Hopefully third time's the charm for this freeze break request. I
calls. I've deployed the new code to stg and it is working properly.
A bug was filed the other day claiming that it was impossible to
propose bugs as FE or blockers in the blockerbugs app. I have a fix
ready that's already deployed to stg and I'd like to move it into prod.
After some triage today, it turns out that there were selinux denials
on httpd writing to a cookiefile which is required by python-bugzilla
and used as part doing the actual proposal.
The fix is in two places:
- the code was modified to not use cookiefiles when calling
code changes for this is at:
- the config file in puppet needs to be modified so that it no longer
references the bugzillacookie value
diff --git a/modules/blockerbugs/templates/blockerbugs-settings.py.erb b/modules/blockerbugs/templates/blockerbugs-settings.py.erb
index 8c33d6f..5b58b7a 100644
@@ -3,7 +3,6 @@ SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://<%= blockerbugs_app %>:<%= bloc
FAS_ADMIN_GROUP = "qa-admin"
FAS_USER = "<%= blockerbugs_fas_user %>@fedoraproject.org"
FAS_PASSWORD = "<%= blockerbugs_fas_password %>"
-BUGZILLA_COOKIE = "" # this should be blank for production
<% if environment == "staging" %>
FAS_HTTPS_REQUIRED = False
FAS_CHECK_CERT = False
At Flock, there was some discussion about creating more videos
to introduce new contributors to different fedora teams. I
volunteered there to make some for the infra team. Nitesh has
volunteered to add nice intro/outro theming stuff and to do other
editing (like superimposing text and links where appropriate).
I came up with these two:
Is this stuff off base?
I want to make a third introducing the -noc side of stuff. I was
thinking it should include:
- How to apply for fi-apprentice
- How to log in to lockbox
- How to find your way around the puppet and ansible repos.
- How to find the list of SOPs
Any feedback? Anything I should add/leave out/do differently?
Anyone else want to do the -noc one instead of me? It would be better
to have a variety I think.
Hello everyone my name is Matt. I have been using Linux for a while now and would like to put my skills to greater use. By day I am a monitoring systems engineer. I spend much of my time designing and maintaining a large distributed icinga environment and writing service checks and python scripts for nagios/icinga. By night I do bug testing and packaging for icinga with CentOS and am slowly porting nrpe to icinga. I am fairly good with Python, BASH, and RPM package management and would like to use these skills to help build out the fedora infrastructure. I can be found on IRC with the handle mattjones in #icinga, #icinga-devel, and now #fedora-admin.
This message, and any attachments, contain(s) information that may be confidential or protected by privilege from disclosure and is intended only for the individual or entity named above. No one else may disclose, copy, distribute or use the contents of this message for any purpose. Its unauthorized use, dissemination or duplication is strictly prohibited and may be unlawful. If you receive this message in error or you otherwise are not an authorized recipient, please immediately delete the message and any attachments and notify the sender.
-----BEGIN PGP SIGNED MESSAGE-----
I want to change sudoer on the compose boxes to enable members of
the releng group to run "sudo cp -l" without a password this is to
enable easily putting the livecds and disk images in place when staging
could I get some +1's please
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (GNU/Linux)
-----END PGP SIGNATURE-----
The sudoers file needs to be updated for the retrace02 instance so
retrace folks can sudo there.
This sudoers file is used by all our puppet machines.
It would be adding retrace02 to the RETRACE group alias, and changing
the members that have sudo to the 'retrace' group. It should be pretty
easy to revert if needed and syntax can be checked with visudo.
I'd like to update mediawiki-FedoraBadges in production. The new code is
running in staging and can be seen working here:
The biggest change is that it makes the 'title' attribute work so you
can hover over a badge to see which badge it is, without having to click
This is already in the infra repo, so I'm requesting +1's to do this
sudo -i ansible app\* -m shell -a "yum clean expire-cache; yum -y update
If anything were to fail, it should only affect user pages and is easily
revertable by downgrading to the old version (i.e., remove the new RPM
from the infra repo, yum remove mediawiki-FedoraBadges, yum clean
expire-cache, yum install mediawiki-FedoraBadges).