Closed
Bug 766708
Opened 12 years ago
Closed 12 years ago
Grant respindola access to relengweb1.dmz.scl3.mozilla.com
Categories
(Infrastructure & Operations :: RelOps: General, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: rail, Assigned: dustin)
Details
Rafael has been working on clang. To simplify the procedures and boost the process he needs to upload files to runtime-binaries.pvt.build.mozilla.org (relengweb1.dmz.scl3.mozilla.com:/var/www/html/runtime-binaries/tooltool). Can we grant him access to this machine and allow him to write files to that location?
Assignee | ||
Comment 1•12 years ago
|
||
At the moment, we don't have a process for allowing uploads to tooltool. John and I discussed a few options (web form, scp dropbox, ..), but ultimately focused on getting B2G up and running. The immediate answer is that relengers will need to do the uploads on Rafael's behalf. I'm hesitant to grant sudo access on that host without a nod from coop and/or amy, but once it's ok'd that's not hard. I'm assigning to Amy both to make this call and to grant sudo access since I won't be back until Wednesday. Something like (untested) include ldap_users::people class { "sudoers::users": users => "respindola"; }
Assignee: server-ops → arich
Component: Server Operations → Server Operations: RelEng
QA Contact: phong → arich
Comment 2•12 years ago
|
||
Can't we do this via group permissions rather than sudo ?
Comment 3•12 years ago
|
||
I suspect this will free up some of Rail's time, so I'm fine with granting this access, *provided* Rail has "the talk" with Rafael about only uploading tested versions, avoiding churn, great power==responsibility, etc. (In reply to Nick Thomas [:nthomas] from comment #2) > Can't we do this via group permissions rather than sudo ? Whatever makes the most sense here.
(In reply to Chris Cooper [:coop] from comment #3) > I suspect this will free up some of Rail's time, so I'm fine with granting > this access, *provided* Rail has "the talk" with Rafael about only uploading > tested versions, avoiding churn, great power==responsibility, etc. Works for me. Rail, when is a good time for you?
Reporter | ||
Comment 5•12 years ago
|
||
(In reply to Rafael Ávila de Espíndola (:espindola) from comment #4) > (In reply to Chris Cooper [:coop] from comment #3) > > I suspect this will free up some of Rail's time, so I'm fine with granting > > this access, *provided* Rail has "the talk" with Rafael about only uploading > > tested versions, avoiding churn, great power==responsibility, etc. Actually even "broken" versions won't hurt us, because we don't overwrite files normally. > Works for me. Rail, when is a good time for you? Anytime!
Comment 6•12 years ago
|
||
I think we should do it with group perms if we can, just on the principle of least permissions.
Assignee: arich → dustin
Assignee | ||
Comment 7•12 years ago
|
||
OK, I added a group, tooltooleditor, and put respindola in it. The directory is /var/www/html/runtime-binaries/tooltool Is there already a bug open to better control uploads? If not, let's get one open.
Assignee | ||
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Updated•11 years ago
|
Component: Server Operations: RelEng → RelOps
Product: mozilla.org → Infrastructure & Operations
You need to log in
before you can comment on or make changes to this bug.
Description
•