FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora/Linux Management Tools

 
 
LinkBack Thread Tools
 
Old 11-26-2007, 08:51 PM
Michael DeHaan
 
Default Thoughts on Cobbler authorization/authentication and access levels in your organization?

Jack Neely wrote:

Michael,

Here at NCSU I have an existing provisioning system that generates
kickstarts based on a set of "keyword [value [value...]]" rules. We'd
like to continue to use that as it works well for us...and it integrates
with Cobbler well.

So given that, admins already have the ability to control/alter their
profiles in a defined way that scales well and lonely me can support.


What I'd like from Cobbler is the ability for a select few admins (like
me) to be able to setup all the bits to make Cobbler distros/profiles
etc. work.


Normal admins should be able to associate a MAC address with a profile
and remove said MAC. Actually, it would be great if an admin could
associate a hostname/IP address with a profile and Cobbler would run a
plugin to translate that into a MAC.



One of the things I thought about doing was creating a simpler page to
just edit a systems mapping.


Login would work as before, but the page could be as simple as what you
mentioned above, a dropbox,

and an ok button. CLI equivalents should work too...

Groups of admins as well. Any admin can modify MAC->profile of any
other admin provided both are in the same group.

Authentication via kerberos (PAM probably) authorization done by auto
generated groups of admins (a plugin)?


Sounds reasonable.

Okay...some half-baked ideas about how I see a workflow here. If you
have questions please feel free.



Thanks! I've got some good feedback so far, so I'll try to summarize
findings/plans shortly.
If anyone else wants to share their thoughts on how they'd ideally like
their site to work, please do.

Jack Neely



_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@redhat.com
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
 
Old 11-29-2007, 02:27 PM
Michael DeHaan
 
Default Thoughts on Cobbler authorization/authentication and access levels in your organization?

Jack Neely wrote:

Michael,

While things are floating across my mind...

I know I've heard mention of a SQL backend for the configuration.
That's pretty much a requirement for me as I need to duplicate the
service (2 boxes) for that disaster recovery policy. My shared storage
is AFS (mostly) which..well..likes to eat files that two servers/people
are editing at the same time. And bdb just falls on its face. Who
needs POSIX?



I haven't been all that happy with the bdb/gdb/shelve prototype module
myself, namely, I've seen it

glitch once and that makes me not trust it.

While I was hoping to get out of schema writing/updating, it seems
that's going to be important.


Thanks for bringing this up again... I'll resurrect plans in that area.

--Michael



_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@redhat.com
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
 

Thread Tools




All times are GMT. The time now is 05:04 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org