On Thu, Aug 4, 2011 at 10:24, Kevin Fenzi <email@example.com> wrote:
> On Thu, 4 Aug 2011 10:02:21 -0600
>> To me the
>> bigger question is.. do we need to have the root emails going to
>> sysadmin or to a subgroup. If those emails go down to say
>> sysadmin-noc,fi-apprentice,sysadmin-main,sysadmin-hosted it would do
>> the same thing.
> No, root emails only go to sysadmin-main. I'd really prefer that to
> stay that way. We do get emails with passwords or the like... (bounces
> from fas accounts that have invalid emails, etc)
Sorry I meant cron and other emails that various people get that they
don't know why
>> > 2. I'd like to allow apprentice folks to look at logs on log02.
>> > Currently this is just sysadmin-main and -noc. Can anyone think of
>> > anything we log that might be too sensitive for this? We shouldn't
>> > be logging any passwords (although I can look). I'd also like to
>> > make sure all the logs on log02 are ro to everyone (but main).
>> > Currently many of the directories there are writable for sysadmin
>> > group, which seems wrong to me.
>> Passwords creep into the logs every now and then. The usual is that
>> someone tries to login with their password. Sorry about the write on
>> group, I thought i fixed that a while ago.
> Yeah, I'll go look thru logs and see if there's anything there that
> looks problematic. We might be able to just have the system log ones
> readable, but leave the httpd ones closed up (those would be the only
> ones that might have passwords I would think).
Hmmm I thought the httpd ones were more open
> infrastructure mailing list
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Let us be kind, one to another, for most of us are fighting a hard
battle." -- Ian MacLaren
infrastructure mailing list