admin user list

Ewoud Kohl van Wijngaarden ewoud+ovirt at kohlvanwijngaarden.nl
Thu Jun 22 06:30:11 UTC 2017


On Thu, Jun 22, 2017 at 12:17:34PM +0900, Marc Dequènes (Duck) wrote:
>Quack,
>
>So I'm setting up admin users for infra-ansible and the associated
>machines to give you root access. I need some help to understand how
>this list is defined.
>
>In Puppet I could find 23 users (not counting the devel and system
>accounts). If I log onto backup I can only find 18 of them deployed. So
>for example account 'dfediuck' is not created while I can't find any
>difference with other properly created ones. It does not seem there are
>Puppet groups defined either.

As I recall it there's a puppet class for every user. Then in Foreman 
these classes can be added to a host. Mostly they will have the ensure 
set to present, but absent can work too if you want to remove them.

>On the contrary if I log into resources I can find extra users like
>'rafaelmartins' and they are nowhere to be found into Puppet. So I guess
>they were added manually. This makes removing users no more in the
>project very difficult, so I think we should audit user accounts.

Auditing makes sense. Given my lack of involvement I think my accounts 
could be cleaned up as well.


More information about the Infra mailing list