Home Home
Sign up | Login

Author Archive

openSUSE Stable Maintenance Process Now Fully Open

March 13th, 2012 by

The new patchesA while ago, we wrote about the work on moving maintenance support into the Open Build Service. Since then announcement, some of the internal maintenance scripts have been running in parallel to the Open Build Service but the Security, Maintenance and OBS teams are now convinced things are ready for a switch. Soon, to be exact Thursday, March 15 2012, your updates will be delivered exclusively by OBS via an open workflow!
(more…)

Infrastructure Updates

April 19th, 2011 by

We had way too many server downtimes during the last month in our infrastructure. These were caused by an unreliable login proxy. We have now developed and setup a new login proxy and use it for the following sites:

  • build.opensuse.org
  • api.opensuse.org
  • hermes.opensuse.org
  • notify.opensuse.org
  • features.opensuse.org

We hope that this new proxy is working reliably now.  The new proxy is open source and source code can be found on gitorious.org. A future version of the openSUSE Build Service (OBS)  (not 2.3) will come with this proxy as authentication mechanism as well.

For the openSUSE Build Service, another change is that we switched to apache and the passenger module on our productive system, following the new default of OBS 2.3. This should also fix some cases of invalid http answers.

In short, we have changed some key parts of our infrastructure and introduced a new login proxy, so there might still be some pitfalls. But we have it under our control now and can debug and even fix any issue with it. In case of problems, please speak up on the opensuse-buildservice mailing list.

Your make-OBS-stable-team, Michael Schröder, Stephan Kulow and Adrian Schröter

Invalid SSL certificate on some opensuse.org services

April 7th, 2011 by

Update from 14:30 UTC: The problem is solved.

We want to let you know that we are aware about an invalid SSL certificate on some of our servers behind the https protocol. This is the case most of the time at least between 04:00 until 11:00 CET today.

We took down some of our services temporarily after getting aware of this. Affected services were

  • build.opensuse.org
  • api.opensuse.org
  • hermes.opensuse.org
  • notify.opensuse.org
  • connect.opensuse.org
  • features.opensuse.org

The issue is reported to our service provider maintaining the proxy who delivers this certificate.

I hope everybody of you will continue not to trust invalid certifications for our services. It can always be a man-in-the-middle-attack and especially when submitting passwords or sensitive data like source code it is not acceptable. So please continue to miss-trust invalid certificates on our servers.

Sorry