m-a u too verbose for a cron job
After deploying monkeysphere system-wide on Koumbit's infrastructure, we ended up with hundreds of (automated) opened tickets from the monkeysphere-authentication update-users cronjob we deployed.
A few examples:
gpg: vérification de la base de confiance
... that should really be silent.
ms: improper group writability on '/home/anarcat'
... while I appreciate the security attention, there are perfectly legitimate reasons for my home to be group-writable, leave me alone.
ms: Failure (2) searching keyserver pool.sks-keyservers.net for user id 'Antoine Beaupré '
... a transient error, probably, this shouldn't be an error condition that triggers an email.
ms: improper ownership on '/home/scyrma/.ssh/authorized_keys': owner ID 1002 is neither scyrma (ID 1003) nor the superuser ms: improper ownership on '/home/anarcat': owner ID 1002 is neither anarcat (ID 10001) nor the superuser
... again, what business of yours? 1002 is the /etc/password uid, and 100001 is the LDAP uid... a working configuration, or at least, working enough that we didn't notice the problem until we installed monkeysphere.
We have simply silenced the whole cronjob as it is, but it seems like a bad solution... I would rather not flush the baby with the bathwater and be aware when monkeysphere really fails.
Related issues: #499, #500, #2699
(from redmine: created on 2013-11-19)