• Wikitech username: CMaslak
• Preferred shell username: cmaslak
• Email address: cmaslak at wikimedia.org
• SSH Key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDRJxqMSX8mBEXwkSfmPligqsfmilDYiip+D4V3+b+sP+Kw2i0+Ti+CQzRxiw8k5wREXoRafMJw302m2/7bvZGcgy5WCG08btYO8OGoINYXbOphTZGmSiHMAjbM9pMfj4A1keJ01qoImQl6keoH37bhXaFbTv9Yi0Voq0ZeipsrtsW+D7DXiilzC43PyVAEouLN7wjVIzcXR9IYSQUlfbIbwOiVu7T4tsTRyDh2Q2g0/phMLoYeTRE6DqdI21XWcqHr1RGjQp+D1q0F59gWwc6/z+aR5Tfasujrd4RRbA01sYu8H4ATPCZUkjIVm+bgBARsFyBoUyUXcjTL9jdjmVT9mMvQz+mDzoFXSdBlbbLN6d/K0QwWw0l5E3iTo7Jcsr1/P1TfBoKT829p9/HhZiW/MlRk9TB6hezSXgwS2X9otUDXKDEOn9v6eJqwUI2cL0KA3NSw0bycDbLYc+n6jv/ogQZyID60va8RRE8qi6MixHZYbW0RMGpN7LwmVuXXan/GHl7gT0DMLXBIM8i5+PVxr4H4UnzF5MwuT3EMO8UB6x42TlHeg5nqzURp2AK+SbsySWob58O2p3VArTbf+rNeQoWG1dFstB5hT9lHNibHVFgcIQAhyHhagiHqaO9nhkdatAU5NoxBfnP6s8qmO4M9+9uEeb9T8ChE2jE7p2BATQ== .
• Requested group membership: ‘restricted’ and ‘analytics-privatedata-users’

I'd like to request membership for @chmielkomaslak to the ‘restricted’ and ‘analytics-privatedata-users’ group. The Trust and Safety team has a number of workflows requiring shell access and private analytics logs (hadoop). He is a member of the T&S team and requires those accesses for his regular works. Specifically some of the workflows he needs to be able to do (and needs this access for):

• Run maintenance scripts (mwmaint servers) to:
  • To add or reset user email addresses when locked out of their account (again after identity verification)
  • To permanently remove illegal images from the servers
• Lookup private information such as user email addresses for legal or T&S investigations (such as urgent threats of harm or court orders).
• Query webserver logs for private information such as IPs which have viewed certain pages (usually court orders)

Chmielko has already signed L3. @NNair is Chmielko’s people manager. Naha, could you confirm/approve this request by commenting here?

SRE Clinic Duty Confirmation Checklist for Access Requests

This checklist should be used on all access requests to ensure that all steps are covered, including expansion to existing access. Please double check the step has been completed before checking it off.

This section is to be confirmed and completed by a member of the SRE team.

• - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
• - User has a valid NDA on file with WMF legal. (This can be checked by Operations via the NDA tracking sheet & is included in all WMF Staff/Contractor hiring.)
• - User has provided the following: wikitech username, preferred shell username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform)
• - User has provided a public SSH key.
• - access request has sign off of WMF manager
• - access request has sign off of group approver for 'restricted' T289257#7296726
• - access request has sign off of group approver for 'analytics-privatedata-users'
• - Patchset for access request