From owner-freebsd-chat  Fri Oct 26  1:31:36 2001
Delivered-To: freebsd-chat@freebsd.org
Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131])
	by hub.freebsd.org (Postfix) with ESMTP id BF65337B403
	for <freebsd-chat@freebsd.org>; Fri, 26 Oct 2001 01:31:34 -0700 (PDT)
Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk)
	by jake.akitanet.co.uk with esmtp (Exim 3.13 #3)
	id 15x2Ok-0002Fp-00; Fri, 26 Oct 2001 09:31:26 +0100
Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2)
	id 15x2Ot-0006C3-00; Fri, 26 Oct 2001 09:31:35 +0100
Date: Fri, 26 Oct 2001 09:31:35 +0100
From: Paul Robinson <paul@akita.co.uk>
To: Ryan Thompson <ryan@sasknow.com>
Cc: freebsd-chat@freebsd.org
Subject: Re: User/virtual administration
Message-ID: <20011026093135.B22182@jake.akitanet.co.uk>
References: <Pine.BSF.4.21.0110252148360.32705-100000@ren.sasknow.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.BSF.4.21.0110252148360.32705-100000@ren.sasknow.com>; from ryan@sasknow.com on Thu, Oct 25, 2001 at 10:37:02PM -0600
X-Scanner: exiscan *15x2Ok-0002Fp-00*$AK$6cuRgf3Tf/16Kj5HddlT8.*
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-chat.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-chat>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-chat>
X-Loop: FreeBSD.org

I would advise that you look at:

http://ark.sourceforge.net

It's early days, but the underlying concept is related to what you are
proposing, and if the code turns out as good as the talk (reading
'Motivations', 'Key Ideas' and 'Fundamentals' should get you fired up), then
this will turn into something very interesting indeed.

I think the key to projects like this are to be able to produce a set of
open 'best practise' policies, with the tools there to support them. The
advantage to this approach is that I can still modify the policy to be able
to keep my alias table in a MySQL table, have my RADIUS authenticate
everybody no matter what user/pass you whack in, and other site-specific
madness.

I think taking sysadmin to the next level of abstraction is long overdue.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message