[Labs-l] Passwordless sudo on all instances
Petr Bena
benapetr at gmail.com
Fri Jan 25 08:16:05 UTC 2013
Is there a dot in 'All project members.' ? and is it case sensitive? Does
it work with spaces?
On Fri, Jan 25, 2013 at 9:15 AM, Petr Bena <benapetr at gmail.com> wrote:
> Why renaming ALL?
>
>
> On Fri, Jan 25, 2013 at 3:27 AM, Patrick Reilly <preilly at wikimedia.org>wrote:
>
>> Great work Andrew!
>>
>> — Patrick
>>
>> On Thu, Jan 24, 2013 at 6:22 PM, Ryan Lane <rlane at wikimedia.org> wrote:
>>
>>> This is really awesome. Great work Andrew!
>>>
>>>
>>> On Thu, Jan 24, 2013 at 5:27 PM, Andrew Bogott <abogott at wikimedia.org>wrote:
>>>
>>>> I've just made a few changes to the way sudo is handled in labs. Most
>>>> users will only notice the first one:
>>>>
>>>> 1) Password-free: anyone who had sudo rights before will still have
>>>> them, but now sudo commands will execute immediately without first
>>>> prompting for a password.
>>>>
>>>> 2) Default policies: Newly created projects will automatically have a
>>>> permissive sudo policy that provides sudo rights for all project members
>>>> and all commands.
>>>>
>>>> 3) No more 'ALL' users: The user group named 'ALL' has been replaced
>>>> by the slightly-more-secure 'All project members.'
>>>>
>>>> If you are a project sysadmin and find #1 alarming, it's easy to turn
>>>> passwords back on. Visit https://labsconsole.wikimedia.**
>>>> org/wiki/Special:NovaSudoer<https://labsconsole.wikimedia.org/wiki/Special:NovaSudoer>-- passwordless sudo is reflected by the "!authenticate" option. To
>>>> require passwords for a given policy, click the 'modify' link and then
>>>> check the 'require authentication' box on the following page.
>>>>
>>>> Please let me know if you find any breakage with these changes!
>>>>
>>>> -Andrew
>>>>
>>>>
>>>> ______________________________**_________________
>>>> Labs-l mailing list
>>>> Labs-l at lists.wikimedia.org
>>>> https://lists.wikimedia.org/**mailman/listinfo/labs-l<https://lists.wikimedia.org/mailman/listinfo/labs-l>
>>>>
>>>
>>>
>>> _______________________________________________
>>> Labs-l mailing list
>>> Labs-l at lists.wikimedia.org
>>> https://lists.wikimedia.org/mailman/listinfo/labs-l
>>>
>>>
>>
>> _______________________________________________
>> Labs-l mailing list
>> Labs-l at lists.wikimedia.org
>> https://lists.wikimedia.org/mailman/listinfo/labs-l
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wikimedia.org/pipermail/labs-l/attachments/20130125/0a1702f1/attachment-0001.html>
More information about the Labs-l
mailing list