Page MenuHomeDevCentral

Create odderon service account on Eglide
ClosedPublic

Authored by dereckson on Jan 24 2017, 23:55.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Nov 13, 05:19
Unknown Object (File)
Wed, Nov 13, 02:35
Unknown Object (File)
Wed, Nov 13, 01:01
Unknown Object (File)
Tue, Nov 12, 05:36
Unknown Object (File)
Sat, Nov 9, 22:45
Unknown Object (File)
Sat, Nov 9, 22:45
Unknown Object (File)
Mon, Nov 4, 22:27
Unknown Object (File)
Mon, Nov 4, 07:29
Subscribers
None

Details

Summary

Odderon is an IRC bot to run under 'odderon' account,
with a 'nasqueron-irc' service group allowed to sudo.

Ref T1129

Test Plan

sudo -u odderon whoami

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
No Lint Coverage
Unit
No Test Coverage
Branch
odderon (branched from master)
Build Status
Buildable 1322
Build 1570: arc lint + arc unit

Event Timeline

dereckson added inline comments.
roles/shellserver/odderon/init.sls
20

+

- home: /opt/odderon
- groups:
  - nasqueron-irc
roles/shellserver/odderon/init.sls
20

(or guid: 829 alternatively)

dereckson marked an inline comment as done.

Add gid, home

roles/shellserver/odderon/init.sls
10

Could be split in several files:

  • account
  • code
  • config
dereckson marked 2 inline comments as done.

Salt hierarchy

Salt created correctly the user account, and it's correctly possible to use sudo.

Salt master
$ salt eglide state.apply roles/shellserver/odderon/
eglide:
----------
          ID: odderon_account
    Function: user.present
        Name: odderon
      Result: True
     Comment: New user odderon created
     Started: 16:48:01.231197
    Duration: 238.539 ms
     Changes:   
              ----------
              fullname:
                  Odderon
              gid:
                  829
              groups:
                  - nasqueron-irc
              home:
                  /opt/odderon
              homephone:
              name:
                  odderon
              passwd:
                  x
              roomnumber:
              shell:
              uid:
                  830
              workphone:
----------
          ID: odderon_sudo_capabilities_file
    Function: file.managed
        Name: /etc/sudoers.d/odderon
      Result: True
     Comment: File /etc/sudoers.d/odderon updated
     Started: 16:48:01.489876
    Duration: 969.884 ms
     Changes:   
              ----------
              diff:
                  New file
              mode:
                  0644

Summary for eglide
------------
Succeeded: 2 (changed=2)
Failed:    0
------------
Total states run:     2
Total run time:   1.208 s

$ ssh eglide sudo -u odderon whoami
odderon
This revision is now accepted and ready to land.Jan 25 2017, 17:02
This revision was automatically updated to reflect the committed changes.