[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] [90] more about shell access, sv people update
From: |
karl |
Subject: |
[Savannah-cvs] [90] more about shell access, sv people update |
Date: |
Thu, 03 Jul 2014 21:35:04 +0000 |
Revision: 90
http://svn.sv.gnu.org/viewvc/?view=rev&root=administration&revision=90
Author: karl
Date: 2014-07-03 21:34:52 +0000 (Thu, 03 Jul 2014)
Log Message:
-----------
more about shell access, sv people update
Modified Paths:
--------------
trunk/sviki/HowToBecomeASavannahHacker.mdwn
trunk/sviki/SavaneRewrite.mdwn
trunk/sviki/SavannahCountryRestrictions.mdwn
trunk/sviki/SavannahHacker.mdwn
trunk/sviki/SavannahTeam.mdwn
trunk/sviki/ShellAccess.mdwn
Modified: trunk/sviki/HowToBecomeASavannahHacker.mdwn
===================================================================
--- trunk/sviki/HowToBecomeASavannahHacker.mdwn 2014-06-30 22:53:47 UTC (rev 89)
+++ trunk/sviki/HowToBecomeASavannahHacker.mdwn 2014-07-03 21:34:52 UTC (rev 90)
@@ -1,3 +1,6 @@
+Contributing to Savannah
+------------------------
+
We need volunteers and look forward to your participation. This page is
about becoming a savannah hacker (i.e., a savannah website
administrator) and help savannah.
@@ -31,21 +34,22 @@
<mailto:address@hidden>
and one of the current savannah hackers will answer as quickly as
possible. Please also include a bit about your background with free
-software, GNU, Savannah, or whatever else may be relevant.
+software, GNU, Savannah, or whatever else may be relevant. And your
+savannah account name.
-Another solution is to post a pastebin
-(<http://pastebin.com/>) of your answer and the
-number of the task on irc (server: freenode, channel \#savannah) and
-wait for a savannah hacker's answer.
-
When accepted, you will be made an administrator of the administration
project, which will enable the "Become Superuser" option in the
-left-hand menu.
+left-hand menu. Then you can approve projects and do many other things
+through the web interface. Please explore.
-Working on Savannah Internals
+Working on Savannah internals
-----------------------------
The above is about helping as a Savannah administrator via the web
interface. If you are willing and able to hack on the Savannah (Savane)
-implementation itself, at the shell/sysadmin level, see the
-[[SavaneRewrite]] page.
+implementation itself, at the shell/sysadmin level, please essentially
+do the same as the above with one of the open [support
+requests](http://savannah.gnu.org/support/?group=administration).
+
+When accepted, some info about getting in at the shell level is at
+[[ShellAccess]].
Modified: trunk/sviki/SavaneRewrite.mdwn
===================================================================
--- trunk/sviki/SavaneRewrite.mdwn 2014-06-30 22:53:47 UTC (rev 89)
+++ trunk/sviki/SavaneRewrite.mdwn 2014-07-03 21:34:52 UTC (rev 90)
@@ -1,8 +1,23 @@
-We're rewriting Savane! [Well, "we", meaning Sylvain B and colleagues,
-were, years ago. There is no active rewrite nowadays (written 2013, but
-true for a long time now). The "administration" project on Savannah is
-the only one with live files.]
+Rewriting Savane
+----------------
+Savane is the base software which both savannah and gna.org used, at one
+point, due to Sylvain Beucler's efforts. Nowadays, Savannah is
+effectively forked; we don't try to incorporate patches from the
+original Savane, which isn't actively being developed, anyway. The
+"administration" project on Savannah is the only one with live files.
+
+However, Sylvain and others have undertaken various efforts over the
+years to rewrite Savane. Currently (2014), Sylvain has a project to
+rebase it on fusion forge. I (Karl) believe that he plans to switch
+gna.org. Whether savannah will follow suit is yet to be determined.
+
+Past rewrite
+------------
+
+I (Karl) believe this is obsolete, per the above, but retaining for
+whatever historical purpose it may serve.
+
Video: [talk at LSM](http://videos2010.rmll.info/a-new-savane.html) -
[mirror](http://vimeo.com/14640040)
@@ -40,15 +55,3 @@
> - Or, try cd tests/minimal\_configs/ && make install, as mentioned
> in the INSTALL file.
> - Or, try checking out the new code and read the INSTALL file.
-
-We're looking for help! If you are a:
-
-> - Python coder
-> - Web designer
-> - Translator
-
-We'd like you to join this effort to make Savannah the best Free forge
-:).
-
-Contact: write to <mailto:address@hidden> or
-join \#savannah on irc.oftc.net .
Modified: trunk/sviki/SavannahCountryRestrictions.mdwn
===================================================================
--- trunk/sviki/SavannahCountryRestrictions.mdwn 2014-06-30 22:53:47 UTC
(rev 89)
+++ trunk/sviki/SavannahCountryRestrictions.mdwn 2014-07-03 21:34:52 UTC
(rev 90)
@@ -1,4 +1,4 @@
-Question
+Question about restricting access per country
--------
I noticed that SourceForge and Google code both are blocking access to
Modified: trunk/sviki/SavannahHacker.mdwn
===================================================================
--- trunk/sviki/SavannahHacker.mdwn 2014-06-30 22:53:47 UTC (rev 89)
+++ trunk/sviki/SavannahHacker.mdwn 2014-07-03 21:34:52 UTC (rev 90)
@@ -1,8 +1,7 @@
-A hacker hacking Savannah :)
+A hacker hacking Savannah :). Aka Savannah worker.
-That is, somebody contributing regularly on Savannah and with a good
-understanding of its architecture.
+That is, somebody contributing regularly on Savannah and (ideally) with
+a good understanding of its architecture.
