-
Notifications
You must be signed in to change notification settings - Fork 4
Procedures
Nathan Hui edited this page Oct 22, 2024
·
4 revisions
- Create a new branch
- Install the python tools (
python -m pip install --upgrade pip poetry && poetry install) - Run the add user tool (
python add_user.py) - Follow the prompts
- Review and commit the changes to
waiter_users.yaml - Submit a pull request to one of the KRG Waiter admins.
As a general policy, users will not be permitted full sudo access to the system. Specific commands may be permitted using per-user sudoers exceptions. For instance, users who need to be able to manage passwords for student (class) accounts would need to be able to run the passwd command for their specific class, e.g. CSE 237C for FA24 would need passwd cse237c_fa24*. Thus, we would add /usr/bin/passwd cse237c_fa24* as an entry in that user's sudo_allow section. To expire, we would move that entry to sudo_deny. You can see a functional example here: https://github.com/KastnerRG/waiter/blob/844e658bb36446cc9858ba2fa42e3b3d540a2836/waiter_users.yaml#L51-L58