[MediaWiki-commits] [Gerrit] admin: contint-admins no more need postgres - change (operations/puppet)

Mon, 02 May 2016 10:36:01 -0700 

Hashar has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/286484

Change subject: admin: contint-admins no more need postgres
......................................................................

admin: contint-admins no more need postgres

We used to have postgres installed on gallium, but it is no more the
case. Moreover, if we ever needed postgre it would be on labs instances
on which we have full root.

Drop postgre sudo rules for contint-admins. Impact:

 gallium.wikimedia.org
 scandium.eqiad.wmnet
 labnodepool1001.eqiad.wmnet

Change-Id: Id7302ad14c60dac18b959a4aa8e34ef862c334c6
---
M modules/admin/data/data.yaml
1 file changed, 1 insertion(+), 3 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/84/286484/1

diff --git a/modules/admin/data/data.yaml b/modules/admin/data/data.yaml
index c7f7309..acdc17e 100644
--- a/modules/admin/data/data.yaml
+++ b/modules/admin/data/data.yaml
@@ -142,7 +142,6 @@
                  'ALL = (nodepool) NOPASSWD: ALL',
                  'ALL = (zuul) NOPASSWD: ALL',
                  'ALL = NOPASSWD: /etc/init.d/jenkins',
-                 'ALL = NOPASSWD: /etc/init.d/postgresql-8.4',
                  'ALL = NOPASSWD: /usr/sbin/service nodepool start',
                  'ALL = NOPASSWD: /usr/sbin/service nodepool stop',
                  'ALL = NOPASSWD: /usr/sbin/service nodepool restart',
@@ -153,8 +152,7 @@
                  'ALL = NOPASSWD: /usr/sbin/service zuul-merger stop',
                  'ALL = NOPASSWD: /usr/sbin/service zuul-merger status',
                  'ALL = NOPASSWD: /bin/journalctl*',
-                 'ALL = NOPASSWD: /usr/local/sbin/puppet-run',
-                 'ALL = (postgres) NOPASSWD: /usr/bin/psql']
+                 'ALL = NOPASSWD: /usr/local/sbin/puppet-run']
   contint-roots:
     gid: 720
     description: users who have full root on jenkins servers

-- 
To view, visit https://gerrit.wikimedia.org/r/286484
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Id7302ad14c60dac18b959a4aa8e34ef862c334c6
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Hashar <has...@free.fr>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to