they were
excluded from the account/group migration. In order to prevent similar
issues in the future, all these groups have been renumbered. There's
currently a batch running to re-assign all group ownerships in the
file systems

 * we stopped routing traffic to new-cl-net because commit mails were
no longer coming through [the mailer wasn't fully set up yet on
new-cl-net]

Next steps:

 * set up the mailer
 * re-instate the ssh traffic route to new-cl-net
 * set up the webserver in order to be able to migrate trac.c-l.net

Anybody who wants to use new-cl-net services directly should log into
tiger.common-lisp.net; passwords and ssh keys are the same as on
common-lisp.net (aka elephant.common-lisp.net).

Bye,

Erik.
(Continue reading)

Hans Hübner | 7 May 11:06 2011

Re: Migration status [2011-05-06]

Hi,

can someone who knows more about Debian resolve this?

common-lisp:/etc# apt-get install exim4
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  exim4-base exim4-config exim4-daemon-light
Suggested packages:
  eximon4 exim4-doc-html exim4-doc-info spf-tools-perl swaks
The following packages will be REMOVED:
  postfix
The following NEW packages will be installed:
  exim4 exim4-base exim4-config exim4-daemon-light
0 upgraded, 4 newly installed, 1 to remove and 0 not upgraded.
Need to get 0 B/2030 kB of archives.
After this operation, 868 kB of additional disk space will be used.
Do you want to continue [Y/n]?
E: Could not perform immediate configuration on 'exim4'. Please see
man 5 apt.conf under APT::Immediate-Configure for details. (2)

Thanks,
Hans

On Sat, May 7, 2011 at 10:41 AM, Erik Huelsmann <ehuels <at> gmail.com> wrote:
> These things happened last week:
>
>  * ssh connections to cl-net were routed to new-cl-net
(Continue reading)

root | 7 May 11:33 2011
Picon

testing mailman+exim

nothing else
Hans Hübner | 7 May 11:40 2011
Picon

Testing exim4+mailman+sa+greylistd setup on tiger.common-lisp.net

When you're reading this, things should be in working order.

-Hans
Hans Hübner | 7 May 17:09 2011

Re: link to OTRS docs for mail processing

Hi Erik,

I have installed the otrs gateway at otrs <at> tiger.common-lisp.net - As
otrs runs under a specific user ID and I did not feel like inventing a
suid wrapper, I have implemented the gateway by an explicit exim
configuration directive (see /etc/exim4/configure if you are
interested).  I sent a few test mails to that address, but otrs did
not reply to them, and I don't have an account in otrs yet.  Can you
add that for me, please?

Thanks!
Hans

On Sat, May 7, 2011 at 2:33 PM, Erik Huelsmann <ehuels <at> gmail.com> wrote:
> Hi Hans,
>
> This link discusses it: http://doc.otrs.org/3.0/en/html/x2048.html
>
> Basically, you need to pipe the mail into 'bin/PostMaster.pl' (which
> is in /usr/share/otrs :-l )
>
> The docs are for OTRS 3.0 while we still run 2.4, but there are few
> changes in this area.
>
> Bye,
>
> Erik.
>
Hans Hübner | 7 May 17:16 2011
Picon

Security update required for exim4

Drew,

it seems that the Debian distribution that is installed on tiger does
not supply a very current version of exim4, and today a security hole
was reported in the version that we are running.  Is it possible to
add a package source with up to date security fixes so that we can
update exim4?

Thanks,
Hans
Erik Huelsmann | 8 May 15:00 2011
Picon

cvsroot syncing regularly takes too long

Hi,

On new-cl-net, the "sync cvsroot" script is regularly exceeding its
runtime window (which is 20 minutes).

One solution could be to change the nice parameter (-20).

I'm hoping that others have better ideas, like changing the script
from polling to event-based, which would eliminate the need to check
all files individually. Does anybody have some cycles to look into the
options?

Bye,

Erik.
Erik Huelsmann | 8 May 20:22 2011
Picon

Re: Migration status [2011-05-06]

Hi,

> can someone who knows more about Debian resolve this?

We found the solution to  this yesterday. For the record, it was this
command which fixed the situation:

 $ dpkg --force-all -r postfix

The situation was caused by postfix having been installed before the
exim setup was attempted.

Bye,

Erik.
Hans Hübner | 8 May 21:58 2011
Picon

Re: cvsroot syncing regularly takes too long

I think it would be better to publish the original repositories using
pserver rather than making an extra copy just because of the paranoia.
 If pserver needs to be chroot (I'd doubt that), the repositories can
live inside of the chroot and instead symlink to the /project
directory.

Opinions?  I can implement the simple scheme if noone objects.

-Hans

On Sun, May 8, 2011 at 3:00 PM, Erik Huelsmann <ehuels <at> gmail.com> wrote:
> Hi,
>
> On new-cl-net, the "sync cvsroot" script is regularly exceeding its
> runtime window (which is 20 minutes).
>
> One solution could be to change the nice parameter (-20).
>
> I'm hoping that others have better ideas, like changing the script
> from polling to event-based, which would eliminate the need to check
> all files individually. Does anybody have some cycles to look into the
> options?
>
>
> Bye,
>
>
> Erik.
>
> _______________________________________________
(Continue reading)

Erik Huelsmann | 8 May 22:33 2011
Picon

Re: Migration status [2011-05-06]

Hi,

> Next steps:
>
>  * set up the mailer

Well, Hans was able to get the MTA up and running. It's now able to
send out commit mails and handle mailing list traffic. Setup includes
handling of mails for the ticket handling system.

We can't switch to the next steps below yet, because:

 * the webserver (on new) needs to be configured to handle serving the
mailman web interface and archives [done; although I need to make this
an official vhost]
 * the webserver (on old) should be configured to respond with
"permanently moved" responses [to be done]

In order to be able to forward the web ui and archive traffic to the
new host, I've created 'lists.common-lisp.net' to serve list related
web traffic.

 * The common-lisp main website needs to be adjusted to point to the
new lists.* subdomain. [in progress; I've copied /var/www to
/var/www-new-lists for the purpose on old-cl-net]

 * set up Apache virtual hosts for common-lisp.net,
lists.common-lisp.net, trac.common-lisp.net (others?)
>  * re-instate the ssh traffic route to new-cl-net

(Continue reading)


Gmane