https://bugzilla.wikimedia.org/show_bug.cgi?id=48501
--- Comment #66 from Ryan Kaldari <[email protected]> --- > 1. Remove projectadmin permissions from volunteers I also just removed TheDJ since he didn't have an NDA on file and he didn't respond to my email asking if he wanted to sign one. > 2. Clean up sudo policies to disallow root on varnish systems (that will have > real certs) Apparently the sudo policies are set up at https://wikitech.wikimedia.org/wiki/Special:NovaSudoer. It looks like most of them have sudo enabled for "ALL" hosts. I imagine disabling their root privileges on varnish systems just entails unchecking some of these hosts. Unfortunately, I'm not sure which of these hosts are varnish systems. Is it all 4 of the deployment-cache hosts? Any others? > 3. Buy * certs Good to hear that's in progress. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
