Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The OCTOPASS is linux user mangement tool for cloud or github generation

linyows
June 30, 2017
Programming
3
680

The OCTOPASS is linux user mangement tool for cloud or github generation

YAPC::Fukuoka 2017 Hakata の 前々夜野菜 in GMO Pepabo の資料です

linyows

June 30, 2017
Tweet

More Decks by linyows

See All by linyows
リバースエンジニアリングとGoでSlackの認知負荷を下げる / Reducing cognitive load in Slack with Reverse-engineering and Go
linyows
2
56
透過型SMTPプロキシによる送信メールの可観測性向上 / Improved observability of outgoing emails with transparent smtp proxy
linyows
2
680
プロダクションで使うGo Pluginの利便性とパフォーマンス性 / Simplicity and Performance of Go plugin for Production
linyows
0
290
求められるソフトウェアエンジニア像とキャリア戦略 / Engineers and Career Strategies Required Now
linyows
2
300
CloudflareのCAPTCHAを使って ユーザ体験を下げず不正利用を排除する / Cloudflare's captcha case study that does not degrade ux
linyows
0
240
なぜNotionを使うのか2022 / Why use notion as our workspace in 2022
linyows
3
5.7k
Denoの仕組み / How deno works as TypeScript runtime
linyows
2
640
透過型SMTPプロキシによるメール送信集約とキュー輻輳回避の検討 / A Study on Aggregation of Email Transfer and Avoidance of QueueCongestion using a Transparent SMTP Proxy
linyows
0
2.1k
Goでつくる透過型SMTPプロキシ / Transparent SMTP proxy in Go
linyows
1
810

Other Decks in Programming

See All in Programming
障害対応を起点としたもっといい開発と運用のサイクル作りのためにできること / Hatena Enginner Seminar #29
polamjag
0
310
効率化に挑戦してみたらモバイル開発が少し快適になった話
ryunakayama
0
130
AmperとFleetを使ったAndroidアプリ
yoppie
0
240
スキーマ駆動開発による品質とスピードの両立 - 私達は何故、スキーマを書くのか
kentaroutakeda
0
170
Compose-View Interop in Practice (mDevCamp 2024)
stewemetal
0
160
ゆるい個人開発のススメ
kuroppe1819
10
1k
大規模Reactアプリのリアーキテクチャ~8万行のTanStack Query移行の軌跡~
kj455
4
990
敵対的ポイフル
futabato
0
120
MicrosoftのPlatform Engineeringガイドを読んで実際になにかやってみた
ymd65536
1
490
Java 22 Overview
kishida
1
190
ServerAction で Progressive Enhancement はどこまで頑張れるか? / progressive-enhancement-with-server-action
takefumiyoshii
6
370
SIMD Parallel Programming with the Vector API
josepaumard
0
220

Featured

See All Featured
Bootstrapping a Software Product
garrettdimon
PRO
302
110k
RailsConf 2023
tenderlove
8
550
YesSQL, Process and Tooling at Scale
rocio
165
13k
BBQ
matthewcrist
80
8.8k
Producing Creativity
orderedlist
PRO
338
39k
Creatively Recalculating Your Daily Design Routine
revolveconf
211
11k
In The Pink: A Labor of Love
frogandcode
138
21k
Principles of Awesome APIs and How to Build Them.
keavy
121
16k
Building Adaptive Systems
keathley
32
1.9k
Raft: Consensus for Rubyists
vanstee
133
6.3k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
222
21k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
155
14k

