Keyholder accept passwordless keys
Closed, ResolvedPublic


There is a bug in keyholder's code that don't exclude as expected the passwordless keys

Volans created this task.Feb 21 2017, 3:33 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 21 2017, 3:33 PM
Volans renamed this task from Keyholder: to Keyholder accept passwordless keys.Feb 21 2017, 3:37 PM
Volans triaged this task as High priority.
Volans claimed this task.
Volans added a project: Operations.
Volans updated the task description. (Show Details)
Volans moved this task from Backlog to In Progress on the Operations-Software-Development board.
Volans added subscribers: mmodell, faidon, MoritzMuehlenhoff.

Change 338984 had a related patch set uploaded (by Volans):
Keyholder: fix filter of passwordless keys

@mmodell I'm not sure what's the status with the repository that was recently created.

I've sent the patch against puppet repo as usual for now. See also the other related patch in T158659

@Volans: Thanks for the heads-up. We still use the code from puppet in prod. It will will remain that way until I get the package accepted by ops and change puppet to use the keyholder package from apt.

Change 338984 merged by Volans:
Keyholder: fix filter of passwordless keys

Mentioned in SAL (#wikimedia-operations) [2017-02-24T14:27:37Z] <volans> re-started and re-armed keyholder after upgrade on: mira.codfw.wmnet,neodymium.eqiad.wmnet,sarin.codfw.wmnet,tin.eqiad.wmnet T158660 T158659

Volans closed this task as Resolved.Feb 24 2017, 2:28 PM
Volans moved this task from In Code Review to Done on the Operations-Software-Development board.