table of contents
other versions
- bookworm-backports 2.2.0~bpo12+1
- testing 2.2.0
- unstable 2.2.0
MINI-BUILDD-SSH-SETUP(8) | System Administration Utilities | MINI-BUILDD-SSH-SETUP(8) |
NAME¶
mini-buildd-ssh-setup - Idempotent setup script for SSH access
SYNOPSIS¶
mini-buildd-ssh-setup [[<ENDPOINT>]|[--purge]] (as user root)
DESCRIPTION¶
Idempotent setup script for SSH access
Create and setup three UNIX users that are corresponding to mini-buildd users of the same name:
- * mini-buildd-uploader: Allow uploads via SSH * mini-buildd-staff: Allow API calls with 'staff' authorization via SSH * mini-buildd-admin: Allow API calls with 'admin' authorization via SSH
Needed extra work on mini-buildd:
- * BEFORE running this: Please create all the three mini-buildd users * AFTER running this: Please check/configure/activate the Upload Profile for user mini-buildd-uploader
When this is up:
- * Grant someone access: See the example line in created 'authorized_keys' files of the resp. users. * Run API calls: 'ssh mini-buildd-staff|admin@<yourhost> mini-buildd-api <mini_buildd_api_args>'
- Note that you will need the _complete_ arguments, including the correct user endpoint (like 'http://mini-buildd-staff@<yourhost>:8066')
- * Upload: An extra '.dput.cf' will be generated in '/var/lib/mini-buildd/etc/dput.cf' (will will also show on the dput_conf API
- call). Authorized users can now also upload with this new target.
Caveats:
- * Someone with access to 'mini-buildd-uploader' could potentially copy from or write to arbitrary locations (within
- the mini-buildd-uploader user's permissions).
June 2023 | mini-buildd-ssh-setup 2.0.0 |