Page MenuHomePhabricator
Create Task
Maniphest T108082

give John Lewis shell access on the mailman staging VM
Closed, ResolvedPublic
Actions

Description

after the new VM has been created, give @JohnLewis shell access on it so he can help testing the import of list configs/archives and related things

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
admin: add johnflewis to mailman-adminsoperations/puppetproduction+1 -1
admin: add mailman root group and add johnoperations/puppetproduction+5 -0
admin: non-sudo shell for johnflewis on fermiumoperations/puppetproduction+4 -2
admin: add non-root user group for mailman stagingoperations/puppetproduction+4 -0
admin: add user for John F. Lewisoperations/puppetproduction+8 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

Dzahn created this task.Aug 5 2015, 6:42 PM
Dzahn raised the priority of this task from to High.
Dzahn updated the task description. (Show Details)
Dzahn added projects: acl*sre-team, Wikimedia-Mailing-lists, SRE-Access-Requests.
Dzahn added subscribers: MZMcBride, Dzahn, faidon and 4 others.

acked by Faidon/Mark in meeting today

Dzahn added a subtask: T108070: install jessie on new VM for mailman.Aug 5 2015, 6:43 PM
Krenair renamed this task from give John Lewis shell access on the staging VM to give John Lewis shell access on the mailman staging VM.Aug 5 2015, 6:43 PM
Krenair set Security to None.
JohnLewis added a comment.Aug 5 2015, 6:46 PM

T102075 is previous ticket which was discussed in an ops meeting.

Currently unable to provide a SSH key due to ongoing ISP issues. L3 was signed with that request. Except the key, the old ticket is valid for username etc.

JohnLewis added a comment.Aug 5 2015, 8:30 PM

Managed to get access (creatively) to my encrypted store. Generated ssh key is at P1837. Thanks.

Dzahn added a comment.Aug 5 2015, 8:46 PM

This means sudo ALL ALL on the staging VM for the testing phase.

gerritbot subscribed.Aug 5 2015, 10:10 PM

Change 229585 had a related patch set uploaded (by Dzahn):
admin: add mailman root group and add john

https://gerrit.wikimedia.org/r/229585

gerritbot added a project: Patch-For-Review.Aug 5 2015, 10:10 PM
gerritbot added a comment.Aug 5 2015, 10:14 PM

Change 229587 had a related patch set uploaded (by Dzahn):
admin: add user for John F. Lewis

https://gerrit.wikimedia.org/r/229587

gerritbot added a comment.Aug 6 2015, 4:31 PM

Change 229587 merged by Dzahn:
admin: add user for John F. Lewis

https://gerrit.wikimedia.org/r/229587

Dzahn mentioned this in rOPUPbfe9a4ac31d3: admin: add user for John F. Lewis.Aug 6 2015, 4:31 PM
JohnLewis moved this task from Backlog to Jessie/Upgrade (2.x) on the Wikimedia-Mailing-lists board.Aug 6 2015, 9:21 PM
gerritbot added a comment.Aug 6 2015, 10:40 PM

Change 229995 had a related patch set uploaded (by Dzahn):
admin: add non-root user group for mailman staging

https://gerrit.wikimedia.org/r/229995

gerritbot added a comment.Aug 6 2015, 10:44 PM

Change 229995 merged by Dzahn:
admin: add non-root user group for mailman staging

https://gerrit.wikimedia.org/r/229995

Dzahn mentioned this in rOPUP260debc87d96: admin: add non-root user group for mailman staging.Aug 6 2015, 10:44 PM
gerritbot added a comment.Aug 6 2015, 10:49 PM

Change 230000 had a related patch set uploaded (by Dzahn):
admin: non-sudo shell for johnflewis on fermium

https://gerrit.wikimedia.org/r/230000

gerritbot added a comment.Aug 6 2015, 11:16 PM

Change 230000 merged by Dzahn:
admin: non-sudo shell for johnflewis on fermium

https://gerrit.wikimedia.org/r/230000

Dzahn mentioned this in rOPUP420df1dd6464: admin: non-sudo shell for johnflewis on fermium.Aug 6 2015, 11:16 PM
Dzahn claimed this task.Aug 6 2015, 11:19 PM
Dzahn closed subtask T108070: install jessie on new VM for mailman as Resolved.
Dzahn closed this task as Resolved.Aug 6 2015, 11:21 PM

fermium:

Notice: /Stage[main]/Admin/Admin::Hashuser[johnflewis]/Admin::User[johnflewis]/File[/home/johnflewis]/ensure: created

bast1001:

Notice: /Stage[main]/Admin/Admin::Hashuser[johnflewis]/Admin::User[johnflewis]/File[/home/johnflewis]/ensure: created

16:20 <JohnFLewis> johnflewis@bast1001:~$
23:20:51 fermium sshd[25289]: Starting session: shell on pts/2 for johnflewis

JohnLewis reopened this task as Open.Aug 7 2015, 4:59 PM

Re-open for sudo access. Patch coming for group.

gerritbot added a comment.Aug 7 2015, 5:02 PM

Change 230134 had a related patch set uploaded (by John F. Lewis):
admin: add johnflewis to mailman-admins

https://gerrit.wikimedia.org/r/230134

gerritbot added a comment.Aug 7 2015, 5:10 PM

Change 229585 abandoned by Andrew Bogott:
admin: add mailman root group and add john

Reason:
Dropping in favor of https://gerrit.wikimedia.org/r/#/c/230133/

https://gerrit.wikimedia.org/r/229585

Andrew moved this task from Untriaged to Group Manager Approval Pending on the SRE-Access-Requests board.Aug 7 2015, 5:18 PM
Dzahn added a comment.Aug 7 2015, 9:11 PM

since regular shell access is already done, and there is T108349 for the privilege escalation, we can resolve here again

Dzahn closed this task as Resolved.Aug 7 2015, 9:12 PM
Dzahn removed a subtask: T108349: John Lewis sudo as 'list' on mailman staging VM.
Dzahn added a parent task: T108349: John Lewis sudo as 'list' on mailman staging VM.
gerritbot added a comment.Aug 10 2015, 7:00 PM

Change 230134 merged by Dzahn:
admin: add johnflewis to mailman-admins

https://gerrit.wikimedia.org/r/230134

Dzahn mentioned this in rOPUP057511592608: admin: add johnflewis to mailman-admins.Aug 10 2015, 7:00 PM
Dzahn mentioned this in T109467: write migration plan for mailman.Aug 22 2015, 12:15 AM
Dzahn mentioned this in T105756: Mailman Upgrade (Jessie & Mailman 2.x) and migration to a VM.Sep 1 2015, 8:44 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits