[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] [43] mention vcs:/etc/nsswitch. conf use of unusual mysql
|
From: |
karl |
|
Subject: |
[Savannah-cvs] [43] mention vcs:/etc/nsswitch. conf use of unusual mysql module and custom sshd_config AuthorizedKeysExec |
|
Date: |
Thu, 03 Oct 2013 18:11:30 +0000 |
Revision: 43
http://svn.sv.gnu.org/viewvc/?view=rev&root=administration&revision=43
Author: karl
Date: 2013-10-03 18:11:24 +0000 (Thu, 03 Oct 2013)
Log Message:
-----------
mention vcs:/etc/nsswitch.conf use of unusual mysql module and custom
sshd_config AuthorizedKeysExec
Modified Paths:
--------------
trunk/sviki/RemovingProject.mdwn
trunk/sviki/SavannahArchitecture.mdwn
Modified: trunk/sviki/RemovingProject.mdwn
===================================================================
--- trunk/sviki/RemovingProject.mdwn 2013-10-01 16:36:27 UTC (rev 42)
+++ trunk/sviki/RemovingProject.mdwn 2013-10-03 18:11:24 UTC (rev 43)
@@ -33,8 +33,8 @@
signed confirmation)
- Mark it as deleted in Savane, so nobody change it
- Ask the project admin about deleting the mailing lists
-- run infra/maintenance/delete\_project.sh projname
+- run `infra/maintenance/delete_project.sh` projname
- a backup of the project's sources will be put in
- \~/deleted-projects/
+ `~/deleted-projects/`
- ??? mailing lists are still present in the database after
project deletion, we should remove them as well
Modified: trunk/sviki/SavannahArchitecture.mdwn
===================================================================
--- trunk/sviki/SavannahArchitecture.mdwn 2013-10-01 16:36:27 UTC (rev 42)
+++ trunk/sviki/SavannahArchitecture.mdwn 2013-10-03 18:11:24 UTC (rev 43)
@@ -6,11 +6,11 @@
- The administration 'infra' repository, with system installation
notes and maintenance script:
<http://bzr.savannah.gnu.org/lh/administration/>
-- The Savane code:
- <http://git.savannah.gnu.org/cgit/savane-cleanup.git>
-- The next Savane code:
<http://git.savannah.gnu.org/cgit/savane-cleanup/framework.git/>
+(All the live code is in the `administration` project; the savane,
+savane-cleanup, and other projects are idle.)
+
Global architecture
-------------------
@@ -35,11 +35,11 @@
Savannah operates with five critical Xen domU's:
+- mgt.savannah.gnu.org (140.186.70.74)
+- internal.savannah.gnu.org. (140.186.70.75)
- frontend.savannah.gnu.org (140.186.70.70, 140.186.70.71)
- vcs.savannah.gnu.org (140.186.70.72)
- download.savannah.gnu.org (140.186.70.73)
-- mgt.savannah.gnu.org (140.186.70.74)
-- internal.savannah.gnu.org. (140.186.70.75)
mgt.savannah.gnu.org
--------------------
@@ -70,6 +70,12 @@
management vm on the other vm's without actually being in the mgt vm's
authorized\_keys file.
+internal.savannah.gnu.org
+-------------------------
+
+The internal domU runs mysql as well as bind (for the
+*.savannah.gnu.org/*.savannah.nongnu.org domains)
+
frontend.savannah.gnu.org
-------------------------
@@ -77,18 +83,20 @@
The frontend Savane repository pulls from administration/savane.git
-internal.savannah.gnu.org
--------------------------
-
-The internal domU runs mysql as well as bind (for the
-*.savannah.gnu.org/*.savannah.nongnu.org domains)
-
vcs.savannah.gnu.org
--------------------
This is the version control system virtual machine. It runs
cvs/git/bzr/etc as well as webservers for repository viewing.
+Alone among the Savannah hosts, it allows ssh from everywhere since that
+is part of VC access, and has a custom sshd_config directive
+`AuthorizedKeysExec` to look up ssh keys in the mysql database.
+
+Users themselves are authenticated in `/etc/nsswitch.conf` with a
+`mysql` module (`libnss-mysql`), also directly against the mysql
+database on internal.
+
download.savannah.gnu.org
-------------------------
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-cvs] [43] mention vcs:/etc/nsswitch. conf use of unusual mysql module and custom sshd_config AuthorizedKeysExec,
karl <=