Dzahn has uploaded a new change for review.
https://gerrit.wikimedia.org/r/131597
Change subject: include accounts in LDAP admin role, add demon
......................................................................
include accounts in LDAP admin role, add demon
- add demon (he had these permissions without needing
sudo, because he had root on formey in the past)
- the users who get sudo need to be included as well, duh
RT #6134 (replace formey LDAP operations)
Change-Id: I70d4418fbb5a955cfb06f4108cee18ee752e398e
---
M manifests/admins.pp
1 file changed, 5 insertions(+), 1 deletion(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/97/131597/1
diff --git a/manifests/admins.pp b/manifests/admins.pp
index 4401fa8..fa97ee2 100644
--- a/manifests/admins.pp
+++ b/manifests/admins.pp
@@ -4007,6 +4007,10 @@
# (formerly directly in site.pp and on formey, now on node silver)
class admins::ldap {
+ include accounts::robla
+ include accounts::reedy
+ include accounts::demon
+
$sudo_privs = [
'ALL = NOPASSWD: /usr/local/sbin/add-ldap-user',
'ALL = NOPASSWD: /usr/local/sbin/delete-ldap-user',
@@ -4015,7 +4019,7 @@
'ALL = NOPASSWD: /usr/local/sbin/add-labs-user',
]
- sudo_user { [ 'robla', 'reedy' ]: privileges => $sudo_privs }
+ sudo_user { [ 'robla', 'reedy', 'demon' ]: privileges => $sudo_privs }
}
--
To view, visit https://gerrit.wikimedia.org/r/131597
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I70d4418fbb5a955cfb06f4108cee18ee752e398e
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
