Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The OCTOPASS is linux user mangement tool for c...

linyows
June 30, 2017
Programming
3
810

The OCTOPASS is linux user mangement tool for cloud or github generation

YAPC::Fukuoka 2017 Hakata の 前々夜野菜 in GMO Pepabo の資料です

linyows

June 30, 2017
Tweet

More Decks by linyows

See All by linyows
透過型SMTPプロキシによる送信メールの可観測性向上: Update Edition / Improved observability of outgoing emails with transparent smtp proxy: Update edition
linyows
2
210
研究の再現性を高める 仕組みをGoでつくる / Creating a system to improve the reproducibility of research using go
linyows
1
120
奥が深いメールのシステム / The depth of Email system
linyows
3
420
IaCにおけるテスト考察 / Tests in IaC
linyows
2
440
リバースエンジニアリングとGoでSlackの認知負荷を下げる / Reducing cognitive load in Slack with Reverse-engineering and Go
linyows
2
280
透過型SMTPプロキシによる送信メールの可観測性向上 / Improved observability of outgoing emails with transparent smtp proxy
linyows
2
960
プロダクションで使うGo Pluginの利便性とパフォーマンス性 / Simplicity and Performance of Go plugin for Production
linyows
0
510
求められるソフトウェアエンジニア像とキャリア戦略 / Engineers and Career Strategies Required Now
linyows
2
480
CloudflareのCAPTCHAを使って ユーザ体験を下げず不正利用を排除する / Cloudflare's captcha case study that does not degrade ux
linyows
0
360

Other Decks in Programming

See All in Programming
Snowflake x dbtで作るセキュアでアジャイルなデータ基盤
tsoshiro
2
520
Jakarta Concurrencyによる並行処理プログラミングの始め方 (JJUG CCC 2024 Fall)
tnagao7
1
290
Laravel や Symfony で手っ取り早く
OpenAPI のドキュメントを作成する
azuki
2
110
Remix on Hono on Cloudflare Workers
yusukebe
1
280
AWS IaCの注目アップデート 2024年10月版
konokenj
3
3.3k
よくできたテンプレート言語として TypeScript + JSX を利用する試み / Using TypeScript + JSX outside of Web Frontend #TSKaigiKansai
izumin5210
6
1.7k
Amazon Qを使ってIaCを触ろう!
maruto
0
400
シールドクラスをはじめよう / Getting Started with Sealed Classes
mackey0225
4
640
Creating a Free Video Ad Network on the Edge
mizoguchicoji
0
120
GitHub Actionsのキャッシュと手を挙げることの大切さとそれに必要なこと
satoshi256kbyte
5
430
ECS Service Connectのこれまでのアップデートと今後のRoadmapを見てみる
tkikuc
2
250
2024/11/8 関西Kaggler会 2024 #3 / Kaggle Kernel で Gemma 2 × vLLM を動かす。
kohecchi
5
910

Featured

See All Featured
StorybookのUI Testing Handbookを読んだ
zakiyama
27
5.3k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
8.2k
Raft: Consensus for Rubyists
vanstee
136
6.6k
Designing for Performance
lara
604
68k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
Designing the Hi-DPI Web
ddemaree
280
34k
It's Worth the Effort
3n
183
27k
Gamification - CAS2011
davidbonilla
80
5k
Docker and Python
trallard
40
3.1k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5k
Automating Front-end Workflow
addyosmani
1366
200k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k

