Gitolite3 on pkgs01.stg
Kevin Fenzi
kevin at scrye.com
Wed Dec 17 15:13:53 UTC 2014
On Wed, 17 Dec 2014 08:55:54 +0100
Pierre-Yves Chibon <pingou at pingoured.fr> wrote:
> On Tue, 2014-12-16 at 17:31 -0600, Jason L Tibbitts III wrote:
> > >>>>> "PC" == Pierre-Yves Chibon <pingou at pingoured.fr> writes:
> >
> > PC> Currently, the people that have shell access to pkgs01.stg, we
> > PC> currently cannot do a simple ssh pkgs01.stg...
> >
> > Ouch. I guess everything is going over the console now?
>
> The console?
> Basically, what I see at the moment is that gitolite takes all the
> incoming connections. So no shell, even for admins :(
>
> > PC> Hopefully, we'll be able to fix this.
> >
> > sshd listening on a different port, if nothing else works?
>
> That won't work since we are using ssh to connect to gitolite, we
> clone/pull/push over ssh.
>
> > I think the new package setup process still requires us to ssh in,
> > so....
>
> Well, maybe not. The idea is that git repos and git branches are
> created by the mkbranch script via a playbook triggered by pkgdb
> messages on fedmsg.
> Do we need access to the box for other things? (Knowing that
> sysadmin-main and maybe sysadmin-noc still have access via lockbox if
> needed)
I can definitely see cases we might need access to the machine:
Checking logs, looking to see if acls were right, etc.
So, IMHO it would be nice to solve this if we can...
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20141217/2b718056/attachment.sig>
More information about the infrastructure
mailing list