... | @@ -1755,6 +1755,110 @@ We have 4 patches there, and a handful were merged upstream. The |
... | @@ -1755,6 +1755,110 @@ We have 4 patches there, and a handful were merged upstream. The |
|
remaining patches could probably live as configuration files in
|
|
remaining patches could probably live as configuration files in
|
|
Puppet, reducing the diff to nil.
|
|
Puppet, reducing the diff to nil.
|
|
|
|
|
|
|
|
Update, 2023-05-10: some patches were merged, some weren't, and we had
|
|
|
|
to roll new ones. We have the following diff now:
|
|
|
|
|
|
|
|
```
|
|
|
|
debian/changelog | 22 ++++++++++++++++++++++
|
|
|
|
debian/compat | 2 +-
|
|
|
|
debian/control | 5 ++---
|
|
|
|
debian/rules | 3 +--
|
|
|
|
debian/ud-replicate.cron.d | 2 +-
|
|
|
|
templates/passwd-changed | 2 +-
|
|
|
|
templates/welcome-message | 41 ++++++++++++++++++++++++++++-------------
|
|
|
|
test/test_pass.py | 10 ++++++++++
|
|
|
|
ud-mailgate | 5 +++--
|
|
|
|
ud-replicate | 11 +++++++++--
|
|
|
|
userdir-ldap.conf | 2 +-
|
|
|
|
userdir_ldap/UDLdap.py | 5 +++++
|
|
|
|
userdir_ldap/generate.py | 22 +++++++++++++++++++++-
|
|
|
|
userdir_ldap/ldap.py | 2 +-
|
|
|
|
14 files changed, 106 insertions(+), 28 deletions(-)
|
|
|
|
```
|
|
|
|
|
|
|
|
We now have *five* branches left:
|
|
|
|
|
|
|
|
* `tpo-scrub-0.3.104`:
|
|
|
|
* `43c67a3` fix URL in passwd-changed template to torproject.org
|
|
|
|
* `f9f9a67` Set emailappend to torproject.org
|
|
|
|
* `c77a70b` Use https:// in welcome email
|
|
|
|
* `6966895` Re-apply tpo changes to Debians repo
|
|
|
|
* `mailpassword-generate-0.3.104`:
|
|
|
|
* `6b09f95` distribute mail-passwords in a location dovecot can read
|
|
|
|
* `666c050` expand mail-password file fields
|
|
|
|
* `5032f73` add simple getter to Account
|
|
|
|
* `hashpass-test-0.3.104`, `7ceb72b` add tests for ldap.HashPass
|
|
|
|
* `bookworm-build-0.3.104`:
|
|
|
|
* `25d89bd` fix warning about chown(1) call in bookworm
|
|
|
|
* `9c49a4a` fix Depends to support python3-only installs
|
|
|
|
* `1ece069` bump dh compat to 7
|
|
|
|
* `90ef120` make this build without python2
|
|
|
|
* `ssh-sk-0.3.104`, `a722f6f` Add support for security key generated ssh public keys (sk- prefix)
|
|
|
|
|
|
|
|
The rebase was done with the following steps.
|
|
|
|
|
|
|
|
First we laid down a tag because upstream didn't:
|
|
|
|
|
|
|
|
```
|
|
|
|
git tag 0.3.104 81d0512e87952d75a249b277e122932382b86ff8
|
|
|
|
```
|
|
|
|
|
|
|
|
Then we created new branches for each old branch and rebased it on
|
|
|
|
that release:
|
|
|
|
|
|
|
|
```
|
|
|
|
git checkout -b genpass-fix-0.3.104 origin/genpass-fix-0.3.104-pre-dd7f9a3
|
|
|
|
git rebase 0.3.104
|
|
|
|
git branch -m hashpass-test-0.3.104
|
|
|
|
|
|
|
|
git checkout -b procmail-0.3.104 procmail-0.3.104-pre-dd7f9a3
|
|
|
|
git rebase 0.3.104
|
|
|
|
git branch -d procmail-0.3.104
|
|
|
|
|
|
|
|
git checkout -b mailpassword-generate-0.3.104 origin/mailpassword-generate-0.3.104-pre-dd7f9a3
|
|
|
|
git rebase 0.3.104
|
|
|
|
|
|
|
|
git checkout -b tpo-scrub-0.3.104 origin/tpo-scrub-0.3.104-pre-dd7f9a3
|
|
|
|
git rebase 0.3.104
|
|
|
|
|
|
|
|
git checkout master
|
|
|
|
git merge hashpass-test-0.3.104
|
|
|
|
git merge mailpassword-generate-0.3.104
|
|
|
|
git merge tpo-scrub-0.3.104
|
|
|
|
|
|
|
|
git checkout -b bookworm-build-0.3.104 0.3.104
|
|
|
|
git merge bookworm-build-0.3.104
|
|
|
|
```
|
|
|
|
|
|
|
|
Verifications of the resulting diffs were made with:
|
|
|
|
|
|
|
|
```
|
|
|
|
git diff master dsa
|
|
|
|
git diff master origin/master
|
|
|
|
```
|
|
|
|
|
|
|
|
Then the package was built and tested on `forum-test-01`, `chives`,
|
|
|
|
`perdulce` and `alberti`:
|
|
|
|
|
|
|
|
```
|
|
|
|
dpkg-buildpackage
|
|
|
|
```
|
|
|
|
|
|
|
|
And finally uploaded to db.tpo and git:
|
|
|
|
|
|
|
|
```
|
|
|
|
git push origin -u hashpass-test-0.3.104
|
|
|
|
git push origin -u mailpassword-generate-0.3.104
|
|
|
|
git push origin -u bookworm-build-0.3.104 0.3.104
|
|
|
|
git push origin -u tpo-scrub-0.3.104
|
|
|
|
git push
|
|
|
|
```
|
|
|
|
|
|
|
|
Eventually, we merged with upstream's master branch to be able to use
|
|
|
|
micah's patch (in
|
|
|
|
https://gitlab.torproject.org/tpo/tpa/team/-/issues/41166), so we
|
|
|
|
added an extra branch in there.
|
|
|
|
|
|
## Monitoring and testing
|
|
## Monitoring and testing
|
|
|
|
|
|
Nagios checks the `/var/lib/misc/thishost/last_update.trace` timestamp
|
|
Nagios checks the `/var/lib/misc/thishost/last_update.trace` timestamp
|
... | | ... | |