Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • tpa-rfc-80-merge-tor-and-tails-support-policies
  • puppet-merge-costs
  • rfc-77-improv
  • tails-merge-admin-mailing-lists
  • mkdocs
  • new-blog-doc
7 results
Blame Permalink
  • anarcat's avatar
    7e897ee1
    expand on User directives · 7e897ee1
    anarcat authored 
    We've just had a situation where a TPA member pushed to pauli as root
which could have messed up the repository's permission. This was
discovered by the post-receive hook which said it was pushed as root,
which is good.

Such a configuration should prevent those issues on most services.

In particular, I add the jump host there to avoid logging in as root
as it's not necessary. The same with the LDAP server, running ldapvi
can (and should) be done as a regular user.
    Verified
    7e897ee1
    History
    expand on User directives
    anarcat authored 
    We've just had a situation where a TPA member pushed to pauli as root
which could have messed up the repository's permission. This was
discovered by the post-receive hook which said it was pushed as root,
which is good.

Such a configuration should prevent those issues on most services.

In particular, I add the jump host there to avoid logging in as root
as it's not necessary. The same with the LDAP server, running ldapvi
can (and should) be done as a regular user.