> - We have an admin-only interface (Mango) for user management, and use > 'rt' to track requests for new accounts and account changes. > > - User information is stored in LDAP and accessed via nss-ldap. > > - SSH public keys are also stored in LDAP > > - We use scripts to write out SSH keys for users (in a look-aside > read-only location.) For non-admin users, the SSH keys written > on git.gnome.org restrict the user to running a single wrapper > script that validates what the user as doing as a git operation > or certain special commands (like create-repository) > > - GNOME does not have ACLs on repositories (except for certain > repositories which are restricted to the sysadmin team.) So > anybody, can push to any repository, assuming they have permission > from the maintainer. ACLs could be added as part of our > pre-receive scripts pretty easily if desired. >
Are the scripts and documentation for the infrastructure public or at least existing? It would be really nice if they were — new admins could be easier to train. Kind regards: al_shopov _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
