Opened 3 months ago

Closed 2 months ago

Last modified 2 months ago

#31143 closed defect (fixed)

Add cohosh to ldap group snowflake

Reported by: arlolra Owned by: weasel
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Normal Keywords:
Cc: cohosh, dcf, boklm Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

This is to give them permission to update snowflake.tpo as in #25724

Child Tickets

Change History (7)

comment:1 Changed 3 months ago by dcf

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I am David Fifield and I hereby approve of the request in
https://bugs.torproject.org/31143 to add cohosh to ldap group snowflake.

Fri 12 Jul 2019 03:03:41 PM UTC
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEeXoyauxKR4rwUMw64rk9gVzTiOUFAl0ooZIACgkQ4rk9gVzT
iOVcVQ/9GKDnhxVQ28H5B+S/cP7YVF2qGEb6Gk6g5FQxjjYmc5HyXm/t2CUBqV/z
22QLKo17TZzd03/lBDdc5ksC0FIsPL4rz4wVi2YzvLGrBR9cvhZGxzQJHZPEGsns
xN69M+mbLD2vGRyoktueD2yvEJobCsCBEfPENjWBoQHA1QwOKdxsmhDHhWw9AumE
Oy0GD8lAB6g4h2+rzsIp/9gJUrA/KkwMB6Dk7ZZ9WoOWT53GjOcKKdKJwRIy4NI4
PXb2Y7Jqy9tDZRoZfjnUiBwMDOViiVuPcZhFEwRIP8WgOZXsKh2kC5CdJ7yLz/Cr
Jg27RWe4rQddD+ig6YesealA7RxuOMRX79u8oDXqtHNATDrjoQGfaYRRxDn/eotA
l1A79W24lgrc+kWFOyZgnv18FnF4qpLIKxg6AmTfZr1/Fp8kj9hejbXUckokyW3e
bxXlQprZgQSOGaMTb4W+F3hsu6uTB62GmuGTOdV6b9YannU3/Uk8LR9lJTzdESvB
X2TRhs0eeFnyYGr7trWbn0z/EOy4dYLPoYEIqAEfLmEHgC+tMozKlWqT7vWSaaUI
VwG8urcWjN8bn4Nx+IiGWiFhCyo2q1aTvcooEqqYaUESRnetJQcTE7z5iSAncQDv
UiyyqBWrWSgkLOuDlYRylnbDzSQEdI+TFtxulynriMthakZ2/74=
=5fNr
-----END PGP SIGNATURE-----

comment:2 Changed 3 months ago by weasel

Resolution: fixed
Status: newclosed

comment:3 Changed 2 months ago by arlolra

Cc: boklm added

If I ssh to staticiforme.torproject.org and run,

$ getent group snowflake
snowflake:x:1576:arlo,arma,dcf

Does something else need to happen or am I misunderstanding?

comment:4 Changed 2 months ago by anarcat

Resolution: fixed
Status: closedreopened

hmm... cohosh is in the group in LDAP, but doesn't show up on staticiforme. no idea what's going on here.

for some reason, they don't show up as a user either:

root@staticiforme:~# getent passwd cohosh
root@staticiforme:~# getent passwd anarcat
anarcat:x:2128:2128:Antoine Beaupré,,,,:/home/anarcat:/bin/bash

no idea what's going on here, weasel, you know how I could debug this?

comment:5 Changed 2 months ago by anarcat

Owner: changed from tpa to weasel
Status: reopenedassigned

comment:6 Changed 2 months ago by weasel

Resolution: fixed
Status: assignedclosed

the group snowflake was not given explicit permission to access staticiforme. Therefore, cohosh did not have an account on staticiforme. They were, however, in the group on all the hosts they did have access to -- that'd be at least perdulce (via gid torproject).

Added snowflake to staticiforme.

comment:7 Changed 2 months ago by anarcat

thanks weasel, i can confirm cohosh has access now... i could have sworn i checked for this though..

Note: See TracTickets for help on using tickets.