From owner-freebsd-hackers Thu Jan 29 08:17:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA00377 for hackers-outgoing; Thu, 29 Jan 1998 08:17:08 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from webserver.smginc.com (webserver.smginc.com [204.170.176.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA00371 for ; Thu, 29 Jan 1998 08:17:04 -0800 (PST) (envelope-from AdamT@smginc.com) Received: from smginc.com ([204.170.177.4]) by webserver.smginc.com (post.office MTA v2.0 0813 ID# 0-13723) with SMTP id AAA258 for ; Thu, 29 Jan 1998 11:18:44 -0500 Received: by smginc.com with Microsoft Mail id <34D0D540@smginc.com>; Thu, 29 Jan 98 11:15:12 PST From: Adam Turoff To: hackers Subject: WebAdmin (was: RE: /usr/src/release/sysinstall needs YOU. :-)) Date: Wed, 28 Jan 98 11:16:00 PST Message-ID: <34D0D540@smginc.com> X-Mailer: Microsoft Mail V3.0 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG X-To-Unsubscribe: mail to majordomo@FreeBSD.org "unsubscribe hackers" >> What are peoples' thoughts on a Java administration tool for FreeBSD? One > > I feel the same way about this as I do about all the proposals I've > seen for web-based administration and installation tools in general: > Doing this is not an easy nut to crack, and security concerns are not > entirely trivial, but if you think you can do it then by all means GO > FOR IT! > > Unfortunately, it would also seem that most people are only good for > suggesting that a Java or plain-HTML based admin tool would be a good > thing and not so much good for actually coding up the proof-of-concept > that'd be required to make it anything more than a simple and > often-made suggestion. ;-) > > Jordan OK. Enough goading. :-) I'm doing perl based CGI to pay the bills and gradually getting up to speed on being a reasonable FreeBSD admin for a small workgroup. I don't feel qualified enough to start down this path alone. There are a lot of nontrivial security issues to deal with, and a lot of nontrivial configuration issues to deal with, too. I'm in a situation where Netware Admins are rushing to get up to speed with NT, and I'm throwing FreeBSD in their faces at the same time. I'll spare the anti-NT discussion here; no need preaching to the choir. Here are a few things I'd like to see in a web-based admin tool: - DNS administration - user config - ports management - samba config (admin-loadable module? :-) ) - NFS config - mounting - apache config (?) - mirroring - config replication (act like that machine there) - lynx friendly Of course, some of these issues are rife with security holes. Hopefully, used judiciously, it'll be a value add that will make FreeBSD more approachable to newbies. My guess is that limiting access to clients coming from localhost would help, allowing access from a list of trusted clients as well. The admin server could come up and down as needed rather than sitting there waiting to be abused. My questions to -hackers at large would be: - any other admin type things that should be included? - any other security issues that should be considered? - ideas for extensibility? Hopefully I should have something started in a few weeks. -- Adam Rhythm deficient bassist for Necessity & the Mothers of Invention