[Toolserver-l] an idea

Bryan Tong Minh bryan.tongminh at gmail.com
Thu Aug 27 12:09:12 UTC 2009


On Thu, Aug 27, 2009 at 8:12 AM, River
Tarnell<river at loreley.flyingparchment.org.uk> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> so, sometimes we've had problems with the Toolserver that required an
> admin, but an admin wasn't always around.  some of these problems are
> complicated, but others are simple, and can be fixed by e.g. killing a
> process, or rebooting a server.

I believe most of the recent cases that required an admin, was real
admin work, things like broken replication, broken servers, etc.

> * rebooting login/web servers
> * killing user processes
> * viewing and killing user queries on MySQL servers
>
Urgent problems with killing user processes and killing user queries
are rare. Nevertheless although they don't happen often, they do
happen and if somebody else than an admin is able to fix it, the
reliability of the toolserver would be increased.

> does this seem like something that would be helpful?  and, if we
> introduced it, would anyone be interested in such privileges?  (we would
> probably require a good knowledge of Unix and at least some experience
> with system administration.)
I don't think there would be large benefit gained from the proposal,
but on the other side it doesn't hurt to have custodians, as long as
they are trusted.

In any case I would be willing to volunteer. I have limited experience
with linux system administration and none with solaris, but I do know
where to find man pages and I am quite familiar with the various parts
of the toolserver cluster.


On Thu, Aug 27, 2009 at 11:05 AM, Fahad Sadah<fahadsadah at googlemail.com> wrote:
>
> Bear in mind that most programs can be exploited as root, to gain full
> root.
>
Well of course they can, and care should be taken which programs can
be run, but custodians should be very trusted and anybody whom we
don't know if they will exploit a program to gain root access is
automatically disqualified.



Bryan



More information about the Toolserver-l mailing list