From owner-freebsd-chat Fri Oct 26 9:20:19 2001 Delivered-To: freebsd-chat@freebsd.org Received: from ren.sasknow.com (ren.sasknow.com [207.195.92.131]) by hub.freebsd.org (Postfix) with ESMTP id 514D937B403 for ; Fri, 26 Oct 2001 09:20:10 -0700 (PDT) Received: from localhost (ryan@localhost) by ren.sasknow.com (8.9.3/8.9.3) with ESMTP id KAA33220; Fri, 26 Oct 2001 10:19:52 -0600 (CST) (envelope-from ryan@sasknow.com) Date: Fri, 26 Oct 2001 10:19:51 -0600 (CST) From: Ryan Thompson To: Paul Robinson Cc: freebsd-chat@FreeBSD.ORG Subject: Re: User/virtual administration In-Reply-To: <20011026093135.B22182@jake.akitanet.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Paul Robinson wrote to Ryan Thompson: > I would advise that you look at: > > http://ark.sourceforge.net Hi Paul, I like the Ark concept (I really do), but I think it is quite different than what I am looking for. ARK, like many other packages out there, seems to be stuck on the concept of service-centric administration (configuring daemons). That's fine, if you were born thinking like a server. Maybe I misunderstood their purpose from the few pages of preliminary documentation that is available. My question is WHY do it that way? What are the common tasks that sysadmins (for now, let's say in a web hosting scenario) want to perform? Depending on the size of the organization, 90-99% of time is spent on account management. Adding/removing/modifying users, right? (Come on.. Tell me I'm wrong.. ;-) The trouble is, there is no atomic "add user" command on typical systems. There are plenty of fine scripts to add users to the passwd database (or whatever auth db of choice), as well as plenty of methods to add Apache virtual hosts, DNS zones, etc... but they are all disjoint... When I want to add a user, I want the sense of completing ONE coherent task.. not several. The result is a more efficient, less error prone method that doesn't require intimate knowledge of the configuration formats for 100 different daemons. Anyways, Paul... Not meaning to come down on your suggestion (I'm not)... Ark looks really good... And something like that, as well, is sorely needed for administering large installations. Put quite simply, it's just not the same direction that I'm headed. ;-) - Ryan > It's early days, but the underlying concept is related to what you are > proposing, and if the code turns out as good as the talk (reading > 'Motivations', 'Key Ideas' and 'Fundamentals' should get you fired > up), then this will turn into something very interesting indeed. > > I think the key to projects like this are to be able to produce a set > of open 'best practise' policies, with the tools there to support > them. The advantage to this approach is that I can still modify the > policy to be able to keep my alias table in a MySQL table, have my > RADIUS authenticate everybody no matter what user/pass you whack in, > and other site-specific madness. > > I think taking sysadmin to the next level of abstraction is long overdue. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-chat" in the body of the message > -- Ryan Thompson Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message