Ceo: Difference between revisions

From CSCWiki
Jump to navigation Jump to search
(Add feature requests)
(Redo member deletion and add membership change)
 
(39 intermediate revisions by 7 users not shown)
Line 1: Line 1:
[[Image:Pyceo.png|thumb|300px|right|<tt>pyceo</tt>'s main menu screen]]
CEO is the CSC member creation and administration interface. CEO was originally written in perl by persons of mysterious-ness. CEO was re-written in python by Michael Spang in early 2007.

ceo is the CSC member creation and administration interface. It was originally written in perl by persons of mysterious-ness, was re-written in python by Michael Spang in early 2007, and re-written again (in Python) by Syscom in 2020-2021. The source-code for ceo can be found in git: [https://git.csclub.uwaterloo.ca/public/pyceo https://git.csclub.uwaterloo.ca/public/pyceo].

= Instructions/Usage =
ceo can be accessed by running the "ceo" command from a terminal, or terminal emulator.
By default, a curses-based menu interface is presented. Use the arrow keys to navigate;
on many screens, pressing a letter will select the next menu item beginning with that letter.

=== Command-line Mode ===
Run <tt>ceo --help</tt> to see a list of command-line utilities.

== Adding a New Member ==
After a new member has paid the membership fee and signed the Machine Usage Policy forms, a new member account is added to the CSC system by selecting "New Member" in ceo and following the on-screen instructions. The new member's username is to be identical to their WatIAM username, if applicable. For WatIAM users, the name and program fields will automatically be filled after a username is provided.

== Renewing/Extending a Membership ==
A membership can be renewed or extended by selecting "Renew Membership" in the ceo interface.

== Hosted Clubs ==
Clubs are hosted free of charge. To create a new club account use the "New Club" option in the ceo interface.

=== Club Representatives ===
At this time, there is no limit to the number of representatives a club may have, but representative accounts must be registered with the "New Club Rep" option, and renewed with the "Renew Club Rep" option.

=== Other Club Features ===
For access to features beyond basic hosting (ie, databases), one of the club representatives will need to email the Systems Committee to have this set up.

= raymo's guide on how to fix things after screwing up =

== Changing a member to a nonmember (club rep) and vice-versa ==

ssh hfcs
kinit # if you don't already have <u>[[Kerberos#raymo's guide to keytabs|keytabs]]</u> set up
ldapvi -Y GSSAPI
Use <code>/<username></code> to search for the user in vi and change <code>term</code> to <code>nonMemberTerm</code> (or vice-versa) for the relevant terms. When you're done deleting the file should no longer contain the username. Save and quit (<code>:wq</code>) and press <code>y</code> when prompted.

== Deleting a member ==

* '''RULE: Never do this without good reason. We should NEVER delete accounts or groups that have been used before.'''

If you accidentally created a club rep as a regular member instead, see the [previous section|Ceo#Changing a member to a nonmember (club rep) and vice-versa]. For another reason that doesn't break the '''RULE''' above, first follow the steps in the change membership section above, up to and including <code>ldapvi</code>, then delete both the user and group LDAP records. These are separated by blank lines. When you're done deleting the file should no longer contain the username. Save and quit as if changing membership. Then:
ssh auth1
sudo kadmin.local
delprinc <username>
ssh phosphoric acid
sudo rm -rfI /users/<username>
Unsubscribe the user from [https://mailman.csclub.uwaterloo.ca/postorius/lists/syscom.csclub.uwaterloo.ca/members/member/ csc-general on mailman]


= Feature Requests and Ideas =
= Feature Requests and Ideas =


* Create a graphical and/or online version of ceo
* 'New member' should prompt for userid and then use uwldap to pre-fill name and program
* Add new members to fuse and plugdev groups
* Merge 'New member' and 'Create an account'

* Remove 'Library functions', as they are now in koha
= Contributing to CEO =
* Remove student ids from CEO and LDAP

** We do not provide student ids to MathSoc when we present memberlists
== Preliminary Steps ==
** It is against policy to store both student ids and names
=== Generate a GPG Key ===
* Remove 'Search for a member by student id'
In order to sign the ceo packages you will need to generate yourself a GPG key if you do not already have one. Assuming you do not run
* Add ability to set the executive

** The positions should be stored in LDAP
gpg --gen-key
** CEO should prompt for each position (pre-filling with the current position holder)

** CEO should then update ldap and regenerate aliases
Choose option (2) DSA (sign only). Choose no expiration when prompted and then your full name and email when asked. It will ask you to confirm the information and then for a passphrase.
*** We would have an /etc/aliases.exec or something

** The exec xml would be auto-generated from LDAP
=== Add Your Key To Mirror ===
ssh mirror.csclub.uwaterloo.ca
gpg --list-keys

Locate the 8-character id string. For example "16E37635" in
/users/m2ellis/.gnupg/pubring.gpg
---------------------------------
pub 1024D/'''16E37635''' 2010-08-19
uid Michael Ellis <m2ellis@csclub.uwaterloo.ca>

Now you must add this id into the file /srv/debian/conf/uploaders on mirror
sudo vim /srv/debian/conf/uploaders

Now in another terminal run
gpg --export --armor $KEYID

Now on mirror run
sudo -s
GNUPGHOME=/srv/debian/gpg gpg --import

Then paste the output from gpg --export --armor $KEYID and end with CTRL-D. It should give you a confirmation, example
gpg: key 16E37635: public key "Michael Ellis <m2ellis@csclub.uwaterloo.ca>" imported
gpg: Total number processed: 1
gpg: imported: 1

== Making Changes ==
The source-code for ceo can be found in git: [http://git.csclub.uwaterloo.ca/?p=public/pyceo.git;a=summary csclub:/users/git/public/pyceo.git]. To checkout the code run

git clone ~git/public/pyceo.git

When you are done making your change you need to update the changelog with dch. Assuming this is a minor incremental change run

dch -i

Add a description of your change and then save and quit. Once you are sure of your changes commit them to the git repository and push them (test them first!). To build the package run debuild

debuild

This will generate the *.deb files in the parent directory.

