Last modified: 2012-06-26 21:25:29 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T39818, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 37818 - Can't add ssh key for LDAP user who already had developer access
Can't add ssh key for LDAP user who already had developer access
Status: RESOLVED FIXED
Product: Wikimedia
Classification: Unclassified
Subversion (Other open bugs)
unspecified
All All
: Unprioritized normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-22 01:58 UTC by Sumana Harihareswara
Modified: 2012-06-26 21:25 UTC (History)
4 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Sumana Harihareswara 2012-06-22 01:58:07 UTC 
I am trying to give SVN commit access to Krenair, who already had an LDAP listing (made via labsconsole).  I tried to add his ssh key on formey and got this error:

sumanah@formey:~$ sudo modify-ldap-user --addkeys=/tmp/krenair.txt krenair
There was a general error, this is unexpected; see traceback.
Traceback (most recent call last):
  File "/usr/local/sbin/modify-ldap-user", line 110, in main
    hdm.writeKeys(username, NewPosixData['sshPublicKey'])
  File "/usr/local/lib/user-management/homedirectorymanager.py", line 238, in writeKeys
    self.writeFile(self.basedir + user + '/.ssh/authorized_keys', "\n".join(keys) + "\n")
  File "/usr/local/lib/user-management/homedirectorymanager.py", line 408, in writeFile
    f = open(path, 'w')
IOError: [Errno 2] No such file or directory: '/home/krenair/.ssh/authorized_keys'
Comment 1 Ryan Lane 2012-06-22 08:36:40 UTC 
Did you run add-ldap-user? Because you can't modify a user who doesn't exist.
Comment 2 Alex Monk 2012-06-23 12:33:36 UTC 
I was sort of under the impression that I already had an LDAP account through labsconsole and Gerrit.
Comment 3 Chad H. 2012-06-23 19:33:36 UTC 
Shouldn't you just set your key via labsconsole then? The key shouldn't need to be added by Sumana or Ryan or myself.

I'm willing to bet the problem isn't the key, but svn authz. Was Krenair added to the mediawiki group?
Comment 4 Alex Monk 2012-06-23 19:59:28 UTC 
According to bug 32225 I can't change my keys for SVN from labsconsole.

The error I've been getting when trying to use SVN is "Permission denied (publickey)."
Comment 5 Sumana Harihareswara 2012-06-23 21:26:35 UTC 
Yes, this account is already in LDAP, as I confirmed via 

ldaplist -l passwd krenair

And it's authorized for the mediawiki group, since I successfully ran

svn-group add krenair mediawiki

and I checked the authz file and krenair is in the mediawiki group.
Comment 6 Ryan Lane 2012-06-25 19:35:57 UTC 
I created it manually.

add-ldap-user should have created the home directory. Can we get rid of svn already? :(
Comment 7 Alex Monk 2012-06-26 17:56:49 UTC 
Now when trying to commit my userinfo file:
svn: Can't open file '/svnroot/mediawiki/db/txn-current-lock': Permission denied
Comment 8 Chad H. 2012-06-26 21:25:29 UTC 
(In reply to comment #7)
> Now when trying to commit my userinfo file:
> svn: Can't open file '/svnroot/mediawiki/db/txn-current-lock': Permission
> denied

I made USERINFO read-only since I've been cleaning up the history to migrate it to git.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links