From 0d0323696e13392ea7a5a69ad546ac75039fab14 Mon Sep 17 00:00:00 2001 From: ebner Date: Tue, 8 Nov 2022 16:05:27 +0100 Subject: [PATCH 1/3] add info regarding used unix groups --- infrastructure-guide/home.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/infrastructure-guide/home.md b/infrastructure-guide/home.md index 4985bc9a..5ccc15ac 100644 --- a/infrastructure-guide/home.md +++ b/infrastructure-guide/home.md @@ -56,6 +56,7 @@ Access to the redhat.com knowledge base: # HTTPS Certificates * [HTTPS Certificates](https://linux.psi.ch/admin-guide/operations/certificates.html) + # SSH Certificates / Signing Public User Keys Use the [user ca certificate](https://git.psi.ch/linux-infra/core-linux-secrets/-/blob/main/ssh-ca/user-ca.gpg), but this is automated by pasting below function into your shell @@ -88,3 +89,18 @@ sign-user-ssh-key $PRINCIPAL $PUBKEY_FILE ``` More details on how this works can be found in this article: https://engineering.fb.com/2016/09/12/security/scalable-and-secure-access-with-ssh/ + + +# Unix Groups + +Currently we have following AD groups to grant access to certain services/systems: + +| unx-linux_support | used to give Linux supporters access to systems/services | +| unx-puppet_adm -| associated with lxdev environment/systems | +| unx-puppet_dev | developer of puppet code | +| unx-puppet_usr | user of puppet (i.e. need access to linux-infra group/repos) | + +These two groups are used within Service now to assign tickets: +| itsm-linux | +| itsm-linux_2nd | + From cfd5057271897df50262abfde1d24a8b6f689e8f Mon Sep 17 00:00:00 2001 From: ebner Date: Tue, 8 Nov 2022 16:13:09 +0100 Subject: [PATCH 2/3] fix table --- infrastructure-guide/home.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/infrastructure-guide/home.md b/infrastructure-guide/home.md index 5ccc15ac..aac3ab06 100644 --- a/infrastructure-guide/home.md +++ b/infrastructure-guide/home.md @@ -95,12 +95,14 @@ More details on how this works can be found in this article: https://engineering Currently we have following AD groups to grant access to certain services/systems: +| ---- | ---- | | unx-linux_support | used to give Linux supporters access to systems/services | | unx-puppet_adm -| associated with lxdev environment/systems | | unx-puppet_dev | developer of puppet code | | unx-puppet_usr | user of puppet (i.e. need access to linux-infra group/repos) | These two groups are used within Service now to assign tickets: +| ---- | | itsm-linux | | itsm-linux_2nd | From 4efaf775576b7b6dc9b6b52af4136d119d7654ef Mon Sep 17 00:00:00 2001 From: ebner Date: Tue, 8 Nov 2022 16:42:17 +0100 Subject: [PATCH 3/3] fix table 2 --- infrastructure-guide/home.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/infrastructure-guide/home.md b/infrastructure-guide/home.md index aac3ab06..41b7256b 100644 --- a/infrastructure-guide/home.md +++ b/infrastructure-guide/home.md @@ -95,6 +95,7 @@ More details on how this works can be found in this article: https://engineering Currently we have following AD groups to grant access to certain services/systems: +| Group | Notes | | ---- | ---- | | unx-linux_support | used to give Linux supporters access to systems/services | | unx-puppet_adm -| associated with lxdev environment/systems | @@ -102,6 +103,7 @@ Currently we have following AD groups to grant access to certain services/system | unx-puppet_usr | user of puppet (i.e. need access to linux-infra group/repos) | These two groups are used within Service now to assign tickets: +| Group | | ---- | | itsm-linux | | itsm-linux_2nd |