diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/2010-November/000592.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/2010-November/000592.html | 146 |
1 files changed, 146 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2010-November/000592.html b/zarb-ml/mageia-sysadm/2010-November/000592.html new file mode 100644 index 000000000..6391707f4 --- /dev/null +++ b/zarb-ml/mageia-sysadm/2010-November/000592.html @@ -0,0 +1,146 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] Main tasks for the next days + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Main%20tasks%20for%20the%20next%20days&In-Reply-To=%3C201011171218.25691.bgmilne%40multilinks.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000610.html"> + <LINK REL="Next" HREF="000543.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] Main tasks for the next days</H1> + <B>Buchan Milne</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Main%20tasks%20for%20the%20next%20days&In-Reply-To=%3C201011171218.25691.bgmilne%40multilinks.com%3E" + TITLE="[Mageia-sysadm] Main tasks for the next days">bgmilne at multilinks.com + </A><BR> + <I>Wed Nov 17 12:18:25 CET 2010</I> + <P><UL> + <LI>Previous message: <A HREF="000610.html">[Mageia-sysadm] Main tasks for the next days +</A></li> + <LI>Next message: <A HREF="000543.html">[Mageia-sysadm] svn layout +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#592">[ date ]</a> + <a href="thread.html#592">[ thread ]</a> + <a href="subject.html#592">[ subject ]</a> + <a href="author.html#592">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>On Tuesday, 16 November 2010 00:55:15 Michael Scherer wrote: +><i> Le mardi 16 novembre 2010 à 00:12 +0100, nicolas vigier a écrit : +</I>><i> > Hello, +</I>><i> > +</I>><i> > As was decided in tonight IRC meeting, the priority tasks for sysadmin in +</I>><i> > +</I>><i> > the next days will be : +</I>><i> > * the configuration of pam_ldap, nss_ldap, and everything needed to +</I>><i> > +</I>><i> > allow commits from LDAP accounts on SVN +</I> +I have created some "host" accounts in LDAP, so far for alamut and valstar, to +test that they have sufficient access for nss_ldap. I might need to open up +read access to member attributes of groups (at present, all users have search +access to member attribute, but not read, so you can determine if a user is a +member of a group, but not see all the members, this is probably sufficient +for assigning groups on login, but not sufficient for 'groups foo' or 'id foo' +to work as expected). + +However, we probably need to decide on a time and host to test this on, as +mistakes etc. with authentication configuration can be inconvenient. + +><i> > +</I>><i> > * the configuration of forums with LDAP accounts (to be finished) +</I>><i> +</I>><i> A first step would be to make sure that people in charge of forum read +</I>><i> this list and are subscribed to it. And another step would be to know +</I>><i> what they do, since I am spammed every day by the cron job who update of +</I>><i> urpmi who is bounced to <A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">root at zarb</A> alias, as the server is +</I>><i> misconfigurated ( ie, it send mail to a alias that do not exist ). +</I> +Maybe these issues should be discussed with the web team today. + +><i> > * the configuration of sympa mailing lists server using LDAP for users +</I>><i> > +</I>><i> > authentication +</I>><i> +</I>><i> We didn't really discussed how and what we will use ldap and sympa for, +</I>><i> and that we setup without thinking first about the full picture. +</I>><i> +</I>><i> Ie, if sympa use ldap for authentication, does that mean that people +</I>><i> will be forced to use identity to subscribe ? +</I> +I was aiming for all users having *one* account, with one username and +password, from when they start (e.g. want to post on forum, subscribe to +mailing list) until they are on the sysadmin team, maintained on identity. + +I am not very familiar with sympa, but I was expecting that users would be +able to log in to the sympa web interface with their LDAP account, and +subscribe/unsubscribe there. Whether that subscription is maintained in LDAP +is IMHO not as relevant. + +In the case of "teams" that have corresponding groups in LDAP, it may make +sense to have corresponding automatic mailing lists (as it would reduce some +overhead). + +identity is used to manage the users identity information, and should be +authoritative for that, but I don't expect to have to add features for +administering every applications settings for a user (e.g. signature for +forum, digest settings for mailing lists etc.). Where there is more identity- +related information that we may want to leverage in more than one application +(e.g. avatar or photo or mugshot or whatever), we can look at that. + +><i> How would it goes for moderation ? +</I> +Nothing to do with LDAP (except possibly authenticating moderator on sympa web +interace). + +><i> How would they do for subscription ? +</I> +Authenticate user against LDAP on login to sympa web interface, nothing more. + +dmorgan asked me to add some ACLs allowing addition of some data for mailing +lists, but as far as I could tell, it looked like aliases for mailing list +administration (e.g. <A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">xxx-subscribe at lists.</A> etc.). Now, AFAICT, this is not +strictly required for sympa operation ... it all depends on the MTA setup. If +aliases are going to be in LDAP, then IMHO the existing 'MTA Admins' system +group should be used, and I will give it write access to a tree (e.g. ou=mail +or so) for aliases not related to users. + +But, I need to know what access is required for the non-user-authentication +features of sympa for which we would like to use LDAP as backend, so I can +assign sympa user to correct groups and check ACLs. + +Regards, +Buchan +</PRE> + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000610.html">[Mageia-sysadm] Main tasks for the next days +</A></li> + <LI>Next message: <A HREF="000543.html">[Mageia-sysadm] svn layout +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#592">[ date ]</a> + <a href="thread.html#592">[ thread ]</a> + <a href="subject.html#592">[ subject ]</a> + <a href="author.html#592">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |