[Box-Admins] Accounts and IDs on servers (was: Access to the new
server(s))
David T. Lewis
lewis at mail.msen.com
Fri Sep 30 12:16:08 UTC 2016
On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
> Dear all
>
> [ACTIONS AT END]
>
> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
> Here's the overview:
>
> =======================================================================================================================
> Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4
> -----------------------------------------------------------------------------------------------------------------------
> ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29
> alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8
> adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56
> andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222
> dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150
> ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111
> david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45
> scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169
> =======================================================================================================================
>
> Currently, Levente and me have sudo on all these machines. Users with * also do.
<snip>
> We will shortly start RSYNC-ing over data from box3 and box4 as well as replicatiing DNS entries before switching over.
>
> [ACTION REQUIRED]
>
> - Who needs access to which servers?
Account request:
In addition to server #dan, I would like to request a davidlewis
account on #andreas and #david.
Reasons: I want to work with Chris so I can update squeaksource.com as
compatibly as possible with source.squeak.org from an administrative
point of view (updating the squeaksource.com image will have to wait).
And I may spend some time on Jenkins if everything else gets done on
time.
Suggestion:
It would be a good idea to pick the UID assignments for the various
admin accounts in advance, so they will be unique across the servers
and distinct from any user UIDs. Thus for example if we will have
accounts for squeakmap, jenkins, source.squeak.org and squeaksource.com
services, their files can later be migrated from box to box without
fear of UID confusion.
When I originally set up squeaksource.com on box3, I put it in a
normal user account (ssdotcom with UID 1008). That is not good
practice, in part because 1008 might end up being the UID for some
user account on another box. (This actually happened in the box2
migration to box3, so the source.squeak.org files now accidentally
appear to be owned by "davidlewis" rather than whatever ID they
originally had on box2.)
For squeaksource.com, I am not worried if the files get copied
with correct ownership and permissions, because I can easily fix
this later (with /bin/find). Chris, if there are problems with
this for source.squeak.org, I can lend a hand sorting it out.
Dave
More information about the Box-Admins
mailing list