Page MenuHomePhabricator

Make keyholder work with systemd
Closed, ResolvedPublic

Description

The awesome keyholder service that @faidon requested, @ori created and @thcipriani enhanced allows both MediaWiki and Scap3 deployers to have secure shared access to ssh keys which are used for authn/z by Scap.

The system demon portions of keyholder (keyholder-agent and keyholder-proxy) are currently implemented as Upstart scripts in rOPUP's modules/keyholder. Upstart is not available on Debian Jessie systems which prevents scap deployment masters from being reimaged.

Event Timeline

Change 308132 had a related patch set uploaded (by Muehlenhoff):
Provide systemd units for keyholder-agent and keyholder-proxy

https://gerrit.wikimedia.org/r/308132

Change 308132 merged by Muehlenhoff:
Provide systemd units for keyholder-agent and keyholder-proxy

https://gerrit.wikimedia.org/r/308132

Change 310550 had a related patch set uploaded (by Muehlenhoff):
Also enable systemd for keyholder-proxy

https://gerrit.wikimedia.org/r/310550

Change 310550 merged by Muehlenhoff:
Also enable systemd for keyholder-proxy

https://gerrit.wikimedia.org/r/310550

Keyholder is working fine with systemd now, e.g. on mira.