Man page - mini-buildd-ssh-setup(8)

Packages contains this manual

Package: mini-buildd
apt-get install mini-buildd

Manuals in package:

Documentations in package:

mini-buildd

Manual

MINI-BUILDD-SSH-SETUP

NAME
SYNOPSIS
DESCRIPTION

NAME

mini-buildd-ssh-setup - Idempotent setup script for SSH access

SYNOPSIS

mini-buildd-ssh-setup [[ <ENDPOINT> ] | [ --purge ]] (as user root)

DESCRIPTION

Idempotent setup script for SSH access

Create and setup three UNIX users that are corresponding to mini-buildd users of the same name:
* mini-buildd-uploader:

Allow uploads via SSH

* mini-buildd-staff:

Allow API calls with ’staff’ authorization via SSH

* mini-buildd-admin:

Allow API calls with ’admin’ authorization via SSH

Needed extra work on mini-buildd:
* BEFORE running this:

Please create all the three mini-buildd users

* AFTER running this:

Please check/configure/activate the Upload Profile for user mini-buildd-uploader

When this is up:
* Grant someone access:

See the example line in created ’authorized_keys’ files of the resp. users.

* Run API calls:

’ssh mini-buildd-staff|admin@<yourhost> mini-buildd-api <mini_buildd_api_args>’

Note that you will need the _complete_ arguments, including the correct user endpoint (like ’http://mini-buildd-staff@<yourhost>:8066’)

* Upload:

An extra ’.dput.cf’ will be generated in ’/var/lib/mini-buildd/etc/dput.cf’ (for dput_conf API call)

Authorized users can now also upload with this new target.

Caveats:

Someone with access to ’mini-buildd-uploader’ could potentially copy from or write to arbitrary locations (within the mini-buildd-uploader user’s permissions).