[nycbug-talk] A couple of security related questions
Tillman Hodgson
tillman
Mon Oct 4 15:33:58 EDT 2004
On Mon, Oct 04, 2004 at 02:09:17PM -0400, Dru wrote:
> That's a cool idea. Anyone either implementing this or seen it implemented
> out in the wild?
I've both seen it implemented and tried it myself.
It was somewhat unsatisfying because RCS is specific to the local
machine. So I went to CVS.
Which was somewhat unsatisfying because I still had to pull down changes
from each box rather than centrally push them out. So I implemented a
Kerberos realm and used ClusterIt to enable parallel network shells to
do maintenance with.
Which was still somewhat unsatisfying because I have a heterogenous
environment, and the various Unixen do not make centralized
configuration easy.
So I ended up at http://www.infrastructures.org/ and starting poking at
cfengine and other tools like that. The folks there have been working on
this very topic for a long time, and there's a lot of value in having
the dead-ends marked off with warning signs ;-)
Thinking about how to manage a large Unix-but-heterogenous environment
has been a hobby of mine for a long time. It's one of those problem
spaces with endless (and endlessly fascinating) complexity and the best
"90% solutions" are of the simple-and-elegant type. I'm the kind of Unix
geek that sees those types of solutions as a form of art, with their own
intrinsic beauty.
So ... yeah. Side-tracked. Heh.
-T
--
"Being generous is inborn; being altruistic is a learned perversity.
No resemblance."
-- Robert Heinlein
More information about the talk
mailing list