On Thu, Aug 27, 2009 at 8:12 AM, River Tarnellriver@loreley.flyingparchment.org.uk wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
so, sometimes we've had problems with the Toolserver that required an admin, but an admin wasn't always around. some of these problems are complicated, but others are simple, and can be fixed by e.g. killing a process, or rebooting a server.
I believe most of the recent cases that required an admin, was real admin work, things like broken replication, broken servers, etc.
- rebooting login/web servers
- killing user processes
- viewing and killing user queries on MySQL servers
Urgent problems with killing user processes and killing user queries are rare. Nevertheless although they don't happen often, they do happen and if somebody else than an admin is able to fix it, the reliability of the toolserver would be increased.
does this seem like something that would be helpful? and, if we introduced it, would anyone be interested in such privileges? (we would probably require a good knowledge of Unix and at least some experience with system administration.)
I don't think there would be large benefit gained from the proposal, but on the other side it doesn't hurt to have custodians, as long as they are trusted.
In any case I would be willing to volunteer. I have limited experience with linux system administration and none with solaris, but I do know where to find man pages and I am quite familiar with the various parts of the toolserver cluster.
On Thu, Aug 27, 2009 at 11:05 AM, Fahad Sadahfahadsadah@googlemail.com wrote:
Bear in mind that most programs can be exploited as root, to gain full root.
Well of course they can, and care should be taken which programs can be run, but custodians should be very trusted and anybody whom we don't know if they will exploit a program to gain root access is automatically disqualified.
Bryan