Requesting shell access

From Wikitech
Jump to: navigation, search

These instructions are for requesting login shell access to the Wikimedia cluster. They are not for access to Git/Gerrit or Wikimedia Labs. Information on these can be found on MediaWiki.org.

Requesting shell access to the Wikimedia server cluster is granted strictly on an as needed basis, and is entirely under review by the Technical Department and Operations Department managers. They can approve or deny access for any reason they deem, as security is of the highest priority.

To request shell access, you should be working on a project that requires this access on a regular and ongoing basis. Any one time requests should simply request what data is required, we will not grant access for one time requests.

The process is handed within our request tracking (RT) system. The ticket should be filed under access-requests. If you do not have access to this system, you should discuss your access request in freenode IRC in #wikimedia-tech or #wikimedia-operations.

Your initial request should contain the following:

  • Your full name and contact information.
  • Your preferred shell user name.
  • Your public RSA/DSA key.
  • The project being worked on, full and detailed reason for access and what will be done with said access. Include as much information as possible, as it will detail what servers you need access to, and we can ensure that we get all the proper permissions correct.

There are varying levels of access via shell, and we will err on the side of 'less is more.' It is advised that you are as detailed as possible, or you may find yourself lacking the access you require.

Once a ticket has been created in RT, the following approvals must be obtained and linked into the ticket. Approval from your direct supervisor (this is nearly always a paid employee of the Foundation technical staff) and security review and approval by the Operations Manager. There will also be a three day commentary period on all access requests before they are granted, so please plan accordingly. In the case of more significant access requests, such as those from someone outside the Foundation or root access to a host, it is likely that such an access request will be discussed at the biweekly Operations team meeting. Once all these approvals are in the ticket and three days has gone by with no objections, any member of our operations team should be able to accommodate the request. The ticketing system will be used to dispatch the request to an actual operations team member.

Retrieved from "http://wikitech-old.wikimedia.org/index.php?title=Requesting_shell_access&oldid=56501"
Personal tools
Namespaces

Variants
Actions
Navigation
Ops documentation
Wiki
Toolbox