Closed Bug 1012926 Opened 10 years ago Closed 10 years ago

Please grant :glandium ssh access to releng infra

Categories

(Release Engineering :: General, defect)

Product:
Release Engineering
Component:
General
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: glandium, Assigned: Callek)

Details

Attachments

(2 files)

Public key
390 bytes, text/plain
Details
[puppet] do it
6.13 KB, patch
nthomas
: review+
Details | Diff | Splinter Review
Attached file Public key 
Note that at the moment, i only really care about slaves, but i guess there are other systems i may need to access some time in the future.
For sake of verifying is-ok

[00:01:49]	Callek	[May/15 20:56:57] catlee-away: soooo what level of access does :glandium need
[00:01:49]	Callek	[May/15 20:57:17] catlee-away: are we (a) giving him production passwords? (b) giving him cltbld/root ssh access to all machines (c) something else?
[00:01:49]	catlee-away	[May/15 20:59:32] enough to get his job done
[00:01:49]	catlee-away	[May/15 20:59:36] that's (b) for now I think
[00:01:49]	Callek	[May/15 20:59:44] catlee-away: specifically "what are we granting him" was more my Q
[00:01:49]	Callek	[May/15 21:00:02] ooook, if thats in a bug somewhere, I can make that happen *tonight*
[00:01:49]	catlee-away	[May/15 21:00:24] he was just added to some of the releng ldap groups
[00:01:49]	Callek	[May/15 21:00:43] yea, (b) is puppet work, and adding his ssh key to our keys.pp
[00:01:49]	Callek	[May/15 21:00:51] and a quick config change
[00:01:49]	Callek	[May/15 21:01:06] (doesn't address windows hosts, but I forget if we have a form of authorized_keys there)
Attachment #8425101 - Attachment mime type: application/vnd.ms-publisher → text/plain
Attached patch [puppet] do itSplinter Review 
This adds Mike to the puppet configs for all our linux/mac slaves.
Assignee: nobody → bugspam.Callek
Attachment #8425193 - Flags: review?(nthomas)
Attachment #8425193 - Flags: review?(nthomas) → review+
https://hg.mozilla.org/build/puppet/rev/df53767ede66
https://hg.mozilla.org/build/puppet/rev/3a4f470d4d0b

After about 30 min you should be able to ssh into all slaves as cltbld (or root though always recommended to do cltbld first).

(masters/server class machines should also be doable to ssh as mhommey)

Always remember, "With great power comes great responsibility" please by all means ping us if anything seems wonky, and avoid in-production/active slaves where reasonably possible.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: