[Box-Admins] Accounts and IDs on servers (was: Access to the new server(s))

Das.Linux at gmx.de Das.Linux at gmx.de
Mon Oct 3 18:43:43 UTC 2016 

On 03.10.2016, at 20:39, Tobias Pape <Das.Linux at gmx.de> wrote:

> Hi,
> 
> On 30.09.2016, at 14:16, David T. Lewis <lewis at mail.msen.com> wrote:
> 
>> On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
>>> Dear all
>>> 
>>> [ACTIONS AT END]
>>> 
>>> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
>>> Here's the overview:
>>> 
>>> =======================================================================================================================
>>> Name 	Name (ext)	intended use	Unix Users	Public Ports	Private Ports	Public IPv4	Private IPv4
>>> -----------------------------------------------------------------------------------------------------------------------
>>> ian	ssh.squeak.org	ssh-gateway	ssh     	1022    	22      	104.130.6.82	10.208.225.29
>>> alan	*.squeak.org	webserver	webteam  	80, 443  	22      	104.239.229.92	10.176.200.8
>>> adele	lists....	mailinglists	(tbd)   	25, 587, 465	22, 8080	162.242.237.43	10.208.160.56
>>> andreas	--------	source.squeak	chrismuller*	--------	22, 8080	irrelevant	10.208.161.222
>>> dan	--------	squeaksource	davidlewis*	--------	22, 8080	irrelevant	10.176.197.150
>>> ted	--------	squeak wiki+map	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.130.111
>>> david	--------	jenkins 	(tbd)   	--------	22, 8080	irrelevant	10.208.194.45
>>> scott	--------	misc    	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.199.169
>>> =======================================================================================================================
>>> 
>>> Currently, Levente and me have sudo on all these machines. Users with * also do.
>> 
>> <snip>
>> 
>>> We will shortly start RSYNC-ing over data from box3 and box4 as well as replicatiing DNS entries before switching over.
>>> 
>>> [ACTION REQUIRED]
>>> 
>>> - Who needs access to which servers?
>> 
>> Account request:
>> 
>> In addition to server #dan, I would like to request a davidlewis
>> account on #andreas and #david.
>> 

> 
> 'andreas' granted.
> (As 'dan' for chris (sorry chris for seeming hesitant here…))

'david', too now

> 
>> Reasons: I want to work with Chris so I can update squeaksource.com as
>> compatibly as possible with source.squeak.org from an administrative
>> point of view (updating the squeaksource.com image will have to wait).
> 
> ACK
> 
>> And I may spend some time on Jenkins if everything else gets done on
>> time.
> 
> Great. Please coordinate with Craig here.
> 
>> 
>> Suggestion:
>> 
>> It would be a good idea to pick the UID assignments for the various
>> admin accounts in advance, so they will be unique across the servers
>> and distinct from any user UIDs. Thus for example if we will have
>> accounts for squeakmap, jenkins, source.squeak.org and squeaksource.com
>> services, their files can later be migrated from box to box without
>> fear of UID confusion.
>> 
>> When I originally set up squeaksource.com on box3, I put it in a
>> normal user account (ssdotcom with UID 1008). That is not good
>> practice, in part because 1008 might end up being the UID for some
>> user account on another box. (This actually happened in the box2
>> migration to box3, so the source.squeak.org files now accidentally
>> appear to be owned by "davidlewis" rather than whatever ID they
>> originally had on box2.)
> 
> I don't this that is too much of a problem, I did it anyway
> I will send around the 'known users' mapping shortly :)
> 
> 
>> 
>> For squeaksource.com, I am not worried if the files get copied
>> with correct ownership and permissions, because I can easily fix
>> this later (with /bin/find). Chris, if there are problems with
>> this for source.squeak.org, I can lend a hand sorting it out.
> 
> The files are already there and have right perms :)
> 
>> 
>> Dave
>> 
> 
> Best 
> 	-Tobias

More information about the Box-Admins mailing list