Transcript

  1. খా஌ԝ(.01FQBCP *OD +VOF :"1$'VLVPLB)BLBUBલʑ໷ࡇ ඇެࣜ $MPVEHJUIVC࣌୅ͷ -JOVYೝূΛ࣮ݱ͢Δ 0$501"44

  2. ϓϦϯγύϧΤϯδχΞ খా஌ԝ!MJOZPXT ٕज़෦ٕज़ج൫νʔϜ IUUQUPNPIJTBPEBDPN

  3. ʘʘɹΑ͏ͦ͜෱Ԭɹʗʗ ʘɹΑ͏ͦ͜ϖύϘ෱Ԭ΁ɹʗ ࣸਅఏڙɿ෱Ԭࢢ

  4. -JOVYϢʔβೝূ Ͳ͏͍ͯ͠·͔͢ʁ

  5. -JOVYϢʔβ౷߹؅ཧͱ͍͑͹ ๏ -%"1 ๏ 3BEJVT ๏ "DUJWF%JSFDUPSZ ๏ 45/4ʢฐࣾϐʔࢁ࡞

  6. ݖݶͷਃ੥ͱڐՄ ଐਓԽ͓ͨ͠࢓ࣄ ·ͨ͸ খن໛ʹ͸৑௕

  7. ͕͜͜ෆຬ ๏ ϩάΠϯ͍͚ͨͩ͠ͳͷʹڐՄ΋Β͏ͷ͕େม ๏ ౷߹؅ཧ͍ͯ͠Δಾͷ৬ۀ͕ੜ·ΕΔ ๏ ૊৫ن໛͕େ͖͍ͱ݁ہ֤ॴͰ؅ཧ͞ΕΔ ๏ খ͘͞؅ཧ͍ͨ͠ͷʹαʔόͨͯͨΓԿ͔ͱ࡞ۀ ๏

    ७ਮʹӡ༻͕໘౗

  8. ࠓ೔ɺԿ͔͠Β αʔόʹϩάΠϯ͠·ͨ͠ʁ

  9. ʘͦ͏͍͏͜ͱͳΜͰ͢Αʗ

  10. ࣌୅తͳ͜ͱ ๏ ΦϯϓϨϛε͔ΒΫϥ΢υ ๏ 3PMF)PTUɺ*OGSBTUSVDUVSFBT$PEF͕ී௨ ๏ ίϯςφܕԾ૝Խ͕ҰൠԽ ๏ )"ΫϥελʹΑΓϩάϞχλϦϯά͕֎΁ ๏

    αʔόϨεΞʔΩςΫνϟ

  11. ෳࡶ͞ස౓ػձɺݮͬͨͱ͸͍͑ -JOVYϢʔβ؅ཧ͸ ͳ͘ͳΒͳ͍ΜͰ͢Α

  12. ΄Μͱ͏ʹ΍Γ͍ͨ͜ͱ ๏ ݖݶ෼཭ɺҠৡʢେ౷Ұ͸ເ ๏ ֤෦ॺͰ-JOVYϢʔβΛҰݩ؅ཧ ๏ 44)ͷݤೝূ ๏ ؅ཧ͕؆୯Ͱ͙͢൓өͰ͖Δ

  13. ΄͍͠΋ͷ͸࡞Δʂ

  14. None

  15. 1MFBTFEPO`UEPUIFTFUIJOHT ʷ6TFUIF0DUPDBUPS(JU)VCMPHPGPSZPVSBQQMJDBUJPO`TJDPO ʷ$SFBUFBNPEJpFEWFSTJPOPGUIF0DUPDBUPS(JU)VCMPHP ʷ*OUFHSBUFUIF0DUPDBUPS(JU)VCMPHPJOUPZPVSMPHP ʷ6TFBOZ(JU)VCBSUXPSLXJUIPVUQFSNJTTJPO ʷ4FMMBOZ(JU)VCBSUXPSLXJUIPVUQFSNJTTJPO ʷ$IBOHFUIFDPMPST EJNFOTJPOTPSBEEZPVSPXOUFYUJNBHFT IUUQTHJUIVCDPNMPHPT

  16. None
  17. None

  18. Πϯετʔϧͱઃఆ $ sudo apt-get install octopass $ cat <<EOF >

    /etc/octopass.conf Token = "iad87dih122ce66a1e20a751664c8a9dkoak87g7" Organization = "fukuokago" Team = “operators” EOF $ sudo chown root:root /etc/octopass.conf

  19. HJUIVC͔Β໊લ͕ͻ͚ɺݤ͕औΕΔ $ id ken uid=5458(ken) gid=2000(operators) groups=2000(operators) $ octopass passwd

    chun-li:x:14301:2000:managed by octopass:/home/chun-li:/bin/bash dhalsim:x:8875:2000:managed by octopass:/home/dhalsim:/bin/bash ken:x:5458:2000:managed by octopass:/home/ken:/bin/bash $ octopass ken ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqUJvs1vRgHRMH9dpxYcBBV687njS2YrJ+oeIK…

  20. ΄͔ʹ TTIE@DPOpH QBNETTIE OTTXJUDIDPOG Λमਖ਼͢Δ͚ͩͰTTIϩάΠϯ͕ Ͱ͖ΔΑ͏ʹͳΔΜͰ͢

  21. -JOVYೝূͷ࢓૊Έ

  22. -JOVYೝূͷ࢓૊Έ ๏ ೝূ͸1".͕֤ೝূ࣮૷ͷΠϯλʔϑΣʔεͱͳ͍ͬͯΔ ๏ 1".1MVHHBCMF"VUIFOUJDBUJPO.PEVMF ๏ ϢʔβΛ/44Λ௨໊ͯ͠લղܾ͍ͯ͠Δ ๏ /44/BNF4FSWJDF4XJUDI ๏

    IPTU QBTTXE HSPVQͳͲΛpMFT ECͱ͍ͬͨݕࡧݩΛࢦఆ

  23. OTTXJUDIDPOGFYBNQMF passwd: files ldap shadow: files group: files ldap hosts:

    dns nis files ethers: files nis …

  24. QBNDPOGFYBNQMF #%PAM-1.0 auth required pam_securetty.so auth required pam_unix.so shadow nullok

    auth required pam_nologin.so account required pam_unix.so password required pam_cracklib.so retry=3 password required pam_unix.so shadow nullok use_authtok session required pam_unix.so

  25. 44)% MJCQBN MJCOTT QBN@VOJY QBN@ OTT@pMFT OTT@ 44)%ͷ৔߹ ެ։ݤೝূ͸"VUIPSJ[FE,FZT$PNNBOE͕࢖͑ɺVTFQBN͢Δ͜ͱͰۭύεϫʔ υͰ΋ݤೝূͰ͖Δ

  26. 0$501"44Ͱ ޻෉ͨ͜͠ͱͱࠓޙͷ՝୊

  27. ΞʔΩςΫνϟ

  28. 0$501"44Ͱ޻෉ͨ͜͠ͱ ๏ (JUIVC͕མͪͯͯ΋ಈ࡞͢Δ DBDIF ๏ ໊લղܾͳͷͰߴ଎ʹಈ࡞͢Δ DBDIF ๏ VOJUUFTUॻ͘ʢDSJUFSJPO ๏

    ΋ͪΖΜ౷߹ςετʢCBTIEFʜ ๏ ґଘੑΛݮΒ͢ʢMJCDVSMͱKBOTTPO ๏ ֤छEJTUQLHͷ࡞੒ΛࣗಈԽ EPDLFSDPNQPTF

  29. 0$501"44͕ղܾ͢Δ͜ͱ ๏(JUIVC5FBNʹΑΔ-JOVY6TFSͷ໊લղܾ ๏(JUIVC1VCMJD,FZTʹΑΔݤೝূ ๏(JUIVC1FSTPOBM5PLFOʹΑΔೝূ

  30. ࢒ͨ͠՝୊ ๏େن໛ߏ੒Ͱಋೖ͢Δͱ(JUIVC"1*ͷ 3BUF-JNJUͷ͔͔ͬͯ͠·͏ Ὃ ๏&UDE΍$POTVM,7ͰΩϟογϡΛڞ௨Խ

  31. ·ͱΊ

  32. ·ͱΊ ๏ -JOVYϢʔβೝূ΋ਐԽ͠ͳ͚Ε͹ͳΒͳ͍͠޻෉͢ Δ͚ͩͰศརʹͳΔ ๏ ࢥͬͨΑΓ$ා͘ͳ͍͠৭ʑษڧʹͳΔ ๏ 0$501"44ຊ౰ʹศརͳͷͰ࢖ͬͯΈͯ

  33. ܅΋ϖύϘͰಇ͔ͳ͍͔ʁ ࠷৽ͷ࠾༻৘ใΛνΣοΫˠ !QC@SFDSVJU

  34. ͋Γ͕ͱ͏͍͟͝·ͨ͠