1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-sysadm] planning for sysadmin task
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3CAANLkTi%3DOuTQXiUfZuwo9DW8oJSrQ%2BRcTbzqLKJZy1oXX%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000060.html">
<LINK REL="Next" HREF="000062.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-sysadm] planning for sysadmin task</H1>
<B>Romain d'Alverny</B>
<A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3CAANLkTi%3DOuTQXiUfZuwo9DW8oJSrQ%2BRcTbzqLKJZy1oXX%40mail.gmail.com%3E"
TITLE="[Mageia-sysadm] planning for sysadmin task">rdalverny at gmail.com
</A><BR>
<I>Tue Oct 26 15:44:21 CEST 2010</I>
<P><UL>
<LI>Previous message: <A HREF="000060.html">[Mageia-sysadm] planning for sysadmin task
</A></li>
<LI>Next message: <A HREF="000062.html">[Mageia-sysadm] planning for sysadmin task
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#61">[ date ]</a>
<a href="thread.html#61">[ thread ]</a>
<a href="subject.html#61">[ subject ]</a>
<a href="author.html#61">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>On Tue, Oct 26, 2010 at 15:23, Michael Scherer <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">misc at zarb.org</A>> wrote:
><i> And that's a question that I think I have already asked on irc when we
</I>><i> devised the team, what is the role of the web team exactly regarding our
</I>><i> servers and the software and how do we articulate with them.
</I>><i>
</I>><i> Ie, who is in charge of the following :
</I>><i> - setup of web application
</I>><i>  - apache side
</I>><i>  - filesystem side
</I>><i>  - database side
</I>
Sysadm. Per request of webteam.
><i> - setup of infrastructure ( ie apache module)
</I>
Sysadm. Per request of webteam.
><i> - who is in charge of securing
</I>><i>  - the servers
</I>><i>  - each applications
</I>
Both. Server security is going to be affected by application security
and this is the webteam role to control that part. And to assume/fix
potential issues.
><i> - who is in charge of backuping
</I>><i>  - the server
</I>
sysadm.
><i>  - the applications
</I>
Webteam. Destroying and restoring a webapp must be a process taken
into account at their level. Doesn't prevent sysadmins to be able to
run it as well.
It's likely going to be a back-and-forth process but ideally, the
webteam would ask, for a given web app, for:
- a database type and access (with expected usage size),
- a vhost (provided it's not under an existing vhost),
- a web repository where to put and update files (so they must have a
write access on this),
- a specific Apache config,
- a read access to related Apache logs
- a list of needed modules (PHP, Ruby, Perl, others)
And should be able to work with this.
However we can think to future provision to some webteam people
(webmasters for instance) extended rights (Apache config write access,
reloading Apache, extended rights on database). Depends on situation
and roles.
><i> Is everything taken care of the sysadm team, in which case no permission
</I>><i> should be given to webteam, or some part of this are ( beware, because
</I>><i> some part are dependent, ie people who setup a application take care of
</I>><i> the security and of bugfixing it ), and so will the sysadm team act like
</I>><i> a shared server provider toward various member of the community ?
</I>
More like a shared-server provider. However situation may differ from
web app to web app. Don't know for sure yet. But as a start, I would
go per the process described above.
><i> And if we choose the path of a shared server provider, shall the web
</I>><i> team alone be able to have a web site, or should we open the possibility
</I>><i> to others team to do so ? ( ie, if the designers want to setup a custom
</I>><i> webapp, who shall take care of that ? )
</I>
They should see that with the webteam or be part of it. That's the
place where all Web-related stuff (be it technical or not) should be
gathered and discussed.
Romain
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000060.html">[Mageia-sysadm] planning for sysadmin task
</A></li>
<LI>Next message: <A HREF="000062.html">[Mageia-sysadm] planning for sysadmin task
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#61">[ date ]</a>
<a href="thread.html#61">[ thread ]</a>
<a href="subject.html#61">[ subject ]</a>
<a href="author.html#61">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
mailing list</a><br>
</body></html>
|
