[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SEUL-Leaders: Bunch 'O Stuff

To: seul-leaders@txcc.net
Subject: SEUL-Leaders: Bunch 'O Stuff
From: Erik Walthinsen <omega@aracnet.com>
Date: Sun, 06 Jul 1997 20:29:32 -0700
Reply-To: seul-leaders@mail.txcc.net
Sender: owner-seul-leaders@mail.txcc.net
Juhana and I were chatting on IRC for a couple hours and came up with a lot 
of stuff:

1) IRC meeting for seul-leaders - How about the following times:

6pm PST - Omega
8pm EDT - Luka
9pm CDT - Cyber
8am EET - Juhana

If this will work, let's try to meet fairly often.  Juhana and I will be 
there Monday evening (*my* 6pm), so if you can make it, join us.

What schedule this will take (weekyl, bi-weekly, every day, etc.) needs to 
be decided, as does the structure/format of the meeting (free-form vs. agenda,
moderated vs. not, etc.).


2) cran environ:

We've tested this and found that it works, FWIW:

/home/seul - home for all that's SEUL, basically bin and cvsroot
seul user - this user's tied with /home/seul, but doesn't really own much
seul-admin group - group that all the seul-leaders people are in
seul-dev, seul-dev-install, etc - groups for each dev team

Here's how it works:

The owner for each file is the person who created it.  This may be changed, 
but I'll get to that a little further down.

The group for each file matches the owning development team.  We'll have 
groups for seul-dev (maybe), seul-dev-install, seul-dev-base, seul-apps, 
seul-apps-*, etc.

World permissions are considered to be SEUL global permissions, since cran is 
dedicated to SEUL (assuming I didn't miss anything... :).


There are a couple reasons for the seul user.  First, it gives some kind of 
neutral ownership to the main directory and associated files.  Second, it 
provides a sane framework for maintenance tasks.  And third, it provides a 
user to match with the seul user on the seul.txcc.net for file transfers 
(specifically, public_html stuff)

Everyone in seul-admin could have the password to the seul user, though that 
shouldn't really be necessary.  Only a few people actually writing/
maintaining the operational scripts/binaries will need it.  Juhana and I have 
tested things, and as long as we are careful about the setgid bit for 
directories (namely that it stays set), everything works cleanly.

The one thing missing, that I will attempt to write, are copies of chmod, 
chown, and chgrp that use access files.  Currently anything that I create in, 
say, /home/seul/bin, will be owned by me, group seul-admin (assuming /home/
seul/bin has it's setgid bit set).  The ability to allow certain people to 
chown to certain users in certain places would be quite useful, as I can then 
deal with some of the stickier issues involved in scripting the automated 
stuff without resorting to ugly hacks, i.e.:

su seul;cp $1 $1.new;su omega;rm $1;su seul;mv $1.new $1

As far as the workings of CVS in a many-developer environment, there are ways 
to set up locking, when coupled with known human proceedures.  There are also 
mechanisms to watch files.  A very good use for this would be to allow coders 
to mark files group-writable, but require that they approve of changes to 
their file before they're checked in.  I think CVS can prevent a checkin from 
*actually* happening to allow time for manual conflict resolution.  From the 
reading I've done in the past 10min, it looks even better than that...  More 
to come when I'm done 
reading...


3) Who gets accounts on cran?  Everyone working on the project?  That would 
make the most sense, because handing out accounts to only people working would 
become an administrative nightmare.  "But I need to edit that file, xyz gave 
me permission!"  "OK, let's get you an account *too*..."  Besides, that way 
everyone gets a similar e-mail address, so everyone only needs to remember 
the username, not the entire address. (I know, details, but details are what 
kills things)


4) If we can get a stable ACL filesystem on cran, we should use that.  
Combined with decent procedures, that would make things ultimately easier to 
administer.


Now stuff I've been thinking about:

5) Back to CVS, we're going to need something that's been developed at 
Sequent: the CCS God (ccs is a custom version of rcs we use there).  Someone
who has complete control over the CVS system.  At Sequent I think it's 
restricted to the control files, but it would be good in our hierarchical 
environment to allow the CVS Gods (at least two, for timezone and 
availability coverage) complete ownership and mode control.  If I can set up 
a ch??? suite with a config file similar to sudo's (luka: /home/omega/
sudo-*.rpm), creation of CVS God privileges is trivial.  If not, we'd have to 
make the /home/seul tree something that can be chroot'd to as root via sudo 
so work can be done.  Ugly.


6) Beg for hardware - When cran and seul.txcc.net are announced as 
operational systems (roughly a week from now?), should I mention the hardware 
and tell everyone to contact me if they have hardware they can donate to the 
systems that will upgrade them?  It won't take much to get more power in 
them, since they're both starting out a little low on the bogomips, and cran 
is going to get a lot of load on it...


7) I'm going to try to write a script to do IRC log conversion into HTML and 
get the IRC log so far on the web.  Also, we should try to set up the SEUL 
Bot on cran as a 24x7, ideally logging right into a named pipe, through the 
log converter and right to disk, either updated often to txcc.net, or NFS 
mounted once we get seul.txcc.net running.

NFS would be insecure, but there are a few possibilities: TCP-based NFS, NFS 
via pppd through ssh, and the VPN code I have that *almost* works.  The VPN
creates a point-to-point or multipoint network using TCP sockets as the
medium, instead of Ether and T1's.  Everything going through it wedges with
too much load, but if that can be fixed, we can add crypto and compression to
make a nice virtual network from cran to seul.



I'm off to read the CVS docs (on to branches - what fun!), so I'll TTYL, 
probably in IRC tomorrow evening.

TTYAL,
     Omega

        Erik Walthinsen - Programmer, webmaster, 3D artist, etc.   __
  __                                                              / /\
 /  \           omega@sequent.com         Work: (503)578-5314    / /  \
|    | M E G A  omega@aracnet.com         Home: (503)281-4281   / / /\ \
_\  /_          psu12113@odin.cc.pdx.edu  Majoring in CS       / / /\ \ \
                                                              / /_/__\ \ \
Omega Station: http://www.aracnet.com/~omega/                /________\ \ \
     Info on Linux, Graphics, Descent, Laptops, etc.         \___________\/


----------------------------------------------------------------------------
Simple End User Linux Leader Mailing list
----------------------------------------------------------------------------
Follow-Ups:
- Re: SEUL-Leaders: Bunch 'O Stuff
  - From: Luka@pop3.aracnet.com (Peter) <luka@mit.edu>
Prev by Date: SEUL-Leaders: Oragnization
Next by Date: Re: SEUL-Leaders: Bunch 'O Stuff
Prev by thread: SEUL-Leaders: Oragnization
Next by thread: Re: SEUL-Leaders: Bunch 'O Stuff
Index(es):
- Date
- Thread