=== add to guest keyring ===
-at home:
-
+Import the guest key into your keyring.
{{{
-cd projects/debian/d-a/guest-keyring
+ echo -n "New user's key fingerprint: " &&
+ read fingerprint &&
+ gpg --recv-keys "`echo $fingerprint | tr -d ' ' | cut -b 25-`"
}}}
-or whereever you keep the checkout. Then
+Change to the directory where you keep the guest-keyring repository:
{{{
-git pull &&
-echo -n "New user's key fingerprint: " &&
-read fingerprint &&
-./add-key "`echo $fingerprint | tr -d ' '`" &&
-git add debian-guest/add-"`echo $fingerprint | tr -d ' ' | cut -b 25-`" &&
-git add debian-guest/index debian-guest/index.gpg &&
-git ci &&
-git push
+ cd ~/dsa/guest-keyring
}}}
-=== add to ldap ===
-
-Once that is done, to to db-master (aka draghi) and add the account:
-
+Export from your keyring into the guest-keyring using:
{{{
-ud-useradd -n
+ git pull &&
+ echo -n "New user's key fingerprint: " &&
+ read fingerprint &&
+ ./add-key "`echo $fingerprint | tr -d ' '`" &&
+ git add debian-guest/add-"`echo $fingerprint | tr -d ' ' | cut -b 25-`" &&
+ git add debian-guest/index debian-guest/index.gpg &&
+ git commit -a &&
+ git push
}}}
-* enter fingerprint, account name, [fml] name and forwarding address.
-* do _not_ subscribe to -private (enter a <space> character)
-* keep uid number
-* use 60000 as gid number
+=== add to ldap ===
-Then set an expire date for the user:
+Once that is done, login to db (aka draghi) and add the account:
{{{
-echo -n "userid of new user: " &&
-read uid &&
-ldapvi --encoding=ASCII -ZZ --ldap-conf -h db.debian.org -D uid=$USER,ou=users,dc=debian,dc=org "uid=$uid"
+ ud-useradd -g
}}}
-and set {{{shadowExpire}}} to today + 60 days ( {{{echo $(( `date +%s` / 3600 / 24 + 60 ))}}} ).
+* note the -g, this is for guest accounts (doesn't prompt for -private etc.)
+* enter fingerprint, account name, [fml] name and forwarding address.
+* enter expiry date and hosts to allow access to, per the request.
+ Two months is typical.