Closed Bug 577633 Opened 15 years ago Closed 15 years ago

shadow-central ldap privs should not reuse securitywiki permissions

Categories

(mozilla.org Graveyard :: Server Operations, task)

Product:
mozilla.org Graveyard
Component:
Server Operations
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: dveditz, Assigned: aravind)

References

Details

(Whiteboard: [sg:nse])

Sometime soonish we're going to want to give more people access to https://hgpvt.mozilla.org and wherever the builds are being uploaded than we do to the securitywiki. If you can inherit permissions in LDAP then the shadow-repo privs will be a superset of securitywiki, so if there's a way to set it up as "securitywiki + others" that might be easiest. Otherwise you can just clone the existing securitywiki list and we'll build from there. No rush, for the near future everyone I can imagine needing access either already has securitywiki access or would be OK to add.
Group: mozilla-confidential
I created a new group called HgwebPvtRepos, and populated it with everyone in the SecurityWiki ldap group. I also switched the server configs to use this new group. We should be using this HgwebPvtRepos group in the future.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
What things depend on this new HgwebPvtRepos group? With my LDAP permissions I can access https://hgpvt.mozilla.org/ but I can no longer access https://ftp.mozilla.org/pvt-builds/firefox/shadow-central-builds/ Both used to work.
Product: mozilla.org → mozilla.org Graveyard
Group: core-security
You need to log in before you can comment on or make changes to this bug.