3:57 p.m.
A few months ago It was asked on infra@ about how the group should go about building up
trust so you all would feel comfortable handing out e.g. ssh and sudo access to servers.
Since there is someone activity (me) asking seeking to help and would need that access I
guess this is a good time to bring up the question again.
Thanks
Robert
4 p.m.
New subject: How to go about building up trust?
Sorry I forgot to include the subject line?
On 06/21/2012 04:57 PM, Robert Middleswarth wrote:
A few months ago It was asked on infra@ about how the group should go
about building up trust so you all would feel comfortable handing out
e.g. ssh and sudo access to servers. Since there is someone activity
(me) asking seeking to help and would need that access I guess this is
a good time to bring up the question again.
Thanks
Robert
_______________________________________________
Infra mailing list
Infra(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/infra
7:45 a.m.
New subject: How to go about building up trust?
On Thu, Jun 21, 2012 at 05:00:31PM -0400, Robert Middleswarth wrote:
Sorry I forgot to include the subject line?
On 06/21/2012 04:57 PM, Robert Middleswarth wrote:
>A few months ago It was asked on infra@ about how the group should
>go about building up trust so you all would feel comfortable
>handing out e.g. ssh and sudo access to servers. Since there is
>someone activity (me) asking seeking to help and would need that
>access I guess this is a good time to bring up the question again.
I am not aware of any other trick beyond building up reputation. Your
personal involvement in the project goes a long way to prove that you
indeed care for it.
However, I do not know to quantify how much reputation would one need to
get a root access, a permission that is very easy to abuse and very hard
to take away.
Another important issue beyond trust is NEED. Do you really need full su
access? I personally do not have such an access, and have to ask
for every little host tweak specifically.
Dan.
11:17 a.m.
New subject: How to go about building up trust?
On 06/22/2012 08:45 AM, Dan Kenigsberg wrote:
On Thu, Jun 21, 2012 at 05:00:31PM -0400, Robert Middleswarth wrote:
> Sorry I forgot to include the subject line?
>
> On 06/21/2012 04:57 PM, Robert Middleswarth wrote:
>> A few months ago It was asked on infra@ about how the group should
>> go about building up trust so you all would feel comfortable
>> handing out e.g. ssh and sudo access to servers. Since there is
>> someone activity (me) asking seeking to help and would need that
>> access I guess this is a good time to bring up the question again.
I am not aware of any other trick beyond building up reputation. Your
personal involvement in the project goes a long way to prove that you
indeed care for it.
Agreed there is some subjective aspects to it.
However, I do not know to quantify how much reputation would one need
to
get a root access, a permission that is very easy to abuse and very hard
to take away.
I agree as well.
Another important issue beyond trust is NEED. Do you really need full
su
access? I personally do not have such an access, and have to ask
for every little host tweak specifically.
Dan.
Well that is a good question. I have the same issue in my company were
we know the people. We have to balance access and need. Some times
that need lets someone have root access to a certain system but most of
the time we just put the pieces together.
From my understanding there are 3 core servers and a few Jenkins slaves
involved right now. The webserver/listserver/wiki/kitchen sink box,
Gerrit, and Jenkins. So access to one server gives you access to just
about everything. So you are right root access shouldn't be given to
just anyone. But the current team of people who have access aren't
doing it full time and I wouldn't expect the project to have people
doing it full time. The question is and it was purposed by quaid once
you have someone that you feel has the reputation to be given access
what kind of process should they go though. Not saying I have hit that
stage yet. I would assume at a min we would need to confirm they
exist. Example have a phone and a mailing address so we are sure we
have legit person not someone pretending to be someone else. Do we
require a face to face with an existing member to show a Driver
License? It is the old web of trust question. How do you trust someone
on the Internet. Answer you don't unless you verify them off-line in
some way.
Thanks
Robert
11:34 a.m.
New subject: How to go about building up trust?
