Re: change freeze request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

El Sat, 7 Sep 2013 17:36:01 -0700
Toshio Kuratomi <a.badger@xxxxxxxxx> escribió:
> On Sep 7, 2013 11:24 AM, "Dennis Gilmore" <dennis@xxxxxxxx> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > I want to change sudoer on the compose boxes to enable members of
> > the releng group to run "sudo cp -l" without a password this is to
> > enable easily putting the livecds and disk images in place when
> > staging a compose
> >
> > could I get some +1's please
> >
> 
> I think I'm -1 to this.
> 
> Is this something we can script to constrain which directories to
> copy to? It seems like unrestricted cp would allow overwriting any
> file on the system.  sudo nopasswd would mean that you no longer need
> your second factor to authenticate.  So that would mean we're down to
> releng ssh key passphrases being our only protection for the boxes
> which was a previous problem vector.
> 
> -Toshio

sudo /usr/bin/cp -l /mnt/fedora_koji/koji/scratch/$USER/task_*/Fedora*armhfp-$VERSION*raw.xz $FINALDEST/$VERSION/Images/armhfp/
sudo /usr/bin/cp -l /mnt/fedora_koji/koji/scratch/$USER/task_*/Fedora-i386*$VERSION*raw.xz $FINALDEST/$VERSION/Images/i386/
sudo /usr/bin/cp -l /mnt/fedora_koji/koji/scratch/$USER/task_*/Fedora-i386*$VERSION*qcow2 $FINALDEST/$VERSION/Images/i386/
sudo /usr/bin/cp -l /mnt/fedora_koji/koji/scratch/$USER/task_*/Fedora-x86_64*$VERSION*raw.xz $FINALDEST/$VERSION/Images/x86_64/
sudo /usr/bin/cp -l /mnt/fedora_koji/koji/scratch/$USER/task_*/Fedora-x86_64*$VERSION*qcow2 $FINALDEST/$VERSION/Images/x86_64/

sudo /usr/bin/cp -l /mnt/fedora_koji/koji/scratch/$USER/task*/*i686*$VERSION*iso $FINALDEST/$VERSION/Spins/i386/
sudo /usr/bin/cp -l /mnt/fedora_koji/koji/scratch/$USER/task*/*x86_64*$VERSION*iso $FINALDEST/$VERSION/Spins/x86_64/

is the commands im wanting to run right now.

Dennis
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (GNU/Linux)

iEYEARECAAYFAlIvSlQACgkQkSxm47BaWfctvACguBv4zuj1iXGHfKqS+x3hZ92R
/VAAn08viyLqcJECW+G1a3UVAMGfLwVC
=4TDn
-----END PGP SIGNATURE-----
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure





[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux