Page MenuHomePhabricator
Create Task
Maniphest T127716

[cloudvps,toolforge.infra] Write some labs tests that monitor login and sudo permissions
Open, LowPublic
Actions

Description

This will be a lot of trouble, but it might be worthwhile to write some automated tests that log in on a few tools hosts, verifying that access works where it should and /does not work where it should not/.

Equivalent tests could be written to double-check sudo policies.

https://wikitech.wikimedia.org/wiki/Incident_documentation/20160212-LabsSudoVulnerability

Related Objects
Search...

Event Timeline

Andrew created this task.Feb 22 2016, 4:26 PM
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptFeb 22 2016, 4:26 PM
chasemp triaged this task as Medium priority.Apr 4 2016, 2:15 PM
Andrew added a parent task: T142421: Write some full-stack tests.Aug 8 2016, 6:16 PM
AlexMonk-WMF added a project: Toolforge.Sep 17 2016, 3:26 AM
scfc moved this task from Backlog to Ready to be worked on on the Toolforge board.Dec 4 2016, 8:11 PM
Krenair subscribed.Sep 26 2019, 12:05 AM
bd808 edited projects, added Cloud-VPS; removed Cloud-Services.Jan 4 2020, 8:34 PM
RhinosF1 subscribed.Feb 17 2021, 10:18 PM
Restricted Application added a project: cloud-services-team (Kanban). · View Herald TranscriptFeb 17 2021, 10:18 PM
Krinkle added a project: Sustainability (Incident Followup).Sep 28 2021, 9:02 PM
Krinkle updated the task description. (Show Details)
fnegri edited projects, added cloud-services-team; removed cloud-services-team (Kanban).Jan 18 2023, 6:53 PM
fnegri moved this task from Kanban to Inbox on the cloud-services-team board.
dcaro lowered the priority of this task from Medium to Low.Feb 20 2024, 12:30 PM
dcaro moved this task from Ready to be worked on to Workspace for triaging whenever needed on the Toolforge board.
dcaro renamed this task from Write some labs tests that monitor login and sudo permissions to [cloudvps,toolforge.infra] Write some labs tests that monitor login and sudo permissions.Feb 21 2024, 10:23 AM
dcaro moved this task from Workspace for triaging whenever needed to Ready to be worked on on the Toolforge board.Feb 21 2024, 4:02 PM
LSobanski removed a project: Sustainability (Incident Followup).Nov 4 2025, 12:13 PM
LSobanski subscribed.

Removing the Sustainability (Incident Followup) tag.

If this is still a solution to a possible incident root cause please add the tag back and consider raising the task priority.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits