From 9618a52308f7b76cac0afd8d005ceaa8561165ca Mon Sep 17 00:00:00 2001 From: Paul Wise Date: Tue, 19 May 2015 13:39:32 +0800 Subject: [PATCH] Automate the tedious parts of creating guest accounts --- input/howto/add-guest.creole | 42 ++++++++++++++++++------------------ 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/input/howto/add-guest.creole b/input/howto/add-guest.creole index 70914f1..464768e 100644 --- a/input/howto/add-guest.creole +++ b/input/howto/add-guest.creole @@ -1,39 +1,39 @@ == Add a guest account to ud-ldap == -=== add to guest keyring === +Check that the new user is a Debian contributor and the request is reasonable. + +Save the signed request to a file and the signed DMUP agreement to another file. + +Setup the script that automates the addition of guest accounts: -Import the guest key into your keyring. {{{ - echo -n "New user's key fingerprint: " && - read fingerprint && - gpg --recv-keys "`echo $fingerprint | tr -d ' ' | cut -b 25-`" + git clone https://db.debian.org/git/dsa-misc.git + ln -s $(pwd)/scripts/add-guest ~/bin/dsa-add-guest }}} -Change to the directory where you keep the guest-keyring repository: +For a guest account based on DM or NM status: + {{{ - cd ~/dsa/guest-keyring + dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup dm + dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup nm }}} -Export from your keyring into the guest-keyring using: -{{{ - git pull && - echo -n "New user's key fingerprint: " && - read fingerprint && - ./add-key "`echo $fingerprint | tr -d ' '`" && - git add debian-guest/add-"`echo $fingerprint | tr -d ' ' | cut -b 25-`" && - git add debian-guest/index debian-guest/index.gpg && - git commit -a && - git push +For a guest account based on a sponsor: + +{{{ + dsa-add-guest ~/dsa/debian-keyrings ~/dsa/guest-keyring ~/path/to/mail ~/path/to/dmup sponsor }}} -=== add to ldap === +At the git commit prompt enter something like this: -Once that is done, login to db (aka draghi) and add the account: {{{ - ud-useradd -g + Add Jane Doe (RT#1234) }}} -* note the -g, this is for guest accounts (doesn't prompt for -private etc.) +At the final account entry prompt: + * enter fingerprint, account name, [fml] name and forwarding address. * enter expiry date and hosts to allow access to, per the request. Two months is typical. + +Then close the RT ticket. -- 2.20.1