Transcript

  1. খా஌ԝ(.01FQBCP *OD +VOF :"1$'VLVPLB)BLBUBલʑ໷ࡇ ඇެࣜ $MPVEHJUIVC࣌୅ͷ -JOVYೝূΛ࣮ݱ͢Δ 0$501"44

  2. ϓϦϯγύϧΤϯδχΞ খా஌ԝ!MJOZPXT ٕज़෦ٕज़ج൫νʔϜ IUUQUPNPIJTBPEBDPN

  3. ʘʘɹΑ͏ͦ͜෱Ԭɹʗʗ ʘɹΑ͏ͦ͜ϖύϘ෱Ԭ΁ɹʗ ࣸਅఏڙɿ෱Ԭࢢ

  4. -JOVYϢʔβೝূ Ͳ͏͍ͯ͠·͔͢ʁ

  5. -JOVYϢʔβ౷߹؅ཧͱ͍͑͹ ๏ -%"1 ๏ 3BEJVT ๏ "DUJWF%JSFDUPSZ ๏ 45/4ʢฐࣾϐʔࢁ࡞

  6. ݖݶͷਃ੥ͱڐՄ ଐਓԽ͓ͨ͠࢓ࣄ ·ͨ͸ খن໛ʹ͸৑௕

  7. ͕͜͜ෆຬ ๏ ϩάΠϯ͍͚ͨͩ͠ͳͷʹڐՄ΋Β͏ͷ͕େม ๏ ౷߹؅ཧ͍ͯ͠Δಾͷ৬ۀ͕ੜ·ΕΔ ๏ ૊৫ن໛͕େ͖͍ͱ݁ہ֤ॴͰ؅ཧ͞ΕΔ ๏ খ͘͞؅ཧ͍ͨ͠ͷʹαʔόͨͯͨΓԿ͔ͱ࡞ۀ ๏

    ७ਮʹӡ༻͕໘౗

  8. ࠓ೔ɺԿ͔͠Β αʔόʹϩάΠϯ͠·ͨ͠ʁ

  9. ʘͦ͏͍͏͜ͱͳΜͰ͢Αʗ

  10. ࣌୅తͳ͜ͱ ๏ ΦϯϓϨϛε͔ΒΫϥ΢υ ๏ 3PMF)PTUɺ*OGSBTUSVDUVSFBT$PEF͕ී௨ ๏ ίϯςφܕԾ૝Խ͕ҰൠԽ ๏ )"ΫϥελʹΑΓϩάϞχλϦϯά͕֎΁ ๏

    αʔόϨεΞʔΩςΫνϟ

  11. ෳࡶ͞ස౓ػձɺݮͬͨͱ͸͍͑ -JOVYϢʔβ؅ཧ͸ ͳ͘ͳΒͳ͍ΜͰ͢Α

  12. ΄Μͱ͏ʹ΍Γ͍ͨ͜ͱ ๏ ݖݶ෼཭ɺҠৡʢେ౷Ұ͸ເ ๏ ֤෦ॺͰ-JOVYϢʔβΛҰݩ؅ཧ ๏ 44)ͷݤೝূ ๏ ؅ཧ͕؆୯Ͱ͙͢൓өͰ͖Δ

  13. ΄͍͠΋ͷ͸࡞Δʂ

  14. None

  15. 1MFBTFEPO`UEPUIFTFUIJOHT ʷ6TFUIF0DUPDBUPS(JU)VCMPHPGPSZPVSBQQMJDBUJPO`TJDPO ʷ$SFBUFBNPEJpFEWFSTJPOPGUIF0DUPDBUPS(JU)VCMPHP ʷ*OUFHSBUFUIF0DUPDBUPS(JU)VCMPHPJOUPZPVSMPHP ʷ6TFBOZ(JU)VCBSUXPSLXJUIPVUQFSNJTTJPO ʷ4FMMBOZ(JU)VCBSUXPSLXJUIPVUQFSNJTTJPO ʷ$IBOHFUIFDPMPST EJNFOTJPOTPSBEEZPVSPXOUFYUJNBHFT IUUQTHJUIVCDPNMPHPT

  16. None
  17. None

  18. Πϯετʔϧͱઃఆ $ sudo apt-get install octopass $ cat <<EOF >

    /etc/octopass.conf Token = "iad87dih122ce66a1e20a751664c8a9dkoak87g7" Organization = "fukuokago" Team = “operators” EOF $ sudo chown root:root /etc/octopass.conf

  19. HJUIVC͔Β໊લ͕ͻ͚ɺݤ͕औΕΔ $ id ken uid=5458(ken) gid=2000(operators) groups=2000(operators) $ octopass passwd

    chun-li:x:14301:2000:managed by octopass:/home/chun-li:/bin/bash dhalsim:x:8875:2000:managed by octopass:/home/dhalsim:/bin/bash ken:x:5458:2000:managed by octopass:/home/ken:/bin/bash $ octopass ken ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqUJvs1vRgHRMH9dpxYcBBV687njS2YrJ+oeIK…