=== Uploading Changes to Mirror ===

In the directory containing the *.deb and *.changes files run
dupload

Then ssh to mirror and run
sudo rrr-incoming

The package should now be uploaded and you can update in the usual way with apt-get/aptitude.

[[Category:Software]]

Latest revision as of 17:52, 20 January 2022

pyceo's main menu screen

ceo is the CSC member creation and administration interface. It was originally written in perl by persons of mysterious-ness, was re-written in python by Michael Spang in early 2007, and re-written again (in Python) by Syscom in 2020-2021. The source-code for ceo can be found in git: https://git.csclub.uwaterloo.ca/public/pyceo.

Instructions/Usage

ceo can be accessed by running the "ceo" command from a terminal, or terminal emulator. By default, a curses-based menu interface is presented. Use the arrow keys to navigate; on many screens, pressing a letter will select the next menu item beginning with that letter.

Command-line Mode

Run ceo --help to see a list of command-line utilities.

Adding a New Member

After a new member has paid the membership fee and signed the Machine Usage Policy forms, a new member account is added to the CSC system by selecting "New Member" in ceo and following the on-screen instructions. The new member's username is to be identical to their WatIAM username, if applicable. For WatIAM users, the name and program fields will automatically be filled after a username is provided.

Renewing/Extending a Membership

A membership can be renewed or extended by selecting "Renew Membership" in the ceo interface.

Hosted Clubs

Clubs are hosted free of charge. To create a new club account use the "New Club" option in the ceo interface.

Club Representatives

At this time, there is no limit to the number of representatives a club may have, but representative accounts must be registered with the "New Club Rep" option, and renewed with the "Renew Club Rep" option.

Other Club Features

For access to features beyond basic hosting (ie, databases), one of the club representatives will need to email the Systems Committee to have this set up.

raymo's guide on how to fix things after screwing up

Changing a member to a nonmember (club rep) and vice-versa

ssh hfcs
kinit # if you don't already have keytabs set up
ldapvi -Y GSSAPI

Use /<username> to search for the user in vi and change term to nonMemberTerm (or vice-versa) for the relevant terms. When you're done deleting the file should no longer contain the username. Save and quit (:wq) and press y when prompted.

Deleting a member

  • RULE: Never do this without good reason. We should NEVER delete accounts or groups that have been used before.

If you accidentally created a club rep as a regular member instead, see the [previous section|Ceo#Changing a member to a nonmember (club rep) and vice-versa]. For another reason that doesn't break the RULE above, first follow the steps in the change membership section above, up to and including ldapvi, then delete both the user and group LDAP records. These are separated by blank lines. When you're done deleting the file should no longer contain the username. Save and quit as if changing membership. Then:

ssh auth1
sudo kadmin.local
delprinc <username>
ssh phosphoric acid
sudo rm -rfI /users/<username>

Unsubscribe the user from csc-general on mailman

Feature Requests and Ideas

  • Create a graphical and/or online version of ceo
  • Add new members to fuse and plugdev groups

Contributing to CEO

Preliminary Steps

Generate a GPG Key

In order to sign the ceo packages you will need to generate yourself a GPG key if you do not already have one. Assuming you do not run

gpg --gen-key

Choose option (2) DSA (sign only). Choose no expiration when prompted and then your full name and email when asked. It will ask you to confirm the information and then for a passphrase.

Add Your Key To Mirror

ssh mirror.csclub.uwaterloo.ca
gpg --list-keys

Locate the 8-character id string. For example "16E37635" in

/users/m2ellis/.gnupg/pubring.gpg
---------------------------------
pub   1024D/16E37635 2010-08-19
uid                  Michael Ellis <m2ellis@csclub.uwaterloo.ca>

Now you must add this id into the file /srv/debian/conf/uploaders on mirror

sudo vim /srv/debian/conf/uploaders

Now in another terminal run

gpg --export --armor $KEYID

Now on mirror run

sudo -s
GNUPGHOME=/srv/debian/gpg gpg --import

Then paste the output from gpg --export --armor $KEYID and end with CTRL-D. It should give you a confirmation, example

gpg: key 16E37635: public key "Michael Ellis <m2ellis@csclub.uwaterloo.ca>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Making Changes

The source-code for ceo can be found in git: csclub:/users/git/public/pyceo.git. To checkout the code run

git clone ~git/public/pyceo.git

When you are done making your change you need to update the changelog with dch. Assuming this is a minor incremental change run

dch -i

Add a description of your change and then save and quit. Once you are sure of your changes commit them to the git repository and push them (test them first!). To build the package run debuild

debuild

This will generate the *.deb files in the parent directory.

Uploading Changes to Mirror

In the directory containing the *.deb and *.changes files run

dupload

Then ssh to mirror and run

sudo rrr-incoming

The package should now be uploaded and you can update in the usual way with apt-get/aptitude.