[Systems] [Fwd: please change resolv.conf on sugarlabs machines]
Bernie Innocenti
bernie at codewiz.org
Sat Jun 5 13:28:03 EDT 2010
El Sat, 05-06-2010 a las 10:09 +0000, Sascha Silbe escribió:
> Excerpts from Bernie Innocenti's message of Fri May 28 21:04:43 +0000 2010:
>
> > Note: we can't use ns1.sugarlabs.org and ns2.sugarlabs.org as they
> > recursive queries are disallowed.
> treehouse uses sunjammer (ns2) and it works fine, but IMO we should
> change that. It's always a good idea to keep those functions
> (content servers and recursive resolvers) separated. It's easy enough
> for a "trusted" client to "accidently" poison your cache (e.g. mail
> server doing lookups on the HELO/EHLO host name).
Agreed, we should not use ns[12].sugarlabs.org as caching nameservers,
although all modern DNS servers implement effective counter-measures
against the old cache poisoning attacks.
> idea unknown (console not working)
> mapspress unknown (needs root password)
>monitoring unknown (needs root password)
>aslo-web unknown (needs root password)
>sharing unknown (needs root password)
>schooltool unknown (needs root password)
I don't have passwords for any of these. Dogi?
> ole unknown (needs root password)
I don't have this one either. Chris?
> zatoichi unknown (needs root password)
Neither this one. Raul?
>rt unknown (needs root password)
Luke?
>launchpad unknown (needs root password)
>pootle unknown (needs root password)
I'll send you these by private email.
Don't forget the templates.
> Besides configuring all VMs to allow root login without
> password on the console (that's only accessible to root
> on the host anyway, so no risk)
Agreed.
> it's probably a good
> idea to set up a recursive resolver (e.g. dnscache ;) )
> on housetree, treehouse and bender.
Agreed.
--
// Bernie Innocenti - http://codewiz.org/
\X/ Sugar Labs - http://sugarlabs.org/
More information about the Systems
mailing list