Hi,
On 06/22/2012 02:45 PM, Dan Kenigsberg wrote:
I am not aware of any other trick beyond building up reputation.
Your
personal involvement in the project goes a long way to prove that you
indeed care for it.
The difficulty with something like access to servers is that if you
don't have permission to do damage, you also can't do much good :)
How do you go from unknown and untrusted to known? In code, you get it
by checking out the project, compiling it, making changes and submitting
those changes for review.
In Maemo, all of the source code for the website was in revision
control, and in theory someone could check it out and use a sample data
dump to get something like the website working locally, and then create
and propose patches against that. In reality, no-one really did that,
our website was a little too complicated. But we still got things like
CSS patches against the website.
With something like Puppet, we could conceivably publish all of the
configuration files for services and ask for patches for new features -
Wikipedia just opened up their infrastructure this way.
But really there's no substitute to giving someone (once you do a
rudimentary check of their credentials) some server space where they
can't do any harm to anyone else, and evaluate how they manage when
administering a service that is under consideration. If we have the
facilities to spin up half a dozen "test service" VMs, that would be
perfect. Someone like Robert could administer some service (say, an
alternative Gerrit install or whatever), and then the sysadmins could
check out how it's set up, whether it scales, integrate it into any SSO
set-up that's there, whatever.
However, I do not know to quantify how much reputation would one need
to
get a root access, a permission that is very easy to abuse and very hard
to take away.
Another important issue beyond trust is NEED. Do you really need full su
access? I personally do not have such an access, and have to ask
for every little host tweak specifically.
That might be fine. There are a lot of things you can do without root
access. Perhaps not without shell access :) I can't help thinking that
some kind of sandbox which could be for staging new services or testing
upgrades would be the ideal place to allow people to gain trust
progressively - first by getting shell access and permissions to
configure one service, for example, and eventually, as they need and
earn it, root access.
Cheers,
Dave.
--
Dave Neary
Community Action and Impact
Open Source and Standards Team, Red Hat
Phone: +33 9 50 71 55 62
12:04 p.m.
New subject: How to go about building up trust?
On 06/22/2012 12:34 PM, Dave Neary wrote:
Hi,
On 06/22/2012 02:45 PM, Dan Kenigsberg wrote:
> I am not aware of any other trick beyond building up reputation. Your
> personal involvement in the project goes a long way to prove that you
> indeed care for it.
The difficulty with something like access to servers is that if you
don't have permission to do damage, you also can't do much good :)
How do you go from unknown and untrusted to known? In code, you get it
by checking out the project, compiling it, making changes and
submitting those changes for review.
In Maemo, all of the source code for the website was in revision
control, and in theory someone could check it out and use a sample
data dump to get something like the website working locally, and then
create and propose patches against that. In reality, no-one really did
that, our website was a little too complicated. But we still got
things like CSS patches against the website.
With something like Puppet, we could conceivably publish all of the
configuration files for services and ask for patches for new features
- Wikipedia just opened up their infrastructure this way.
But really there's no substitute to giving someone (once you do a
rudimentary check of their credentials) some server space where they
can't do any harm to anyone else, and evaluate how they manage when
administering a service that is under consideration. If we have the
facilities to spin up half a dozen "test service" VMs, that would be
perfect. Someone like Robert could administer some service (say, an
alternative Gerrit install or whatever), and then the sysadmins could
check out how it's set up, whether it scales, integrate it into any
SSO set-up that's there, whatever.
I have done in in-house by given people access to the staging / testing
servers then having more trusted people push to production. You can
always clone production to create a new testings box but from what I can
tell ovirt hasn't gotten to that point yet. There have there kitchen
sink server, Gerrit, Jenkins, and Jenkins slaves. All changes are
current on the live box. And to be honest for the current project size
this makes some since why pay double the cost of having a testing
environment. The project would be better off using money like that for
having more jenkin slaves to better testing.
> However, I do not know to quantify how much reputation would one
need to
> get a root access, a permission that is very easy to abuse and very hard
> to take away.