  20. ΄͔ʹ TTIE@DPOpH QBNETTIE OTTXJUDIDPOG Λमਖ਼͢Δ͚ͩͰTTIϩάΠϯ͕ Ͱ͖ΔΑ͏ʹͳΔΜͰ͢

  21. -JOVYೝূͷ࢓૊Έ

  22. -JOVYೝূͷ࢓૊Έ ๏ ೝূ͸1".͕֤ೝূ࣮૷ͷΠϯλʔϑΣʔεͱͳ͍ͬͯΔ ๏ 1".1MVHHBCMF"VUIFOUJDBUJPO.PEVMF ๏ ϢʔβΛ/44Λ௨໊ͯ͠લղܾ͍ͯ͠Δ ๏ /44/BNF4FSWJDF4XJUDI ๏

    IPTU QBTTXE HSPVQͳͲΛpMFT ECͱ͍ͬͨݕࡧݩΛࢦఆ

  23. OTTXJUDIDPOGFYBNQMF passwd: files ldap shadow: files group: files ldap hosts:

    dns nis files ethers: files nis …

  24. QBNDPOGFYBNQMF #%PAM-1.0 auth required pam_securetty.so auth required pam_unix.so shadow nullok

    auth required pam_nologin.so account required pam_unix.so password required pam_cracklib.so retry=3 password required pam_unix.so shadow nullok use_authtok session required pam_unix.so

  25. 44)% MJCQBN MJCOTT QBN@VOJY QBN@ OTT@pMFT OTT@ 44)%ͷ৔߹ ެ։ݤೝূ͸"VUIPSJ[FE,FZT$PNNBOE͕࢖͑ɺVTFQBN͢Δ͜ͱͰۭύεϫʔ υͰ΋ݤೝূͰ͖Δ

  26. 0$501"44Ͱ ޻෉ͨ͜͠ͱͱࠓޙͷ՝୊

  27. ΞʔΩςΫνϟ

  28. 0$501"44Ͱ޻෉ͨ͜͠ͱ ๏ (JUIVC͕མͪͯͯ΋ಈ࡞͢Δ DBDIF ๏ ໊લղܾͳͷͰߴ଎ʹಈ࡞͢Δ DBDIF ๏ VOJUUFTUॻ͘ʢDSJUFSJPO ๏

    ΋ͪΖΜ౷߹ςετʢCBTIEFʜ ๏ ґଘੑΛݮΒ͢ʢMJCDVSMͱKBOTTPO ๏ ֤छEJTUQLHͷ࡞੒ΛࣗಈԽ EPDLFSDPNQPTF

  29. 0$501"44͕ղܾ͢Δ͜ͱ ๏(JUIVC5FBNʹΑΔ-JOVY6TFSͷ໊લղܾ ๏(JUIVC1VCMJD,FZTʹΑΔݤೝূ ๏(JUIVC1FSTPOBM5PLFOʹΑΔೝূ

  30. ࢒ͨ͠՝୊ ๏େن໛ߏ੒Ͱಋೖ͢Δͱ(JUIVC"1*ͷ 3BUF-JNJUͷ͔͔ͬͯ͠·͏ Ὃ ๏&UDE΍$POTVM,7ͰΩϟογϡΛڞ௨Խ

  31. ·ͱΊ

  32. ·ͱΊ ๏ -JOVYϢʔβೝূ΋ਐԽ͠ͳ͚Ε͹ͳΒͳ͍͠޻෉͢ Δ͚ͩͰศརʹͳΔ ๏ ࢥͬͨΑΓ$ා͘ͳ͍͠৭ʑษڧʹͳΔ ๏ 0$501"44ຊ౰ʹศརͳͷͰ࢖ͬͯΈͯ

  33. ܅΋ϖύϘͰಇ͔ͳ͍͔ʁ ࠷৽ͷ࠾༻৘ใΛνΣοΫˠ !QC@SFDSVJU

  34. ͋Γ͕ͱ͏͍͟͝·ͨ͠