This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| __ _ | |
| / _| ___ __| | ___ _ __ __ _ | |
| | |_ / _ \/ _` |/ _ \| '__/ _` | Fedora Security Team Report | |
| | _| __/ (_| | (_) | | | (_| | Report date: 2015-08-27 10:15:51.173354 | |
| |_| \___|\__,_|\___/|_| \__,_| | |
| ------------------------------------------------------------------------------- | |
| +Ticket Status------------+ | |
| | Status | Tickets Open | | |
| +----------+--------------+ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from bugzilla import Bugzilla | |
| from collections import defaultdict, OrderedDict | |
| from datetime import datetime | |
| from terminaltables import AsciiTable | |
| from pprint import pprint | |
| VALID_STATUSES = ['NEW', 'ASSIGNED', 'MODIFIED', 'ON_QA'] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| __ _ | |
| / _| ___ __| | ___ _ __ __ _ | |
| | |_ / _ \/ _` |/ _ \| '__/ _` | Fedora Security Team Report | |
| | _| __/ (_| | (_) | | | (_| | Report date: 2015-09-03 08:55:46.025472 | |
| |_| \___|\__,_|\___/|_| \__,_| | |
| ------------------------------------------------------------------------------- | |
| ┌Tickets by Priority──┬───────┬─────────┐ | |
| │ Priority │ Count │ Owned │ Unowned │ | |
| ├─────────────┼───────┼───────┼─────────┤ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| rm -rf /opt/debootstrap-test | |
| rm -rf /opt/tarball-test | |
| echo "Starting debootstrap..." | |
| OP_START_TIME="$(date +%s)" | |
| mkdir /opt/debootstrap-test | |
| debootstrap --include=python2.7,build-essential --variant=buildd --arch=amd64 trusty /opt/debootstrap-test/ http://iad.mirror.rackspace.com/ubuntu/ > /dev/null | |
| OP_TOTAL_SECONDS="$(( $(date +%s) - $OP_START_TIME ))" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cloud-config | |
| # | |
| # supernova prodiad boot --flavor general1-8 --image 09de0a66-3156-48b4-90a5-1cf25a905207 --key-name=personal_servers --config-drive=true --user-data user_data.yml --poll | |
| # | |
| apt_mirror: http://iad.mirror.rackspace.com/ubuntu/ | |
| package_upgrade: true | |
| packages: | |
| - git-core | |
| runcmd: | |
| - export ANSIBLE_FORCE_COLOR=true |
major
/ gist:ebd7542ee3daf593ab66
Created
September 17, 2015 20:42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| + REPORT_DATA+='- Operation: [ openstack-ansible -v --forks 8 openstack-hosts-setup.yml ]\t81 seconds\tNumber of Attempts [ 1 ]\n' | |
| + REPORT_DATA+='- Operation: [ openstack-ansible -v --forks 8 lxc-hosts-setup.yml ]\t112 seconds\tNumber of Attempts [ 1 ]\n' | |
| + REPORT_DATA+='- Operation: [ openstack-ansible -v --forks 8 lxc-containers-create.yml ]\t274 seconds\tNumber of Attempts [ 1 ]\n' | |
| + REPORT_DATA+='- Operation: [ openstack-ansible -v --forks 8 haproxy-install.yml ]\t41 seconds\tNumber of Attempts [ 1 ]\n' | |
| + REPORT_DATA+='- Operation: [ openstack-ansible -v --forks 8 memcached-install.yml ]\t24 seconds\tNumber of Attempts [ 1 ]\n' |
major
/ gist:b30a9aa49f01e96625a1
Created
November 3, 2015 14:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| TASK: [lxc_hosts | Move lxc cached image into place] ************************** | |
| failed: [aio1] => (item={'url': u'https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz', 'name': 'trusty.tgz', 'chroot_path': 'trusty/rootfs-amd64', 'sha256sum': '56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c'}) => {"failed": true, "item": {"chroot_path": "trusty/rootfs-amd64", "name": "trusty.tgz", "sha256sum": "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c", "url": "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"}} | |
| msg: Unexpected error when accessing exploded file: [Errno 2] No such file or directory: '/var/cache/lxc/trusty/rootfs-amd64/etc/ssl/certs/NetLock_Arany_=Class_Gold=_F\\305\\221tan\\303\\272s\\303\\255tv\\303\\241ny.pem' | |
| FATAL: all hosts have already failed -- aborting | |
| PLAY RECAP ******************************************************************** | |
| to retry, use: --limit @/root/lxc-hosts-setup.retry | |
| aio1 |
major
/ gist:1b97999a7ec7dfce0768
Created
November 6, 2015 22:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| TASK: [openstack-ansible-security | V-38496 - Default operating system accounts (other than root) must be locked] *** | |
| skipping: [aio1] | |
| TASK: [openstack-ansible-security | V-38497 - The system must not have accounts configured with blank or null passwords.] *** | |
| ok: [aio1] | |
| TASK: [openstack-ansible-security | V-38497 - The system must not have accounts configured with blank or null passwords.] *** | |
| failed: [aio1] | |
| msg: FAILED: Remove 'nullok' from /etc/pam.d/system-auth for better security. |
major
/ gist:e9740a2731811d9b6717
Created
November 12, 2015 15:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [major@arsenic openstack-ansible]$ git review | |
| You are about to submit multiple commits. This is expected if you are | |
| submitting a commit that is dependent on one or more in-review | |
| commits. Otherwise you should consider squashing your changes into one | |
| commit before submitting. | |
| The outstanding commits are: | |
| df4957a (HEAD -> update-run-aio-build-script, origin/update-run-aio-build-script) Use Ansible AIO playbook for run-aio-build.sh | |
| 71e20c9 (origin/bp/convert-aio-bootstrap-to-ansible, review/major_hayden/bp/convert-aio-bootstrap-to-ansible, bp/convert-aio-bootstrap-to-ansible) AIO bootstrap in Ansible |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from cryptography import x509 | |
| from cryptography.hazmat.backends import default_backend | |
| from cryptography.hazmat.primitives import hashes, serialization | |
| from cryptography.hazmat.primitives.asymmetric import rsa | |
| from cryptography.x509.oid import NameOID | |
| import datetime | |
| import uuid | |
| one_day = datetime.timedelta(1, 0, 0) | |
| private_key = rsa.generate_private_key( | |
| public_exponent=65537, |