>
> Another important issue beyond trust is NEED. Do you really need full su
> access? I personally do not have such an access, and have to ask
> for every little host tweak specifically.
That might be fine. There are a lot of things you can do without root
access. Perhaps not without shell access :) I can't help thinking that
some kind of sandbox which could be for staging new services or
testing upgrades would be the ideal place to allow people to gain
trust progressively - first by getting shell access and permissions to
configure one service, for example, and eventually, as they need and
earn it, root access.
Cheers,
Dave.
A shell and limited sudo access might be a good place to start.
Wouldn't be able to fix everything but might be able to help in area's
were the current group isn't strong or able to fix some outage problems.
Thanks
Robert
3:53 p.m.
New subject: How to go about building up trust?
On 06/22/2012 01:04 PM, Robert Middleswarth wrote:
>
A shell and limited sudo access might be a good place to start.
Wouldn't be able to fix everything but might be able to help in area's
were the current group isn't strong or able to fix some outage problems.
+1, I also think it is time for us as a project to start taking steps
to start bringing those into the project who have be around awhile and
are know quantities. generally I would advise that we are a little more
lenient mature the procedures as the project matures.
Carl.
12:51 p.m.
New subject: How to go about building up trust?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 06/22/2012 05:45 AM, Dan Kenigsberg wrote:
On Thu, Jun 21, 2012 at 05:00:31PM -0400, Robert Middleswarth
wrote:
> Sorry I forgot to include the subject line?
>
> On 06/21/2012 04:57 PM, Robert Middleswarth wrote:
>> A few months ago It was asked on infra@ about how the group
>> should go about building up trust so you all would feel
>> comfortable handing out e.g. ssh and sudo access to servers.
>> Since there is someone activity (me) asking seeking to help and
>> would need that access I guess this is a good time to bring up
>> the question again.
I am not aware of any other trick beyond building up reputation.
Your personal involvement in the project goes a long way to prove
that you indeed care for it.
The model I started following initially here is from Fedora
Infrastructure, where they start new contributors with:
* Addition to nagios monitoring system aka firehose of system alerts
that clues you in to what things happen, what you might be able to fix.
* ssh access to the bastion host.
* ssh access to the server group you are interested in - build system,
web servers, etc. - but no sudo access.
* View in to configs in Puppet.
With that a competent person can prove competency, not do any harm,
not see anything secret, but be able to diagnose and offer solutions
(even patches).
I've imagined us doing something similar here, but it will take some
effort to get that in place. Splitting services up will help. Itamar
and I are working with Red Hat IT to get more VMs in a few months,
primarily for Jenkins hosts, but I want a few to do a proper split of
our infra from all-in-one-kitchen-sink. :)
However, I do not know to quantify how much reputation would one
need to get a root access, a permission that is very easy to abuse
and very hard to take away.
Another important issue beyond trust is NEED. Do you really need
full su access? I personally do not have such an access, and have
to ask for every little host tweak specifically.
The topic is less about how to serve the developer needs, who should
just be able to ask infra@ or a ticket system.
This topic is about how to build up trust toward more access and
ability to affect change for people who are interested in taking
responsibility for oVirt's infrastructure.
- - Karsten
- --
Karsten 'quaid' Wade, Sr. Analyst - Community Growth
Red Hat Open Source and Standards (OSAS)
http://TheOpenSourceWay.org
@quaid (identi.ca/twitter/IRC) | gpg: AD0E0C41
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iD8DBQFP5LCd2ZIOBq0ODEERAiZ9AJ0cJJ7qgW/DBm5RdhcE9K1v7msnbACgghxK
jy6Z7xGxT/IPuXZzWGFIgqE=
=XDJe
-----END PGP SIGNATURE-----
4531
days inactive
4532
days old
7 comments
5 participants
participants (5)
-
Carl Trieloff -
Dan Kenigsberg -
Dave Neary -
Karsten 'quaid' Wade -
Robert Middleswarth