[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27145 [Internal Services/Tor Sysadmin Team]: help.tpo accounts is not clear enough

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #27145 [Internal Services/Tor Sysadmin Team]: help.tpo accounts is not clear enough
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 14 Aug 2018 22:59:08 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 14 Aug 2018 18:59:18 -0400
In-reply-to: <044.e9e5b165cb7d0c9406d90eb37298ae80@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.e9e5b165cb7d0c9406d90eb37298ae80@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#27145: help.tpo accounts is not clear enough
-------------------------------------------------+---------------------
 Reporter:  juga                                 |          Owner:  tpa
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+---------------------
Changes (by irl):

 * owner:  (none) => tpa
 * component:  - Select a component => Internal Services/Tor Sysadmin Team


Comment:

 I am not a sysadmin team person, so some of this may be incorrect, but
 here's my understanding:

 Replying to [ticket:27145 juga]:
 > Quoting https://help.torproject.org/tsa/doc/accounts/:
 >
 > > Most of the time when people want access to a specific host, what they
 really want is getting added to a particular group
 >
 > does "people" need to know how ldap works or how the different
 services/machines are configured to know which "group" they want to be
 added to?
 > i suspect no

 If you already have an ldap account you can probably log in to the machine
 and run `ls -la /srv/thing` and it will tell you what group owns a
 service.

 Many things are documented on the
 [[https://trac.torproject.org/projects/tor/wiki/org/operations/Infrastructure|Infrastructure]]
 wiki page.

 For most services you would probably have been working with existing
 people in the group and they would know what group access to ask for.

 > > If you want to get added to some unix group, you will have to find an
 existing member of that group.
 >
 > awesome explanation, what if a new group is needed?

 This should probably still be a ticket for the sysadmin component, but the
 group creation would normally be a side effect of the deployment of a new
 service, which again would be a ticket for the sysadmin component.

 > > They should then request on trac –
 >
 > ok, the person in the group, not the person that "want" the "access".

 Yes. The request must be from an existing member of the group.

 > > ideally in a PGP signed message (as above in the new account creation
 section) – that you be added to their group.
 >
 > it seems this means that the *OpenPGP*-signed messaged should be in the
 trac ticket, but gives confusion to whether it should be a email, and
 whether it should be PGP-signed.

 `gpg --clearsign` will produce a signed message that can be pasted into a
 trac ticket, and allow for the person processing the ticket to validate
 the signature.

 > And i could not find the component where to include this ticket.

 I have filed it in the sysadmin component, which is where ldap related
 things go.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27145#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #27145 [- Select a component]: help.tpo accounts is not clear enough
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #27335 [Core Tor/Tor]: Tor bug when hs directory is missing
Next by Author: [tor-bugs] #27019 [Applications/Tor Browser]: TBA: Audit thirdparty apache/commons/codec
Previous by thread: [tor-bugs] #27145 [- Select a component]: help.tpo accounts is not clear enough
Next by thread: Re: [tor-bugs] #27145 [Internal Services/Tor Sysadmin Team]: help.tpo accounts is not clear enough
Index(es):
- Author
- Thread