Dzahn has submitted this change and it was merged.
Change subject: admin: pentesters need nmap with privileged options
......................................................................
admin: pentesters need nmap with privileged options
To finish their segmentation scan, they need to use
nmap options that require super user privileges.
They are running this on VMs that have been created entirely
for this purpose and nothing else.
Bug:T126012
Bug:T118763
Change-Id: Ia47cdaf021614f009609a0f07f6d9020dafb38d6
---
M modules/admin/data/data.yaml
1 file changed, 1 insertion(+), 0 deletions(-)
Approvals:
Jgreen: Looks good to me, but someone else must approve
jenkins-bot: Verified
Dzahn: Looks good to me, approved
diff --git a/modules/admin/data/data.yaml b/modules/admin/data/data.yaml
index 51e0a8a..4eda837 100644
--- a/modules/admin/data/data.yaml
+++ b/modules/admin/data/data.yaml
@@ -446,6 +446,7 @@
description: Group of users running penetration tests
gid: 768
members: [akumar, mnoushad]
+ privileges: ['ALL = NOPASSWD: /usr/bin/nmap *']
restbase-admins:
gid: 769
description: group of restbase admins
--
To view, visit https://gerrit.wikimedia.org/r/274182
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ia47cdaf021614f009609a0f07f6d9020dafb38d6
Gerrit-PatchSet: 4
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
Gerrit-Reviewer: Alex Monk <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: Jgreen <[email protected]>
Gerrit-Reviewer: Mark Bergsma <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
