diff options
Diffstat (limited to 'parabola-hackers.yml')
-rw-r--r-- | parabola-hackers.yml | 46 |
1 files changed, 22 insertions, 24 deletions
diff --git a/parabola-hackers.yml b/parabola-hackers.yml index b993e6c..e2eef55 100644 --- a/parabola-hackers.yml +++ b/parabola-hackers.yml @@ -1,50 +1,48 @@ --- -# Where to look for "${uid}.yml" files -yamldir: "/var/lib/hackers-git/users" - -# Which groups imply membership in other groups (since UNIX groups -# can't be nested). +# Which meta-groups imply membership in other groups +# (since UNIX groups can't be nested). # -# That is, if you are in the 'hackers' group, you are also in the -# 'repo' and 'git' groups, even if they aren't listed. +# e.g. 'hackers' are also in the 'repo' and 'git' groups groupgroups: - # high-level groups + # mutually-exclusive general groups + bots: + - keyring-trusted + fellows: + - email hackers: - administrators - committers - email - keyring-trusted - packagers - fellows: - - email trustedusers: - keyring-secondary - bots: - - keyring-trusted - # capability groups - committers: - - git - packagers: - - repo + # fine-grained capability groups administrators: - log - ssh - systemd-journal - wheel + committers: + - git + packagers: + - repo -# Groups that are system users that can be ssh'ed into. +# Groups that are have associated system users that can be SSH'ed into. # -# So, if 'lukeshu' is in the 'repo' group, he can ssh to -# 'repo'@hostname. +# e.g. those with 'repo' in their group tree, can SSH as the repo user. ssh_pseudo_users: -- repo - git +- repo -# The message, if any, that is presented to the user when password -# modification through PAM is prohibited. -pam_password_prohibit_message: '' +# Where to look for "${uid}.yml" files +yamldir: "/var/lib/hackers-git/users" # Where to keep files that can be cached between versions when making # the pacman keyring. keyring_cachedir: "/var/cache/parabola-hackers" + +# The message, if any, that is presented to the user when password +# modification through PAM is prohibited. +pam_password_prohibit_message: '' |