Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 26 Oct 2001 10:19:51 -0600 (CST)
From:      Ryan Thompson <ryan@sasknow.com>
To:        Paul Robinson <paul@akita.co.uk>
Cc:        freebsd-chat@FreeBSD.ORG
Subject:   Re: User/virtual administration
Message-ID:  <Pine.BSF.4.21.0110260952530.49287-100000@ren.sasknow.com>
In-Reply-To: <20011026093135.B22182@jake.akitanet.co.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
Paul Robinson wrote to Ryan Thompson:

> I would advise that you look at:
> 
> http://ark.sourceforge.net

Hi Paul,

I like the Ark concept (I really do), but I think it is quite different
than what I am looking for. ARK, like many other packages out there, seems
to be stuck on the concept of service-centric administration (configuring
daemons). That's fine, if you were born thinking like a server. Maybe I
misunderstood their purpose from the few pages of preliminary
documentation that is available.

My question is WHY do it that way? What are the common tasks that
sysadmins (for now, let's say in a web hosting scenario) want to perform?
Depending on the size of the organization, 90-99% of time is spent on
account management. Adding/removing/modifying users, right? (Come on..
Tell me I'm wrong.. ;-)

The trouble is, there is no atomic "add user" command on typical systems.
There are plenty of fine scripts to add users to the passwd database (or
whatever auth db of choice), as well as plenty of methods to add Apache
virtual hosts, DNS zones, etc... but they are all disjoint... When I want
to add a user, I want the sense of completing ONE coherent task.. not
several. The result is a more efficient, less error prone method that
doesn't require intimate knowledge of the configuration formats for 100
different daemons.

Anyways, Paul... Not meaning to come down on your suggestion (I'm not)...
Ark looks really good... And something like that, as well, is sorely
needed for administering large installations. Put quite simply, it's just
not the same direction that I'm headed. ;-)

- Ryan


> It's early days, but the underlying concept is related to what you are
> proposing, and if the code turns out as good as the talk (reading
> 'Motivations', 'Key Ideas' and 'Fundamentals' should get you fired
> up), then this will turn into something very interesting indeed.
> 
> I think the key to projects like this are to be able to produce a set
> of open 'best practise' policies, with the tools there to support
> them. The advantage to this approach is that I can still modify the
> policy to be able to keep my alias table in a MySQL table, have my
> RADIUS authenticate everybody no matter what user/pass you whack in,
> and other site-specific madness.
> 
> I think taking sysadmin to the next level of abstraction is long overdue.
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-chat" in the body of the message
> 

-- 
  Ryan Thompson <ryan@sasknow.com>
  Network Administrator, Accounts

  SaskNow Technologies - http://www.sasknow.com
  #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2

        Tel: 306-664-3600   Fax: 306-664-1161   Saskatoon
  Toll-Free: 877-727-5669     (877-SASKNOW)     North America


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0110260952530.49287-100000>