The awesome keyholder service that @faidon requested, @ori created and @thcipriani enhanced allows both MediaWiki and Scap3 deployers to have secure shared access to ssh keys which are used for authn/z by Scap.
The system demon portions of keyholder (keyholder-agent and keyholder-proxy) are currently implemented as Upstart scripts in rOPUP's modules/keyholder. Upstart is not available on Debian Jessie systems which prevents scap deployment masters from being reimaged.
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | MoritzMuehlenhoff | T143536 Upgrade all mw* servers to debian jessie | |||
| Resolved | MoritzMuehlenhoff | T144578 Migrate deployment servers (tin/mira) to jessie | |||
| Resolved | MoritzMuehlenhoff | T144043 Make keyholder work with systemd |
Change 308132 had a related patch set uploaded (by Muehlenhoff):
Provide systemd units for keyholder-agent and keyholder-proxy
Change 308132 merged by Muehlenhoff:
Provide systemd units for keyholder-agent and keyholder-proxy
Change 310550 had a related patch set uploaded (by Muehlenhoff):
Also enable systemd for keyholder-proxy