[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Tiered admins with cfengine / dual control
From: |
Adams, Russell L. |
Subject: |
Re: Tiered admins with cfengine / dual control |
Date: |
Thu, 13 Oct 2005 10:15:40 -0500 |
User-agent: |
Mutt/1.4.2.1i |
Actually, I use a module... I don't use copy, I download mine via
http.
However, it shouldn't be too difficult to separate out the sig check
step to work with a copy procedure.
What would happen is first you copy from central to a local cache, and
then do your sig check. If it passes, then you update your inputs
directory from the local cache.
Since I download a signed tarball, for a central copy it'd be easier
to create a single signed checksum file (ie: md5sum for everything in
your master inputs), and then check that file and its contents.
Russell
On Thu, Oct 13, 2005 at 08:06:15AM -0700, Martin, Jason H wrote:
> Could you provide some more details about your update script?
>
> -Jason Martin
>
> > -----Original Message-----
> > From:
> > help-cfengine-bounces+jason.h.martin=cingular.com@gnu.org
> > [mailto:help-cfengine-bounces+jason.h.martin=cingular.com@gnu.
> > org] On Behalf Of Adams, Russell L.
> > Sent: Thursday, October 13, 2005 8:04 AM
> > To: help-cfengine@gnu.org
> > Subject: Re: Tiered admins with cfengine / dual control
> >
> >
> > I sign my configs with gnupg, and my update script checks for
> > a valid sig before installing new config files.
> >
> > You could do the same things but require a dual signing.
> >
> > Russell
> >
> > On Thu, Oct 13, 2005 at 07:58:28AM -0700, Martin, Jason H wrote:
> > > Along the same lines, has anyone implemented a system such
> > that there
> > > is no one person capable of pushing out changes? I'm
> > talking about a
> > > system analogous to the nuclear missile keys that require 2
> > people to
> > > agree to launch.
> > >
> > > The scenario here is how would the college protect itself
> > from Jason
> > > Edgecombe, as a top-level SA, deciding to bring down the entire
> > > university infrastruture.
> > >
> > > CFE doesn't support this directly, but perhaps it could be
> > managed via
> > > a module. I'm thinking it'd have to be based on two
> > different master
> > > servers agreeing on a configuration, with discrepencies
> > causing CFE to
> > > fail into a internal-maintenance-only mode. Assuming that
> > each master
> > > server has a mutually exclusive set of root users, it'd have to be
> > > something that none of them could subvert on their own.
> > >
> > > Thank you,
> > > -Jason Martin
> > >
> > > > -----Original Message-----
> > > > From:
> > > > help-cfengine-bounces+jason.h.martin=cingular.com@gnu.org
> > > > [mailto:help-cfengine-bounces+jason.h.martin=cingular.com@gnu.
> > > > org] On Behalf Of Mark Burgess
> > > > Sent: Thursday, October 13, 2005 7:34 AM
> > > > To: Jason Edgecombe
> > > > Cc: help-cfengine@gnu.org
> > > > Subject: Re: Tiered admins with cfengine
> > > >
> > > >
> > > > On Thu, 2005-10-13 at 09:56 -0400, Jason Edgecombe wrote:
> > > > > Hi everyone,
> > > > >
> > > > > I work at a university, and we are currently using
> > cfengine in our
> > > > > college to manage some linux and Mac machines. In our
> > > > college, there are
> > > > > two admins including myself who are trusted and have total
> > > > control of
> > > > > the cfengine config.
> > > > >
> > > > > Using cfengine has been proposed as being adopted by the entire
> > > > > University for Mac administration. My concern is how do we
> > > > inherit the
> > > > > campus config and only let people in our college modify the
> > > > config that
> > > > > affects our machines.
> > > > >
> > > > > For example, I am in the College of Arts & Sciences and
> > I can only
> > > > > change the cfengine configs for machines in my college. The
> > > > college of
> > > > > Architecture would only have access to their machines,
> > but we both
> > > > > inheirt the changes pushed out by central IT.
> > > > > I simply want to limit the effects of accidental
> > changes made by
> > > > > different admins. It's not just newbieness that I'm worried
> > > > about. I
> > > > > don't have a full understanding of what my changes might do
> > > > to another
> > > > > college's computers.
> > > > >
> > > > > Basically, how can we partition the cfengine set up between
> > > > > admins,
> > > > > but
> > > > > still inherit a config from central it? Do we have to
> > use different
> > > > > cfengine servers for this?
> > > > >
> > > > > Thanks,
> > > > > Jason
> > > >
> > > > Hi Jason - you don't have to use different cfengine servers
> > > > for this, but you could, The way to inherit things is to use
> > > > overridable "includes". One way to organize the permissions
> > > > is to use CVS or subversion and put the different files in
> > > > different projects so that one needs permission to edit them.
> > > >
> > > > Mark
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > Help-cfengine mailing list
> > > > Help-cfengine@gnu.org
> > > > http://lists.gnu.org/mailman/listinfo/help-> cfengine
> > > >
> > >
> > >
> > > _______________________________________________
> > > Help-cfengine mailing list
> > > Help-cfengine@gnu.org
> > > http://lists.gnu.org/mailman/listinfo/help-cfengine
> >
> >
> > _______________________________________________
> > Help-cfengine mailing list
> > Help-cfengine@gnu.org
> > http://lists.gnu.org/mailman/listinfo/help-> cfengine
> >
- RE: Tiered admins with cfengine / dual control, Martin, Jason H, 2005/10/13
- Re: Tiered admins with cfengine / dual control, Adams, Russell L., 2005/10/13
- RE: Tiered admins with cfengine / dual control, Martin, Jason H, 2005/10/13
- Re: Tiered admins with cfengine / dual control,
Adams, Russell L. <=
- RE: Tiered admins with cfengine / dual control, Martin, Jason H, 2005/10/13