https://bugzilla.wikimedia.org/show_bug.cgi?id=65591
Bug ID: 65591
Summary: mwdeploy user has shell /bin/bash in labs LDAP and
/bin/false in production/Puppet
Product: Wikimedia Labs
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: deployment-prep (beta)
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected],
[email protected], [email protected],
[email protected], [email protected]
Web browser: ---
Mobile Platform: ---
There is currently a $::realm based variation in the ::mediawiki::users Puppet
class for the User['mwdeploy'] define to vary the default shell. It whould be
nice if we could resolve the difference between production and labs LDAP so
that this variation was not necessary.
I used the mwdeploy user in deployment-prep as the controlling user for the
scap runs that are performed by puppet. The ::beta::scap::* classes configure
the user to have an ssh keypair that is used to make the ssh command and
control connections when scap is run via the /usr/local/bin/wfm-beta-scap
wrapper script.
We could either pick/create another user to transfer the ssh key to for beta or
change Puppet to give the mwdeploy user a /bin/bash default shell in
production.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
