Review fas-notes SOP
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
This commit is contained in:
Michal Konečný
parent
f6f5ae2694
commit
97b7c31afb
2 changed files with 15 additions and 18 deletions
|
|
@ -3,9 +3,9 @@
|
|||
Notes about FAS and how to do things in it:
|
||||
|
||||
* where are certs for fas accounts for koji, etc? on fas01
|
||||
/var/lib/fedora-ca - makefile targets allow you to do things with them.
|
||||
`/var/lib/fedora-ca` - makefile targets allow you to do things with them.
|
||||
|
||||
look in index.txt for certs. One's marked with an 'R' in the left-most
|
||||
look in `index.txt` for certs. One's marked with an 'R' in the left-most
|
||||
column are 'REVOKED'
|
||||
|
||||
to revoke a cert:
|
||||
|
|
@ -14,7 +14,7 @@ to revoke a cert:
|
|||
cd /var/lib/fedora-ca
|
||||
....
|
||||
|
||||
find the cert number in index.txt - the number is the 3rd column in the
|
||||
find the cert number in `index.txt` - the number is the 3rd column in the
|
||||
file - you can match it to the user by searching for their username. You
|
||||
want the highest number cert for their account.
|
||||
|
||||
|
|
@ -27,8 +27,8 @@ make revoke cert=newcerts/$that_number.pem
|
|||
== How to gather information about a user
|
||||
|
||||
You'll want to have direct access to query the database for this. The
|
||||
common way is to have someone in sysadmin-db ssh to the postgres db
|
||||
hosting FAS (currently db01). Then access it via ident auth on the box:
|
||||
common way is to have someone in _sysadmin-db_ ssh to the postgres db
|
||||
hosting FAS (currently _db01_). Then access it via ident auth on the box:
|
||||
|
||||
....
|
||||
sudo -u postgres psql fas2
|
||||
|
|
@ -74,7 +74,6 @@ description::
|
|||
description of the event that's being logged
|
||||
|
||||
[NOTE]
|
||||
.Note
|
||||
====
|
||||
FAS does not log every event that happens to a user. Only "important"
|
||||
ones. FAS also cannot record direct changes to the database here (for
|
||||
|
|
@ -109,46 +108,44 @@ sponsor_id::
|
|||
== Account Deletion and renaming
|
||||
|
||||
[NOTE]
|
||||
.Note
|
||||
====
|
||||
see also accountdeletion.rst For information on how to disable, rename,
|
||||
See also <<accountdeletion.adoc#>> for information on how to disable, rename,
|
||||
and remove accounts.
|
||||
====
|
||||
|
||||
== Pseudo Users
|
||||
|
||||
[NOTE]
|
||||
.Note
|
||||
====
|
||||
see also nonhumanaccounts.rst For information on creating pseudo user
|
||||
See also <<nonhumanaccounts.adoc#>> for information on creating pseudo user
|
||||
accounts for use in pkgdb/bugzilla
|
||||
====
|
||||
|
||||
== fas staging
|
||||
|
||||
we have a staging fas db setup on db-fas01.stg.phx2.fedoraproject.org -
|
||||
it accessed by fas01.stg.phx2.fedoraproject.org
|
||||
We have a staging fas db setup on `db-fas01.stg.iad2.fedoraproject.org` -
|
||||
it's accessed by `fas01.stg.iad2.fedoraproject.org`
|
||||
|
||||
This system is not autopopulated by production fas - it must be done
|
||||
manually. To do this you must:
|
||||
|
||||
* dump the fas2 db on db-fas01.phx2.fedoraproject.org:
|
||||
* dump the fas2 db on `db-fas01.iad2.fedoraproject.org`:
|
||||
+
|
||||
....
|
||||
sudo -u postgres pg_dump -C fas2 > fas2.dump
|
||||
scp fas2.dump db-fas01.stg.phx2.fedoraproject.org:/tmp
|
||||
scp fas2.dump db-fas01.stg.iad2.fedoraproject.org:/tmp
|
||||
....
|
||||
* then on fas01.stg.phx2.fedoraproject.org:
|
||||
* then on `fas01.stg.iad2.fedoraproject.org`:
|
||||
+
|
||||
....
|
||||
/etc/init.d/httpd stop
|
||||
....
|
||||
* then on db02.stg.phx2.fedoraproject.org:
|
||||
* then on `db02.stg.iad2.fedoraproject.org`:
|
||||
+
|
||||
....
|
||||
echo "drop database fas2\;" | sudo -u postgres psql ; cat fas2.dump | sudo -u postgres psql
|
||||
....
|
||||
* then on fas01.stg.phx2.fedoraproject.org:
|
||||
* then on `fas01.stg.iad2.fedoraproject.org`:
|
||||
+
|
||||
....
|
||||
/etc/init.d/httpd start
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue