Gergő Tisza has uploaded a new change for review.
https://gerrit.wikimedia.org/r/189184
Change subject: Remove system user/group options from Sentry role
......................................................................
Remove system user/group options from Sentry role
Running Sentry as a non-privileged user causes errors because
most things are not set up to be writable for non-root users
(specifically, Sentry cannot write its log files).
Bug: T84957
Change-Id: Ibad8706872811895eb8d47b68c285ffd5a53455a
---
M puppet/hieradata/common.yaml
M puppet/modules/sentry/manifests/init.pp
2 files changed, 0 insertions(+), 24 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/vagrant
refs/changes/84/189184/1
diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml
index 062c80b..78c8be9 100644
--- a/puppet/hieradata/common.yaml
+++ b/puppet/hieradata/common.yaml
@@ -179,8 +179,6 @@
scholarships::cache_dir: /var/cache/scholarships
scholarships::log_file: /vagrant/logs/scholarships.log
-sentry::user: sentry
-sentry::group: sentry
sentry::db_name: sentry
sentry::db_user: sentry
sentry::db_pass: vagrant
diff --git a/puppet/modules/sentry/manifests/init.pp
b/puppet/modules/sentry/manifests/init.pp
index 7ec9e68..fedbb1f 100644
--- a/puppet/modules/sentry/manifests/init.pp
+++ b/puppet/modules/sentry/manifests/init.pp
@@ -11,12 +11,6 @@
#
# === Parameters
#
-# [*user*]
-# System user with which to run Sentry.
-#
-# [*group*]
-# System group with which to run Sentry.
-#
# [*db_name*]
# Logical MySQL database name (example: 'sentry').
#
@@ -53,8 +47,6 @@
# Password of the Sentry superuser. (example: 'vagrant')
#
class sentry (
- $user,
- $group,
$db_name,
$db_user,
$db_pass,
@@ -82,19 +74,6 @@
$sentry_cli = "${deploy_dir}/bin/sentry --config='${cfg_file}'"
$sentry_create_project_script =
"${deploy_dir}/bin/sentry_create_project.py"
- user { $user:
- ensure => present,
- gid => $group,
- shell => '/bin/false',
- home => '/nonexistent',
- system => true,
- }
-
- group { $group:
- ensure => present,
- system => true,
- }
-
# Use virtualenv because Sentry has lots of dependencies
virtualenv::environment { $deploy_dir:
ensure => present,
@@ -121,7 +100,6 @@
file { $cfg_file:
ensure => present,
- group => $group,
content => template('sentry/sentry.conf.py.erb'),
mode => 0640,
}
--
To view, visit https://gerrit.wikimedia.org/r/189184
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ibad8706872811895eb8d47b68c285ffd5a53455a
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/vagrant
Gerrit-Branch: master
Gerrit-Owner: Gergő Tisza <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
