Andrew Bogott has uploaded a new change for review.
https://gerrit.wikimedia.org/r/110948
Change subject: Disable access for mhoover.
......................................................................
Disable access for mhoover.
RT 6752
Change-Id: Icbc89a0a305f417bfc16b93659eefd5a4395bd60
---
M manifests/admins.pp
M manifests/site.pp
2 files changed, 4 insertions(+), 15 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/48/110948/1
diff --git a/manifests/admins.pp b/manifests/admins.pp
index 739e4f6..fa259c2 100644
--- a/manifests/admins.pp
+++ b/manifests/admins.pp
@@ -3140,6 +3140,7 @@
$username = 'mhoover'
$realname = 'Mike Hoover'
$uid = 656
+ $enabled = false
unixaccount { $realname: username => $username, uid => $uid, gid =>
$gid }
@@ -3147,7 +3148,7 @@
Ssh_authorized_key { require => Unixaccount[$realname] }
ssh_authorized_key { '[email protected]':
- ensure => present,
+ ensure => absent,
user => $username,
type => 'ssh-rsa',
key =>
'AAAAB3NzaC1yc2EAAAADAQABAAABAQDHHt80fZmlmhzmFRgT+m0oIOs4h9ZDpqP9a4G79TZfZOA3eCuiq+kucyhdm51ge7GimzE/rhFgw3ZBVXvcdKpwTDyybArM5mOJsyg0GNp0Ns3hlJrvAudIXnxEjGlMuVF0ek3Vexi/hBzci5chqXSXxQJfUnfZnBOMiFyAGGM7KQM2W11SwTxyB9j+2McWm1ZR2rC3DjTsfbsus4BMlNYgaR7hE3ovMiCdke3NorFJ+NjZe2NjoMmSUNnGyTJvwwUncDXLELE4S2QQ4L6Vc71mMAC9VC/+qrpjTN6CEfae8nEcBvrgA1s/ahMI+3OdsWzRU0Gv3+jgqUR/641gXdkB',
@@ -3457,7 +3458,7 @@
include accounts::maxsem
include accounts::mflaschen
include accounts::mholmquist
- include accounts::mhoover # Labs migration contractor
+ include accounts::mhoover # access revoked
include accounts::milimetric # promoted per RT 5982
include accounts::mlitn
include accounts::mwalker # promoted per RT 4747
@@ -3516,7 +3517,7 @@
$gid = 500 # 'wikidev' by default
include groups::wikidev
- include accounts::mhoover # Labs migration contractor
+ include accounts::mhoover # access revoked
}
class admins::jenkins {
diff --git a/manifests/site.pp b/manifests/site.pp
index 7c421e0..c32defc 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -2544,9 +2544,7 @@
$is_labs_puppet_master = "true"
$openstack_version = "havana"
- # full root for mhoover, Labs migration contractor
include admins::labs
- sudo_user { "mhoover": privileges => ['ALL = NOPASSWD: ALL'] }
include standard,
role::dns::ldap,
@@ -2565,9 +2563,7 @@
$is_labs_puppet_master = "true"
$openstack_version = "folsom"
- # full root for mhoover, Labs migration contractor
include admins::labs
- sudo_user { "mhoover": privileges => ['ALL = NOPASSWD: ALL'] }
include standard,
role::dns::ldap,
@@ -2584,9 +2580,7 @@
$cluster = "virt"
$openstack_version = "folsom"
- # full root for mhoover, Labs migration contractor
include admins::labs
- sudo_user { "mhoover": privileges => ['ALL = NOPASSWD: ALL'] }
include standard,
role::nova::network,
@@ -2602,9 +2596,7 @@
$openstack_version = "folsom"
- # full root for mhoover, Labs migration contractor
include admins::labs
- sudo_user { "mhoover": privileges => ['ALL = NOPASSWD: ALL'] }
include standard,
role::nova::compute
@@ -2619,9 +2611,7 @@
role::neutron::server,
role::nova::api
- # full root for mhoover, Labs migration contractor
include admins::labs
- sudo_user { "mhoover": privileges => ['ALL = NOPASSWD: ALL'] }
}
node /virt100[1-4].eqiad.wmnet/ {
@@ -2635,9 +2625,7 @@
node /virt100[5-9].eqiad.wmnet/ {
$cluster = "virt"
- # full root for mhoover, Labs migration contractor
include admins::labs
- sudo_user { "mhoover": privileges => ['ALL = NOPASSWD: ALL'] }
include standard
}
--
To view, visit https://gerrit.wikimedia.org/r/110948
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Icbc89a0a305f417bfc16b93659eefd5a4395bd60
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
