acceptance email truly anonymous.  A few other emails related to
project membership are still not anonymous though.  New function
AnonSENDMAIL in libtestbed which will try to make sure there is no
trace of the current user in the mail sent.

For now, stop sending membership approval related email to the project
admin list since this will also go to testbed-approval.  There is also
some code to remove testbed-approval from the proj-admin list after
the acceptance email but this is disabled for now since some times people
reply to the approval email.

  When a project is initially created a new mailing list is created,
  PROJ-admin@emulab.net.

  testbed-approval is subscribed to the list

  Several emails that originally went to testbed-approval now go to the
  mailing list instead.  The From, To, fields are basically the same
  with testbed-approval becoming PROJ-admin.  This means some mail
  is sent with a From PROJ-admin and Bcc the mailing list.  Note that
  some mail still goes to testbed-approval directly, in particular
  ones where there is no clear project involved, and when a project is
  denied.

  In addition notifications of approval status of new members is also
  sent to the list.  These emails use to only go to testbed-audit@.

  Currently All mail sent to PROJ-admin is also sent to testbed-audit
  (via a Bcc).  This means that some mail that didn't use to go to
  testbed-audit now does.

  The mailing list is deleted when a project is deleted with out first
  being approved.  Becuase of this notified that a project is denied
  is sent to testbed-approval instead of PROJ-admin.

  Admins can access the mailing list from the Project Profile page.

  The mailing list is open in order to allow users to reply to the
  mailing list, in addition the check that PROJ-admin is in the To or
  CC field is disabled.  There is currently no spam control on the
  mailing lists.  However, since the mailing list address is not posted
  anywhere it should't pick up to much spam.  If it does we can deal
  with it then.

  Finally, a new script is created to create the per-project admin
  mailing list.  See doc/UPDATING.

Also add DBQuerySingleFatal to libdb, which is like DBQueryFatal but
also fails if the query didn't return any results.  Basically
identical to he version in libtblog.  Eventually libtblog should be
modified to use this version.

  between when something is installed and when post-install runs. Short
  of a global lock (which we probably need anyway someday), my solution
  is this. In your makefiles, add these variables before the line that
  has the include of $(TESTBED_SRCDIR)/GNUmakerules:

  	SETUID_BIN_SCRIPTS   =
  	SETUID_SBIN_SCRIPTS  =

  I have added three new rules to GNUmakerules that look like this:

  	$(addprefix $(SBINDIR)/, $(SETUID_SBIN_SCRIPTS)): $(SBINDIR)/%: %
  		echo "Installing (setuid) $<"
  		-mkdir -p $(INSTALL_SBINDIR)
  		$(SUDO) $(INSTALL) -o root -m 4755 $< $@

  Yep, your eyes ain't lying to you; use sudo to run the target so that
  install does the right thing (which is that the old file is not
  replaced until the new one has the proper attributes on it).

  Note that post-install is still needed for the initial install, but
  should no longer be needed for day to day installs since all that other
  stuff post-install does is mkdir/chmod on directories.

addresses in the list, use real email addresses. Why? Well, cause I'm
a dope.  Oh, the real reason is that people cannot post to the lists
if we use their @emulab.net addresses cause we close the lists (to
avoid spammers). I did it this way originally cause it was easier;
there is a lot more bookkeeping to do if using real addresses, and I
never consider problem of not being able to post.

described elsewhere ...

Note that until Jay approves the new menu config, mere users will *not*
see the new collaboration menu. Only STUDLY() users will see the new
menu, although everyone will see the rest of the front page menu changes
since they are fairly minor.

Jay has "comments"), but I do not want it hanging around in my source
tree. Here is my mail message:

* The "My Mailing Lists" is context sensitive (copied from Tim's
  changes to the My Bug Databases). It takes you to the *archives* for
  the current project (or subgroup) list. Or it takes you to your
  first joined project.

* The showproject and showgroup pages have direct links to the project
  and group specific archives. If you are in reddot mode, you also
  get a link to the admin page for the list. Note that project and
  group leaders are just plain members of these lists.

* The interface to create a new "user" list is:

	https://www.emulab.net/dev/stoller/newmmlist.php3

  We do not store the password, but just fire it over in the list
  creation process.

  Anyone can create their own mailing lists. They are not associated
  with projects, but just the person creating the list. That person
  is the list administrator and is given permission to access the
  configuration page.

  This page is not hooked in yet; not sure where.

* Once you have your own lists, you user profile page includes a link
  in the sub menu: Show Mailman Lists. From this page you can delete
  lists, zap to the admin page, or change the admin password (which is
  really just a subpage of the admin page).

* As usual, in reddot mode you can mess with anyone else's mailman lists,
  (via the magic of mailman cookies).

* Note on cross machine login. The mailman stuff has a really easy way
  to generate the right kind of cookie to give users access. You can
  generate a cookie to give user access, or to the admin interface for
  a list (a different cookie). Behind the scenes, I ssh over and get
  the cookie, and set it in the user's browser from boss. When the
  browser is redirected over to ops, that cookie goes along and gives
  the user the requested access. No passwords need be sent around,
  since we do the authentication ourselves.