From ce7ef6536a5e7189357fcb1679733409144b64fe Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Tue, 30 Mar 2021 09:28:06 +1100 Subject: [PATCH] openafs-server-config: install UserList This was missed during recent updates; this UserList needs to be on all servers to allow bos, vos and backup commands. Update the documentation to reflect the centralised copy. Change-Id: I8ada3d5035bb7ef77b19ce6aaffb48335974a124 --- doc/source/afs.rst | 9 ++++----- playbooks/roles/openafs-server-config/files/UserList | 9 +++++++++ playbooks/roles/openafs-server-config/tasks/main.yaml | 1 + 3 files changed, 14 insertions(+), 5 deletions(-) create mode 100644 playbooks/roles/openafs-server-config/files/UserList diff --git a/doc/source/afs.rst b/doc/source/afs.rst index f1b2108977..e8c09cb716 100644 --- a/doc/source/afs.rst +++ b/doc/source/afs.rst @@ -165,13 +165,12 @@ Adding a Superuser Run the following commands to add an existing principal to AFS as a superuser:: - bos adduser -server afsdb01.openstack.org -user $USERNAME.admin - bos adduser -server afsdb02.openstack.org -user $USERNAME.admin - bos adduser -server afs01.dfw.openstack.org -user $USERNAME.admin - bos adduser -server afs02.dfw.openstack.org -user $USERNAME.admin - bos adduser -server afs01.ord.openstack.org -user $USERNAME.admin pts adduser -user $USERNAME.admin -group system:administrators +After this, you should update the +:git_file:`playbooks/roles/openafs-server-config/files/UserList` file +to ensure the new username is authorized to issue privileged commands. + Deleting Files ~~~~~~~~~~~~~~ diff --git a/playbooks/roles/openafs-server-config/files/UserList b/playbooks/roles/openafs-server-config/files/UserList new file mode 100644 index 0000000000..2efbe19c07 --- /dev/null +++ b/playbooks/roles/openafs-server-config/files/UserList @@ -0,0 +1,9 @@ +corvus.admin +mordred.admin +fungi.admin +service.afsadmin +nibz.admin +pabelanger.admin +clarkb.admin +ianw.admin +frickler.admin diff --git a/playbooks/roles/openafs-server-config/tasks/main.yaml b/playbooks/roles/openafs-server-config/tasks/main.yaml index ba0fcb5178..e53ee8eddb 100644 --- a/playbooks/roles/openafs-server-config/tasks/main.yaml +++ b/playbooks/roles/openafs-server-config/tasks/main.yaml @@ -24,6 +24,7 @@ loop: - CellServDB - ThisCell + - UserList - name: Install rxkad.keytab shell: 'echo "{{ openafs_server_rxkad_keytab }}" | base64 -d > /etc/openafs/server/rxkad.keytab'