Page MenuHomePhabricator
Create Task
Maniphest T158660

Keyholder accept passwordless keys
Closed, ResolvedPublic
Actions

Description

There is a bug in keyholder's code that don't exclude as expected the passwordless keys

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Keyholder: fix filter of passwordless keysoperations/puppetproduction+1 -1
Customize query in gerrit

Related Objects

Event Timeline

Volans created this task.Feb 21 2017, 3:33 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 21 2017, 3:33 PM
Volans renamed this task from Keyholder: to Keyholder accept passwordless keys.Feb 21 2017, 3:37 PM
Volans claimed this task.
Volans triaged this task as High priority.
Volans added a project: SRE.
Volans updated the task description. (Show Details)
Volans moved this task from Backlog to In Progress on the SRE-tools board.
Volans moved this task from In Progress to In Code Review on the SRE-tools board.
Volans added subscribers: mmodell, faidon, MoritzMuehlenhoff.
gerritbot subscribed.Feb 21 2017, 6:18 PM

Change 338984 had a related patch set uploaded (by Volans):
Keyholder: fix filter of passwordless keys

https://gerrit.wikimedia.org/r/338984

gerritbot added a project: Patch-For-Review.Feb 21 2017, 6:18 PM
Volans mentioned this in T158659: Keyholder: add support for ED25519 keys.Feb 21 2017, 6:22 PM
Volans added a comment.Feb 21 2017, 6:28 PM

@mmodell I'm not sure what's the status with the https://phabricator.wikimedia.org/source/keyholder/ repository that was recently created.

I've sent the patch against puppet repo as usual for now. See also the other related patch in T158659

mmodell added a comment.Feb 21 2017, 6:30 PM

@Volans: Thanks for the heads-up. We still use the code from puppet in prod. It will will remain that way until I get the package accepted by ops and change puppet to use the keyholder package from apt.

gerritbot added a comment.Feb 24 2017, 2:07 PM

Change 338984 merged by Volans:
Keyholder: fix filter of passwordless keys

https://gerrit.wikimedia.org/r/338984

Stashbot subscribed.Feb 24 2017, 2:27 PM

Mentioned in SAL (#wikimedia-operations) [2017-02-24T14:27:37Z] <volans> re-started and re-armed keyholder after upgrade on: mira.codfw.wmnet,neodymium.eqiad.wmnet,sarin.codfw.wmnet,tin.eqiad.wmnet T158660 T158659

Volans closed this task as Resolved.Feb 24 2017, 2:28 PM
Volans moved this task from In Code Review to Done on the SRE-tools board.
mmodell mentioned this in rKEYHOLDERcd0744e4bbe5: Keyholder: fix filter of passwordless keys.Feb 28 2017, 6:20 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits