projects
/
mirror
/
dsa-wiki.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Disable backports before upgrading to buster
[mirror/dsa-wiki.git]
/
input
/
howto
/
add-guest.creole
diff --git
a/input/howto/add-guest.creole
b/input/howto/add-guest.creole
index
9783a7f
..
464768e
100644
(file)
--- a/
input/howto/add-guest.creole
+++ b/
input/howto/add-guest.creole
@@
-1,43
+1,39
@@
== Add a guest account to ud-ldap ==
== Add a guest account to ud-ldap ==
-=== add to guest keyring ===
+Check that the new user is a Debian contributor and the request is reasonable.
-at home:
+Save the signed request to a file and the signed DMUP agreement to another file.
+
+Setup the script that automates the addition of guest accounts:
{{{
{{{
- cd projects/debian/d-a/guest-keyring
+ git clone https://db.debian.org/git/dsa-misc.git
+ ln -s $(pwd)/scripts/add-guest ~/bin/dsa-add-guest
}}}
}}}
-or whereever you keep the checkout. Then
+For a guest account based on DM or NM status:
+
{{{
{{{
- git pull &&
- echo -n "New user's key fingerprint: " &&
- read fingerprint &&
- ./add-key "`echo $fingerprint | tr -d ' '`" &&
- git add debian-guest/add-"`echo $fingerprint | tr -d ' ' | cut -b 25-`" &&
- git add debian-guest/index debian-guest/index.gpg &&
- git ci &&
- git push
+ dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup dm <fingerprint>
+ dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup nm <fingerprint>
}}}
}}}
-=== add to ldap ===
+For a guest account based on a sponsor:
-Once that is done, to to db-master (aka draghi) and add the account:
-
-{{{
- ud-useradd -n
+{{{
+ dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup sponsor <fingerprint>
}}}
}}}
-* enter fingerprint, account name, [fml] name and forwarding address.
-* do _not_ subscribe to -private (enter a <space> character)
-* keep uid number
-* use 60000 as gid number
+At the git commit prompt enter something like this:
-Then set an expire date for the user:
{{{
{{{
- echo -n "userid of new user: " &&
- read uid &&
- ldapvi --encoding=ASCII -ZZ --ldap-conf -h db.debian.org -D uid=$USER,ou=users,dc=debian,dc=org "uid=$uid"
+ Add Jane Doe (RT#1234)
}}}
}}}
-and set {{{shadowExpire}}} to today + 60 days ( {{{echo $(( `date +%s` / 3600 / 24 + 60 ))}}} ).
+At the final account entry prompt:
+
+* enter fingerprint, account name, [fml] name and forwarding address.
+* enter expiry date and hosts to allow access to, per the request.
+ Two months is typical.
+
+Then close the RT ticket.