diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/2010-October/000063.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/2010-October/000063.html | 163 |
1 files changed, 163 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2010-October/000063.html b/zarb-ml/mageia-sysadm/2010-October/000063.html new file mode 100644 index 000000000..e968bca79 --- /dev/null +++ b/zarb-ml/mageia-sysadm/2010-October/000063.html @@ -0,0 +1,163 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] planning for sysadmin task + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3CAANLkTikL6FX1znb18md5tAudkqJeT8NogTorsH5p68nt%40mail.gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000062.html"> + <LINK REL="Next" HREF="000125.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] planning for sysadmin task</H1> + <B>Romain d'Alverny</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3CAANLkTikL6FX1znb18md5tAudkqJeT8NogTorsH5p68nt%40mail.gmail.com%3E" + TITLE="[Mageia-sysadm] planning for sysadmin task">rdalverny at gmail.com + </A><BR> + <I>Tue Oct 26 16:39:52 CEST 2010</I> + <P><UL> + <LI>Previous message: <A HREF="000062.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI>Next message: <A HREF="000125.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#63">[ date ]</a> + <a href="thread.html#63">[ thread ]</a> + <a href="subject.html#63">[ subject ]</a> + <a href="author.html#63">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>On Tue, Oct 26, 2010 at 16:06, Olivier Thauvin +<<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">nanardon at nanardon.zarb.org</A>> wrote: +><i> * Romain d'Alverny (<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">rdalverny at gmail.com</A>) wrote: +</I>>><i> On Tue, Oct 26, 2010 at 15:23, Michael Scherer <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">misc at zarb.org</A>> wrote: +</I>>><i> Sysadm. Per request of webteam. +</I>>><i> +</I>>><i> > - setup of infrastructure ( ie apache module) +</I>>><i> +</I>>><i> Sysadm. Per request of webteam. +</I>>><i> +</I>>><i> > - who is in charge of securing +</I>>><i> >  - the servers +</I>>><i> >  - each applications +</I>>><i> +</I>>><i> Both. Server security is going to be affected by application security +</I>>><i> and this is the webteam role to control that part. And to assume/fix +</I>>><i> potential issues. +</I>><i> [...] +</I>><i> Since you prefer to not using rpm, the work to setup such application +</I>><i> get more complicated, especially if the sys admin don't know perl (in +</I>><i> this case, the same apply to php apps, python, etc...). +</I> +I know this firsthand, from both sides, yes. That's the webteam +responsibility to provide this info for installing/upgrading the app, +and that partially requires from the webteam some knowledge about the +system. + +So indeed, both teams need to know/understand each other. + +><i> I don't like the "svn snapshot" way for officially in use web apps. It +</I>><i> works for testing the devel version, but I'd really hope anyone +</I>><i> working on web apps is able to have a clear roadmap and managing branch +</I>><i> for quick security fixes. +</I> +Sure. But it happens to break nonetheless. What is crucial is not that +there is no breach (there will), it's that it is quickly reported and +fixed. + +><i> And since you have a stable branch and a devel one, you are able to +</I>><i> quickly redo a rpm. +</I> +I understand that but a RPM is an unnecessary step here IMHO. A web +app/development life cycle in dev/production is not the same as one +for a packaged app for a distribution. + +All I care here as a Web dev/project manager is: + - working on the app + - making sure it works + - pushing to prod + - check again + - iterate. + +Pushing deployment from dev to production, assuming all tests pass, +should be ideally as fast as pushing a single button and waiting for a +few seconds. And it may not be a trivial thing either (not just +pushing files, but moving the app into several states for a clean +migration). + +At some extent, RPM dependencies would be a useful thing for setting +up the application but this mostly happens once (first install) and +can be easily hosted within the web application itself (and then +handle the error) - WordPress and Drupal do it for instance. + +I perfectly understand that this does not fit with the packaging +reasoning for a Linux distribution. + + +><i> Or are we assuming Mageia will not be able to provide security fixes as +</I>><i> rpm for anyone using the distribution and so we prefer ourself to bypass +</I>><i> them ? +</I> +Not related. If these are regular web apps, we may as well port +changes and fixes back to the upstream project (be it our own) and +have these repackaged. But packaging is not the focus of the webteam. + + +><i> BTW: who is the webteam ? Does CatDap (Buchan's apps) and MGA::Mirrors +</I>><i> (mine) make us entering in webteam ? Is the Bs part of webteam works ? +</I> +The webteam, well, I'm preparing to shoot a first mail to people who +gathered on the wiki page; mostly developers and web integrators. +Nothing definitive, but I'm a volunteer to lead the first efforts for +the team. + +About CatDap and MGA:Mirrors, yes, hopefully. That makes you part of +it in that other webteam members should be aware of this app and +reciprocally, all members should collaborate. + +The BS is a separate kind of a beast but indeed, parts of it could +definitely benefit from web team developers/integrators (code, +organisation, design/graphics/UX levels). + +So we can discuss this further with other future webteam members but I +will seriously not manage a production environment that goes through +packaging for app updates. + +That does not mean I don't care about security - that means that +there's a balance to find and that web developers have to be in charge +of their apps security as well. So if that means we need to have +separate servers to isolate risks, so be it. If that means we need to +go for a different type of hosting, so be it. + +And I don't say that harshly. :-p just in case. + + +Romain +</PRE> + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000062.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI>Next message: <A HREF="000125.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#63">[ date ]</a> + <a href="thread.html#63">[ thread ]</a> + <a href="subject.html#63">[ subject ]</a> + <a href="author.html#63">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |