User login

Stefan Freudenberg

Account management with LDAP

Add new user

$ sudo cpu useradd user

Add existing user to group

$ sudo ldapaddusertogroup user group

You can check that the add has taken effect by looking over the lists of groups the user is in (due to caching this may take some time):

$ sudo -u user groups

Using LDAP Serverside

Most LDAP functions used at Agaric will be controlled through the Drupal interface.

When for some reason you need to use LDAP straight, here is how.

Type ldap and press TAB to see the available ldap commands. You can then use "man ldapetcetc" to look up that particular command (there is no "ldap" command).

Common commands you may need:
ldapsearch -x cn=Username

ldapsearch, ldapmodify, ldapadd, ldapdelete

To delete a user you need to connect as admin:

SSH agent forwarding

See http://data.agaric.com/node/107 for the right way.

For having your public key somehow let you be able to use your repositories and stuff. It's good magic.

.ssh forwarding agent forward ssh-agent

goes in /home/username/.ssh/config

An example:

Putting a local project maintained in git on a server as a central repository

Note: The agaric git repository is not public, but this approach will work on your own server.

Stefan explained: copy your folders to your home dir on the server, cd to /srv/git and then run git clone --bare folder folder.git

cd ~
scp -r customhome ben@grassrootsconnection.org:~/customhome

On the server:

ben@server:/srv/git/agaric$ git clone --bare ~/customhome customhome.git

Initialized empty Git repository in /srv/git/agaric/customhome.git/

And don't forget!

How to restart Drupal bot (and wish to automatically restart)

The first start

cd /home/members/agariclabs/sites/my.agaric.com/web/sites/all/modules/bot
php bot_start.php --root /home/members/agariclabs/sites/my.agaric.com/web --url http://my.agaric.com&

Older discussion about restarting below (uses test server paths)

To restart your friendly neighborhood drupal bot when it no longer responds to commands, first kill the zombie bot for real.

When you kill it, the bot disappears from the channels so you don't have to kick it out, and the re-started bot will be able to claim its proper name.

Installing Drush

We are fTollowing our Debian-inspired sysadmin, Stefan Freudenberg, in the locations of this extra-Drupal project, but you can put it anywhere.

Remember to check the Drush project page for the latest version to wget, and replace the CURRENT-VERSION tarball link with that. This will be the last module you ever have to do that for.

Passwordless SSH (using Public Keys and Agent Forwarding)

Part I: Private and Public Keys

SSH public key authentication requires the user to create a public/private key pair on her machine. It's easy:

ssh-keygen

A key pair will be generated (it is ok to hit enter every time you are prompted by the key generator) and stored in ~/.ssh. The default names are id_rsa/id_rsa.pub and id_dsa/id_dsa.pub depending on the encryption algorithm. For each device used to connect to remote machines via ssh this must be repeated. It's not a good idea to spread the private key.

Syndicate content