Closed dpjohnson closed 8 years ago
To force stop a user's PUN:
nginx_stage nginx --user=bob --signal=stop
This would need to be run after the shell is set to /access/denied
. Also it will need to be run on every web node.
Note: nginx_stage
will not start up the user's PUN by default if their shell is /access/denied
. The default is seen here:
and here
SSO credentials being invalidated will have to be handled by Apache and that is a fairly complicated matter.
Thanks for the clarification, forgot about --signal. Let's talk more about invalidating SSO credentials as a separate issue. Should we close this issue, and open a separate one for SSO invalidation, or use this issue?
Opened server-side cache invalidation portion of this issue in corresponding repo.
This request is for a 'force_stop/force_clean' feature that would be used initially in conjunction with disabling workshop accounts. The user's shell would be set to /access/denied before forcing the stop and cleanup of the PUN. Any state should be removed, and if possible, SSO credentials should be invalidated.