[Box-Admins] Accounts and IDs on servers (was: Access to the new server(s))

Tobias Pape Das.Linux at gmx.de
Mon Oct 3 18:39:04 UTC 2016 

Hi,

On 30.09.2016, at 14:16, David T. Lewis <lewis at mail.msen.com> wrote:

> On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
>> Dear all
>> 
>> [ACTIONS AT END]
>> 
>> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
>> Here's the overview:
>> 
>> =======================================================================================================================
>> Name 	Name (ext)	intended use	Unix Users	Public Ports	Private Ports	Public IPv4	Private IPv4
>> -----------------------------------------------------------------------------------------------------------------------
>> ian	ssh.squeak.org	ssh-gateway	ssh     	1022    	22      	104.130.6.82	10.208.225.29
>> alan	*.squeak.org	webserver	webteam  	80, 443  	22      	104.239.229.92	10.176.200.8
>> adele	lists....	mailinglists	(tbd)   	25, 587, 465	22, 8080	162.242.237.43	10.208.160.56
>> andreas	--------	source.squeak	chrismuller*	--------	22, 8080	irrelevant	10.208.161.222
>> dan	--------	squeaksource	davidlewis*	--------	22, 8080	irrelevant	10.176.197.150
>> ted	--------	squeak wiki+map	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.130.111
>> david	--------	jenkins 	(tbd)   	--------	22, 8080	irrelevant	10.208.194.45
>> scott	--------	misc    	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.199.169
>> =======================================================================================================================
>> 
>> Currently, Levente and me have sudo on all these machines. Users with * also do.
> 
> <snip>
> 
>> We will shortly start RSYNC-ing over data from box3 and box4 as well as replicatiing DNS entries before switching over.
>> 
>> [ACTION REQUIRED]
>> 
>> - Who needs access to which servers?
> 
> Account request:
> 
> In addition to server #dan, I would like to request a davidlewis
> account on #andreas and #david.
> 

'andreas' granted.
(As 'dan' for chris (sorry chris for seeming hesitant here…))

> Reasons: I want to work with Chris so I can update squeaksource.com as
> compatibly as possible with source.squeak.org from an administrative
> point of view (updating the squeaksource.com image will have to wait).

ACK

> And I may spend some time on Jenkins if everything else gets done on
> time.

Great. Please coordinate with Craig here.

> 
> Suggestion:
> 
> It would be a good idea to pick the UID assignments for the various
> admin accounts in advance, so they will be unique across the servers
> and distinct from any user UIDs. Thus for example if we will have
> accounts for squeakmap, jenkins, source.squeak.org and squeaksource.com
> services, their files can later be migrated from box to box without
> fear of UID confusion.
> 
> When I originally set up squeaksource.com on box3, I put it in a
> normal user account (ssdotcom with UID 1008). That is not good
> practice, in part because 1008 might end up being the UID for some
> user account on another box. (This actually happened in the box2
> migration to box3, so the source.squeak.org files now accidentally
> appear to be owned by "davidlewis" rather than whatever ID they
> originally had on box2.)

I don't this that is too much of a problem, I did it anyway
I will send around the 'known users' mapping shortly :)


> 
> For squeaksource.com, I am not worried if the files get copied
> with correct ownership and permissions, because I can easily fix
> this later (with /bin/find). Chris, if there are problems with
> this for source.squeak.org, I can lend a hand sorting it out.

The files are already there and have right perms :)

> 
> Dave
> 

Best 
	-Tobias

More information about the Box-Admins mailing list