[MediaWiki-commits] [Gerrit] admin: add all-users group - change (operations/puppet)

Giuseppe Lavagetto (Code Review) Mon, 16 May 2016 08:04:19 -0700

Giuseppe Lavagetto has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/288957


Change subject: admin: add all-users group
......................................................................

admin: add all-users group

It might sometimes be useful to group all users with a shell in a single
unprivileged group.

Change-Id: I315cb201108470c6b4fbc4c1dc9e3446254194cd
---
M modules/admin/data/data.yaml
M modules/admin/manifests/groupmembers.pp
2 files changed, 10 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/57/288957/1

diff --git a/modules/admin/data/data.yaml b/modules/admin/data/data.yaml
index a13e114..784968b 100644
--- a/modules/admin/data/data.yaml
+++ b/modules/admin/data/data.yaml
@@ -496,7 +496,11 @@
     gid: 779
     members: [mobrovac]
     privileges: ['ALL = NOPASSWD: /usr/bin/puppet agent *']
-
+  all-users:
+    description: Global group that includes all users
+    gid: 800
+    members: [] # members get populated automagically
+    privileges: [] # NO privileges to this group
 users:
   rush:
     ensure: present
diff --git a/modules/admin/manifests/groupmembers.pp 
b/modules/admin/manifests/groupmembers.pp
index 2d57e9d..53d6a9d 100644
--- a/modules/admin/manifests/groupmembers.pp
+++ b/modules/admin/manifests/groupmembers.pp
@@ -23,7 +23,11 @@
     if !empty($members) {
         $joined_user_list = join($members,',')
     } else {
-        $joined_user_list = $default_member
+
+    $joined_user_list = $title? {
+        'all-users' => keys($phash['users']),
+        default     => $default_member,
+        }
     }
 
     if has_key($gdata, 'posix_name') {

-- 
To view, visit https://gerrit.wikimedia.org/r/288957
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I315cb201108470c6b4fbc4c1dc9e3446254194cd
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Giuseppe Lavagetto <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] admin: add all-users group - change (operations/puppet)

Reply via email to