diff options
author | Nicolas Vigier <boklm@mageia.org> | 2013-04-14 13:46:12 +0000 |
---|---|---|
committer | Nicolas Vigier <boklm@mageia.org> | 2013-04-14 13:46:12 +0000 |
commit | 1be510f9529cb082f802408b472a77d074b394c0 (patch) | |
tree | b175f9d5fcb107576dabc768e7bd04d4a3e491a0 /zarb-ml/mageia-sysadm/2012-March/004332.html | |
parent | fa5098cf210b23ab4f419913e28af7b1b07dafb2 (diff) | |
download | archives-master.tar archives-master.tar.gz archives-master.tar.bz2 archives-master.tar.xz archives-master.zip |
Diffstat (limited to 'zarb-ml/mageia-sysadm/2012-March/004332.html')
-rw-r--r-- | zarb-ml/mageia-sysadm/2012-March/004332.html | 299 |
1 files changed, 299 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2012-March/004332.html b/zarb-ml/mageia-sysadm/2012-March/004332.html new file mode 100644 index 000000000..20c90fc74 --- /dev/null +++ b/zarb-ml/mageia-sysadm/2012-March/004332.html @@ -0,0 +1,299 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] [forums-discuss] Re: updating sysadmin privileges in forum config + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5Bforums-discuss%5D%20Re%3A%20updating%20sysadmin%0A%20privileges%20in%20forum%20config&In-Reply-To=%3C1332794972.8434.218.camel%40liliana.cdg.redhat.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="004331.html"> + <LINK REL="Next" HREF="004333.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] [forums-discuss] Re: updating sysadmin privileges in forum config</H1> + <B>Michael Scherer</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5Bforums-discuss%5D%20Re%3A%20updating%20sysadmin%0A%20privileges%20in%20forum%20config&In-Reply-To=%3C1332794972.8434.218.camel%40liliana.cdg.redhat.com%3E" + TITLE="[Mageia-sysadm] [forums-discuss] Re: updating sysadmin privileges in forum config">misc at zarb.org + </A><BR> + <I>Mon Mar 26 22:49:32 CEST 2012</I> + <P><UL> + <LI>Previous message: <A HREF="004331.html">[Mageia-sysadm] [forums-discuss] Re: updating sysadmin privileges in forum config +</A></li> + <LI>Next message: <A HREF="004333.html">[Mageia-sysadm] [forums-discuss] Re: updating sysadmin privileges in forum config +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#4332">[ date ]</a> + <a href="thread.html#4332">[ thread ]</a> + <a href="subject.html#4332">[ subject ]</a> + <a href="author.html#4332">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Le dimanche 25 mars 2012 à 08:24 +0200, Wolfgang Bornath a écrit : +><i> 2012/3/24 Michael Scherer <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">misc at zarb.org</A>>: +</I>><i> > Le samedi 24 mars 2012 à 12:48 +0100, Wolfgang Bornath a écrit : +</I>><i> > +</I>><i> >> But I doubt +</I>><i> >> there would be benefits by having a package for the forum software. +</I>><i> >> Quite to the contrary, a simple change of a character in one of the +</I>><i> >> php files would cause the need of an update of the whole package, +</I>><i> >> while as is you just need to exchange this one php file. If there +</I>><i> >> would be a benefit I guess there would have been phpBB packages for +</I>><i> >> years, phpBB being the most popular forum software, not only in the +</I>><i> >> Linux world. Ok, a weak point, I admit. +</I>><i> > +</I>><i> > The point is indeed weak. +</I>><i> > +</I>><i> > For the start, having a package would ease the testing, since right now, +</I>><i> > people just have no clue on how to replicate our setup. There is the +</I>><i> > puppet manifests, but I take for granted that the intersection of those +</I>><i> > that know how to use them and those interested into testing phpbb is +</I>><i> > near 0. +</I>><i> +</I>><i> Right. Why? Because even those who have experience in phpBB forum +</I>><i> maintenance and php are not familiar of the setup used at Mageia. +</I> +Writing script to ease the setup of the copy of the system have been on +my todo list since a long time. I started to write documents on the +wiki, I did some conference to have some buzz, I did refactor the whole +repository to make it easier to read and to understand. + +The setup used at mageia is nothing special or magic, there is : +- 1 postgresql database +- 1 git checkout +- 1 apache config file that basically block some directory for security +reasons + +I have yet to see a request for more information, that I would have +provided. But maybe people think we are too busy or too important to be +disturbed, or that they would not be able to change anything ( despites +me saying several time "send patch" ). There isn't much secret in the +setup, this is published since the beginning. + +For example : +<A HREF="http://svnweb.mageia.org/adm/puppet/modules/phpbb/templates/config.php?revision=1625&view=markup">http://svnweb.mageia.org/adm/puppet/modules/phpbb/templates/config.php?revision=1625&view=markup</A> +that's config.php. Anyone knowing php ( or asp, or jsp ) would +intuitively understand the format ( ie, database is a variable given +somewhere else ) + +The git checkout url is in another file, to get it : + +git clone <A HREF="git://git.mageia.org/forum/">git://git.mageia.org/forum/</A> foo + +and we just remove "phpBB/install" after checkout. + +I agree this is not obvious, but I think we have a fairly standard +setup, and since no one ever ask a question, we can hardly see what is +difficult to understand. + +><i> > Second part of having a package is that it would benefit to others if in +</I>><i> > the distribution. It would also ease the management of version by the QA +</I>><i> > ( cause if stuff is really important, you want to have it checked before +</I>><i> > it goes live ). +</I>><i> > +</I>><i> > Another idea is to detect when there is change in the php files, by +</I>><i> > using the rpm -V feature. That's quite handy when there is a problem +</I>><i> > ( again speaking of experience ). +</I>><i> > +</I>><i> > And having a rpm in the distribution also mean that we can benefit from +</I>><i> > the whole framework on making sure this is up to date, making sure that +</I>><i> > basic quality is respected, etc. Something that is far from being the +</I>><i> > case with a random zip taken from the web, especially from php software. +</I>><i> > And I do not even talk of more complex security system like tomoyo or +</I>><i> > selinux. +</I>><i> +</I>><i> Well, the phpBB community is very large, involving people on all +</I>><i> levels of knowledge related to web applications and system +</I>><i> administration. Regarding the software being released from them as not +</I>><i> up to date and far from basic quality seems to me a bit ... +</I>><i> "exaggerating". +</I> +When I mean "being up to date", i mean using the same tool we use for +others packages to know there is a update, etc. +IE, having the package up to date. The same goes for "quality". Web +developpers tend to focus on the use case of "I have a shared space and +I cannot change nything to it", which is not our case. We can change +apache config, we can put some stuff outside of the web root, etc. + +Software distribution is something that we already do, so solving the +same problem in a different way a second time is IMHO not a good idea. + +><i> >> - How would you implement requested features which are not available +</I>><i> >> in the forum software other than by "MODs" (which is the same as a +</I>><i> >> patch? +</I>><i> > +</I>><i> > Usually, with well designed software, that work with plugins. Of course, +</I>><i> > with some stuff, that goes by "let's duplicate the source code and deal +</I>><i> > with merging source code update". There is ton of example of why this is +</I>><i> > wrong ( search "technical debt" on a search engine for lots of articles +</I>><i> > on the topic ), hence the need to use a software properly designed, and +</I>><i> > to stay in a well designed process. +</I>><i> +</I>><i> Ok, so your point is that phpBB is not the software you want to use. +</I>><i> This is a point I understand and would accept, you explained the +</I>><i> points very well. But I don't know if there is a software with same +</I>><i> functionality which would qualify and if there is it would mean a lot +</I>><i> of work to switch. +</I> +That's not phpbb per se than the idea of how we should modify it. + +Basically, in a world where we have near infinite ressources, we would +be able to take phpbb, and do any customisation. The same could be done +for all softwares. + +For exemple, that's what Google or Yahoo do ( more the first than the +2nd ). Google do have a custom http server, likely a custom kernel, +custom jvm, custom software and framework, even custom languages, custom +hardware, custom routers. They also have around 24 000 people working +for them, and a pile of money. + +But we are on the other side of the spectrum and we may not have the +sustainable ressources for custom stuff ( and I should really make the +word sustainable bold ). We did took this road for some of our component +( identity, for exemple ) and we do not have the man power to make +software evolve. + +In the long run, the best would be to have such ressources, of course. + +But that's a difficult problem to solve, and in the mean term, we should +have a solution, and I think therefor sticking to stock software is the +best compromise. I am aware that some mod would make stuff better ( for +example, to have a decent url, helping for visibility, etc ) and i am +sure that they are all enhancing the forum ( I mean, no one will do a +mod to make it worst ), but they are not free in term of ressources to +integrate. + +So that's a tradeoff. It is better, but then you have to do some work +for each upgrade, etc. + + +><i> > And frankly, the whole idea of mod is a sign that phpbb is not suitable +</I>><i> > out of the box, as I said in the past. So while maybe the others are not +</I>><i> > either, that's still a signal that something is wrong. +</I>><i> +</I>><i> Ok, what can be done about that? +</I> +Now we decided to use phpbb, I guess we will stick to it. A migration +would take too much time, and despites having a setup that can be +improved ( to my eyes ), it seems to do the job. + +But I think that we should keep in mind to prefer a software that do +what we want directly than one we can fix later ( or at least, depend +how we can fix ). That sound simple once said, but unfortunately, that's +hard to resist to the call of code for coders, so I will not blame +anyone on that. + +><i> > From my point of view, everybody can open a bug report or send patches. +</I>><i> > No one did, and you can say as much as you want "this is not my fault", +</I>><i> > that will not change anything nor retroactively make bug reports appear. +</I>><i> > +</I>><i> > I would add that if people have a pretension to become admin or +</I>><i> > anything, they should at least attempt to act as such. Ie, sending +</I>><i> > patchs, etc. +</I>><i> +</I>><i> I haven't met anybody in the international forum with a pretention to +</I>><i> become admin in the way you see it. +</I> +I didn't read the forum, so maybe I misunderstood ( likely, in fact ), +so sorry if I was too harsh. + +But the point is still valid, if people wish to help or think they can +do a better job than us ( and I think we are not perfect, I do not deny +), we can arrange something. + +><i> > No, the discussion started because no one did the job. We are not +</I>><i> > Mandriva, there is not "someone is in charge so I do nothing" bullshit +</I>><i> > state of mind with the company and the rest of the world separation. The +</I>><i> > system is open enough that someone skilled enough and motivated enough +</I>><i> > can do most of the job, except the last step. +</I>><i> > +</I>><i> > If people were really concerned on contributing instead of speaking how +</I>><i> > they would want to do something or how others didn't do what they +</I>><i> > wanted, they would have done something. +</I>><i> +</I>><i> Yes, all correct in general and it would surely have happened like +</I>><i> this in the Mageia forum as well. But: +</I>><i> If there is an admin in place (even somebody who claims that there are +</I>><i> enough admins), if this admin keeps responding to questions in the +</I>><i> forum about a missing update and other requests by explaining how it +</I>><i> will be done and what is needed and that it will be done as soon as +</I>><i> possible - why should anyone of the users should write a bug report? +</I> +Part of the problem is first what do people mean by "admin". + +To me, this mean "system admin", and even if I tried to use sysadmin for +that meaning, I am sure that I have slipped more than once. +And while it may not have been obvious, I only speak of the sysadmin +side of the thing. + +To me, it seems obvious we need to have 1 and 1 single way to report +issue. Bugzilla is not perfect, but if we use 1 single system instead of +more, this permit to have 1 system to maintain, to not need to ask to +user to decide where to report problem, and people will have 1 system to +learn. ( and that's ITIL compliant, but that's a private joke with +myself ). + +Now, I understand and should keep in mind that by admin, people also see +forum admin, and I will likely not comment on this part. Not that I do +not have a perfect(tm) solution for the problem :) + +So maybe the first step would be to document exactly what is the current +state of affairs, who do what, who is in what group so we can at least +make sure we use the same word, see the same things. I have part of this +information in mind, but thanks to my training when I worked for CIA, +people cannot read it. + +><i>From what I remember : +</I> +- there is mga-sysadmin group, 10 person, who ( for the forum ) : + - access the server, databases and can commit to puppet or modify +directly the db, and grant access to git + +they also have lots of access, and the long term goal is to delegate as +much as possible. As i say, my goal is to be able to replace myself by a +script. So this is not practical to give access to this group without +any check of skills or anything. + +- there is the mga-forum_developer group, of 3 person ( now 2 ), who : + - have write access to the code of phpbb hosted in our git ( see url +before ) + - should have enough access to upgrade the forum ( but do not know ) + +the deployment is planned to be automatised, but that's not done ( my +point was that sysadmin will do it by hand until sufficiently annoyed, +and until the know how to automate it, until then we have to do the +upgrade by hand to see what need to be coded, or wait for a patch for +that ). I cannot speak for the others, but I do not plan to blindly code +without doing a few test runs so without request to upgrade forum. + +on the side of forum management, well, I do not know. That's the part +where someone step in and complete my mail. + +-- +Michael Scherer + +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="004331.html">[Mageia-sysadm] [forums-discuss] Re: updating sysadmin privileges in forum config +</A></li> + <LI>Next message: <A HREF="004333.html">[Mageia-sysadm] [forums-discuss] Re: updating sysadmin privileges in forum config +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#4332">[ date ]</a> + <a href="thread.html#4332">[ thread ]</a> + <a href="subject.html#4332">[ subject ]</a> + <a href="author.html#4332">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |