X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=input%2Fhowto%2Fadd-guest.creole;h=464768e3bf2b56444d35f340adde7cbf1c2f8e12;hb=4748598a49ca95a8569fb7638db087e00821ddeb;hp=43b6687726a2a5d84cc9d04aae1765e61acf68af;hpb=85dd43b1d687bfe86d3bee03bc6730b06b9f9ff0;p=mirror%2Fdsa-wiki.git diff --git a/input/howto/add-guest.creole b/input/howto/add-guest.creole index 43b6687..464768e 100644 --- a/input/howto/add-guest.creole +++ b/input/howto/add-guest.creole @@ -1,43 +1,39 @@ == Add a guest account to ud-ldap == -=== add to guest keyring === +Check that the new user is a Debian contributor and the request is reasonable. -at home: +Save the signed request to a file and the signed DMUP agreement to another file. + +Setup the script that automates the addition of guest accounts: {{{ - cd projects/debian/d-a/guest-keyring + git clone https://db.debian.org/git/dsa-misc.git + ln -s $(pwd)/scripts/add-guest ~/bin/dsa-add-guest }}} -or whereever you keep the checkout. Then +For a guest account based on DM or NM status: + {{{ - git pull && - echo -n "New user's key fingerprint: " && - read fingerprint && - ./add-key "`echo $fingerprint | tr -d ' '`" && - git add debian-guest/add-"`echo $fingerprint | tr -d ' ' | cut -b 25-`" && - git add debian-guest/index debian-guest/index.gpg && - git ci && - git push + dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup dm + dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup nm }}} -=== add to ldap === +For a guest account based on a sponsor: -Once that is done, to to db-master (aka draghi) and add the account: - -{{{ - ud-useradd -n +{{{ + dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup sponsor }}} -* enter fingerprint, account name, [fml] name and forwarding address. -* do _not_ subscribe to -private (enter a space character) -* keep uid number -* use 60000 as gid number +At the git commit prompt enter something like this: -Then set an expire date for the user: {{{ - echo -n "userid of new user: " && - read uid && - ldapvi --encoding=ASCII -ZZ --ldap-conf -h db.debian.org -D uid=$USER,ou=users,dc=debian,dc=org "uid=$uid" + Add Jane Doe (RT#1234) }}} -and set {{{shadowExpire}}} to today + 60 days ( {{{echo $(( `date +%s` / 3600 / 24 + 60 ))}}} ). +At the final account entry prompt: + +* enter fingerprint, account name, [fml] name and forwarding address. +* enter expiry date and hosts to allow access to, per the request. + Two months is typical. + +Then close the RT ticket.