Closed
Bug 1267520
Opened 5 years ago
Closed 5 years ago
Create new user for hg pulsenotifier
Categories
(Developer Services :: Mercurial: hg.mozilla.org, defect)
Developer Services
Mercurial: hg.mozilla.org
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: gps, Assigned: fubar)
References
Details
Currently, the pulse notification service is running as user "hg." Security best practices say we should have a separate user for each service. So let's create a new, dedicated user for running the pulse notification service. How about "hg-pulsenotifier"?
|
Reporter | |
Comment 1•5 years ago
|
||
We also have another service for aggregating the push data. This creates the queue that the pulse notifier consumes. We could potentially share a user (hg-notifier) or use separate users. I'll let fubar decide :)
|
Assignee | |
Comment 2•5 years ago
|
||
hgssh3.dmz.scl3# id hg-notifier uid=5603(hg-notifier) gid=5603(hg-notifier) groups=5603(hg-notifier)
Assignee: nobody → klibby
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Comment 3•5 years ago
|
||
https://hg.mozilla.org/hgcustom/version-control-tools/rev/9f65bc35a80c5eb4ffe3a46902728d43676008ba ansible/hg-ssh: create hg-notifier user/group (bug 1267520) https://hg.mozilla.org/hgcustom/version-control-tools/rev/325354291efaa6f48341aca8351aa6913f719436 ansible/hg-ssh: run pulsenotifier as hg-notifier user/group (bug 1267520) https://hg.mozilla.org/hgcustom/version-control-tools/rev/05bd451e47ca44f8d7d4a539c812160977215ea3 ansible/hg-ssh: run pushdataaggregator.service as hg-notifier user/group (bug 1267520)
You need to log in
before you can comment on or make changes to this bug.
Description
•