Adding new admin members

Alexander Rydekull rydekull at gmail.com
Mon Dec 17 19:48:48 UTC 2012


Well, as I see it, you should have your different services documented, each
service could essentially have different kind of levels of access.
Depending on that service.

Isnt someone "responsible" for each service, they should be able to specify
what different levels they'd like to offer to different people.

- -

Regarding the point of "verifying" a user, I guess it'd be good to have
some sort of "mentorship" or "apprenticeship"-thing where someone will be
their contact person in the desired project/group they get involved with.
This person is responsible to approve/disapprove the new person. To verify
both their knowledge and wether or not they can be "trusted". Not that the
information in oVirt perhaps is something secretive but yeah, I think you
get it.

- -

Now, who has root? Well, essentially, this ought to be a very limited set
of users. Now, I've got lots of experience from organisations of different
sizes. And it truly goes the wrong way as the number of people with root
access increases. Mainly because some just arent knowledgeable enough to be
entrusted with such an access. They put the systems at risk all the time.
Which is bad.

- -

... Well, these are just my thoughts on the subject. I guess I fall into
the category of people that want to be accepted into the "infra team". But
still, the above is the basis I'd like to see in any organisation.


On Mon, Dec 17, 2012 at 4:13 PM, Karsten 'quaid' Wade <kwade at redhat.com>wrote:

> What should our process be for:
>
> * When a new person is interested in helping on the Infra team?
> * When that new person is ready for more more responsibility?
> * When that new person is now an experienced person and can be handed
> one or more root account accesses?
>
> Ideally we'll use sudo and groups to segment what people can do, so that
> means:
>
> * What are the logical groups we should make for sudo?
> ** One for each service we want to split out?
>
> - Karsten
> --
> Karsten 'quaid' Wade, Sr. Analyst - Community Growth
> http://TheOpenSourceWay.org  .^\  http://community.redhat.com
> @quaid (identi.ca/twitter/IRC)  \v'  gpg: AD0E0C41
>
>
> _______________________________________________
> Infra mailing list
> Infra at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/infra
>
>


-- 
/Alexander Rydekull
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/infra/attachments/20121217/02987519/attachment.html>


More information about the Infra mailing list