diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/2010-October/000061.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/2010-October/000061.html | 129 |
1 files changed, 129 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2010-October/000061.html b/zarb-ml/mageia-sysadm/2010-October/000061.html new file mode 100644 index 000000000..57258513e --- /dev/null +++ b/zarb-ml/mageia-sysadm/2010-October/000061.html @@ -0,0 +1,129 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] planning for sysadmin task + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3CAANLkTi%3DOuTQXiUfZuwo9DW8oJSrQ%2BRcTbzqLKJZy1oXX%40mail.gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000060.html"> + <LINK REL="Next" HREF="000062.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] planning for sysadmin task</H1> + <B>Romain d'Alverny</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3CAANLkTi%3DOuTQXiUfZuwo9DW8oJSrQ%2BRcTbzqLKJZy1oXX%40mail.gmail.com%3E" + TITLE="[Mageia-sysadm] planning for sysadmin task">rdalverny at gmail.com + </A><BR> + <I>Tue Oct 26 15:44:21 CEST 2010</I> + <P><UL> + <LI>Previous message: <A HREF="000060.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI>Next message: <A HREF="000062.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#61">[ date ]</a> + <a href="thread.html#61">[ thread ]</a> + <a href="subject.html#61">[ subject ]</a> + <a href="author.html#61">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>On Tue, Oct 26, 2010 at 15:23, Michael Scherer <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">misc at zarb.org</A>> wrote: +><i> And that's a question that I think I have already asked on irc when we +</I>><i> devised the team, what is the role of the web team exactly regarding our +</I>><i> servers and the software and how do we articulate with them. +</I>><i> +</I>><i> Ie, who is in charge of the following : +</I>><i> - setup of web application +</I>><i>  - apache side +</I>><i>  - filesystem side +</I>><i>  - database side +</I> +Sysadm. Per request of webteam. + +><i> - setup of infrastructure ( ie apache module) +</I> +Sysadm. Per request of webteam. + +><i> - who is in charge of securing +</I>><i>  - the servers +</I>><i>  - each applications +</I> +Both. Server security is going to be affected by application security +and this is the webteam role to control that part. And to assume/fix +potential issues. + +><i> - who is in charge of backuping +</I>><i>  - the server +</I> +sysadm. + +><i>  - the applications +</I> +Webteam. Destroying and restoring a webapp must be a process taken +into account at their level. Doesn't prevent sysadmins to be able to +run it as well. + +It's likely going to be a back-and-forth process but ideally, the +webteam would ask, for a given web app, for: + - a database type and access (with expected usage size), + - a vhost (provided it's not under an existing vhost), + - a web repository where to put and update files (so they must have a +write access on this), + - a specific Apache config, + - a read access to related Apache logs + - a list of needed modules (PHP, Ruby, Perl, others) + +And should be able to work with this. + +However we can think to future provision to some webteam people +(webmasters for instance) extended rights (Apache config write access, +reloading Apache, extended rights on database). Depends on situation +and roles. + +><i> Is everything taken care of the sysadm team, in which case no permission +</I>><i> should be given to webteam, or some part of this are ( beware, because +</I>><i> some part are dependent, ie people who setup a application take care of +</I>><i> the security and of bugfixing it ), and so will the sysadm team act like +</I>><i> a shared server provider toward various member of the community ? +</I> +More like a shared-server provider. However situation may differ from +web app to web app. Don't know for sure yet. But as a start, I would +go per the process described above. + +><i> And if we choose the path of a shared server provider, shall the web +</I>><i> team alone be able to have a web site, or should we open the possibility +</I>><i> to others team to do so ? ( ie, if the designers want to setup a custom +</I>><i> webapp, who shall take care of that ? ) +</I> +They should see that with the webteam or be part of it. That's the +place where all Web-related stuff (be it technical or not) should be +gathered and discussed. + +Romain +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000060.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI>Next message: <A HREF="000062.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#61">[ date ]</a> + <a href="thread.html#61">[ thread ]</a> + <a href="subject.html#61">[ subject ]</a> + <a href="author.html#61">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |