fix: redact HPC username and remove hardcoded home paths#79
Conversation
- hpc/monitor_job.sh: replace hardcoded `zyyu` with `$USER` in squeue call - wezterm/.wezterm.lua: replace `zyyu` username placeholder in ssh_domains and launch_menu SSH entry (same redaction pattern as ssh/config PR #50) https://claude.ai/code/session_01WgPdS4Zw5VcKhxYsuvCWXq
…me dir - sway/40-sway-background.conf: replace /home/stanfish/Git/my-configs/img/space.jpeg with ~/.config/sway/wallpaper.jpeg (same stable-path pattern as PR #47 for i3). Wire up once at deploy time: ln -sf ~/Git/my-configs/img/space.jpeg ~/.config/sway/wallpaper.jpeg - linux/services/email.service: replace hardcoded User=stanfish and /home/stanfish/ path with %h specifier (systemd expands %h to the home directory of the configured User). Add placeholder comment for User=. https://claude.ai/code/session_01WgPdS4Zw5VcKhxYsuvCWXq
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3b629382d5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| name = "greatlakes", | ||
| remote_address = "greatlakes.arc-ts.umich.edu", | ||
| username = "zyyu", | ||
| username = "username", |
There was a problem hiding this comment.
Replacing the real account with the literal string "username" makes both connection paths attempt to authenticate as a non-existent user unless someone manually edits the file, so the built-in Great Lakes entries stop working out of the box. To keep this portable without breaking connectivity, this should derive the username from environment/SSH config or omit it rather than hardcoding a placeholder account name.
Useful? React with 👍 / 👎.
| # User= # set locally: User=your-username | ||
| ExecStart=%h/scripts/system/fetch-emails.sh |
There was a problem hiding this comment.
Commenting out User= changes this from an unprivileged user service to running as root in the system manager, which also changes %h to root’s home and makes ExecStart resolve under /root rather than the intended account. On hosts where the script is in a normal user home, this will fail to start and also broadens privileges unexpectedly.
Useful? React with 👍 / 👎.
2 participants
Closes #77
Closes #78
Changes
1.
hpc/monitor_job.sh— use$USERinstead ofzyyu(info leak)zyyuwas a hardcoded HPC username missed when PR #39/PR #50 cleanedssh/configandhpc/ssh/config. Using$USERmakes the script work for any account.2.
wezterm/.wezterm.lua— redactzyyuusername (info leak)Same redaction pattern as
ssh/config(PR #50).3.
sway/40-sway-background.conf— stable wallpaper path (compatibility)Same pattern as PR #47 for i3. Wire up at deploy time:
4.
linux/services/email.service— use%hspecifier (compatibility)%his the systemd home-directory specifier for the configuredUser=.Test plan
grep -r 'zyyu\|zyu14' hpc/monitor_job.sh wezterm/— no matchesgrep -r 'home/stanfish' sway/ linux/services/— no matchesmonitor_job.shon HPC lists current user's jobs~/.config/sway/wallpaper.jpeghttps://claude.ai/code/session_01WgPdS4Zw5VcKhxYsuvCWXq
Generated by Claude Code