-Savannah Hackers can be volunteers or FSF employees (sysadmins).
-
-See also SavannahApprentice.
+Savannah Hackers are mostly volunteers, with FSF employees (sysadmins)
+chipping in where and when they have time and interest.
Modified: trunk/sviki/SavannahTeam.mdwn
===================================================================
--- trunk/sviki/SavannahTeam.mdwn 2014-06-30 22:53:47 UTC (rev 89)
+++ trunk/sviki/SavannahTeam.mdwn 2014-07-03 21:34:52 UTC (rev 90)
@@ -1,43 +1,51 @@
-Savannah Hackers - volunteer administrators
--------------------------------------------
+Savannah hackers - active volunteer administrators
+--------------------------------------------------
-- [karl] - Karl Berry
-- [meyering] - Jim Meyering
-- [mjflick] - Michael J. Flickinger
-- [rwp] - Bob Proulx
+- [eliz] - Eli Zaretskii (emergencies)
+- [erk] - Eric Noulard (general)
+- [gray] - Sergey Poznyakoff (emergencies)
+- [jlledo] - Joan Lledo (project submissions)
+- [karl] - Karl Berry (general, not git)
+- [meyering] - Jim Meyering (emergencies)
+- [mjflick] - Michael J. Flickinger (emergencies)
+- [rgm] - Glenn Morris (bzr)
+- [rwp] - Bob Proulx (general, including git)
-FSF System Administrators
+FSF system administrators
-------------------------
-- [nico]: FSF sysadmin
-- [ward]: FSF part-time sysadmin
+- [lisam] - FSF sysadmin
-www.gnu.org translation coordinator - deals with translation teams project
submissions
---------------------------------------------------------------------------------------
+www.gnu.org translation coordinator - deals with translation teams
+------------------------------------------------------------------
-- [yavor] - Yavor Doganov
+- [ineiev] - Ineiev
-Inactive Savannah Hackers - contributed a lot in the past but are inactive
right now
-------------------------------------------------------------------------------------
+Inactive savannah hackers - contributed a lot in the past but are now inactive
+------------------------------------------------------------------------------
-- [alexshulgin] - Alexander Shulgin
-- [snoogie] - Jean-Michel Frouin
-- [beuc] - Sylvain Beucler
-- [bernie] - FSF sysadmin
-- [baughj] - FSF sysadmin
-- [jag] - Joshua Ginsberg: FSF sysadmin
-- [zeus] - Jonathan Gonzalez V.
-- [jbailey] - Jeff Bailey
-- [kickino]
-- [loic] - Loic Dachary
-- [rudy]
-- [StevenR]
-- [sp]
-- [tizzef]
-- [zerodeux] - Vincent Caron
+- [alexshulgin] - Alexander Shulgin
+- [baughj] - FSF sysadmin
+- [bernie] - FSF sysadmin
+- [beuc] - Sylvain Beucler
+- [jag] - Joshua Ginsberg: FSF sysadmin
+- [jbailey] - Jeff Bailey
+- [kickino]
+- [loic] - Loic Dachary
+- [nico] - FSF sysadmin
+- [rudy]
+- [snoogie] - Jean-Michel Frouin
+- [sp]
+- [stevenr]
+- [tizzef]
+- [ward] - FSF part-time sysadmin
+- [zerodeux] - Vincent Caron
+- [zeus] - Jonathan Gonzalez V.
+(et al.)
-#### subtopics:
+Related
+-------
-- [[RecruitingVolunteers]]
-- [[SavannahHacker]]
-- [[SavannahHackersCommunication]]
+- [[RecruitingVolunteers]]
+- [[SavannahHacker]]
+- [[SavannahHackersCommunication]]
Modified: trunk/sviki/ShellAccess.mdwn
===================================================================
--- trunk/sviki/ShellAccess.mdwn 2014-06-30 22:53:47 UTC (rev 89)
+++ trunk/sviki/ShellAccess.mdwn 2014-07-03 21:34:52 UTC (rev 90)
@@ -1,13 +1,16 @@
-Savannah does not provide general shell accounts, since running
+Shell access in general
+-----------------------
+
+Savannah does not provide shell accounts for users, since running
arbitrary commands is far too large an attack vector. We do use the
Unix login mechanism and [[SshAccess]] but only certain commands can be
-run to do, e.g., vc operations. Validation is done against the
-databases on internal.
+run to do, e.g., vc operations. (Validation is done against databases
+on internal.)
Savane distributes `sv_membersh`, a simple Perl script, that loads
another Perl script in /etc for configuration. Using a Perl script as a
-login shell may yeld some efficiency concerns. (But I think that is
-what we do on Savannah? --karl)
+login shell may yeld some efficiency concerns. However, this is what we
+currently do on Savannah; efficiency here has not been a problem.
Another tool is `rssh`
(<http://packages.debian.org/stable/net/rssh>).
@@ -20,23 +23,50 @@
it is not a good idea to use it (plus we'd have to patch the CVS
validation).
-I (Sylvain) think a good move is to use `sv_membersh` and to translate it
-to C if we think that can reduce the load. This has not been necessary.
+Shell access (as root) for Savannah workers
+-------------------------------------------
-Shell access for Savannah workers
----------------------------------
-Now, for those working on savannah, of course shell and root access is
-needed. Generally, the idea to date has been to log in directly as
-root, with your ssh keys installed in the necessary places. For most
-hosts, ssh has to go through fencepost or another known location, it's
-not open to the whole Internet.
+For those working on savannah itself (support requests, development,
+etc.), of course shell and root access is needed. Generally, the idea
+to date has been to log in directly as root, with your ssh keys
+installed in the necessary places. For most hosts, ssh has to go
+through fencepost.gnu.org or another known location, it's not open to
+the whole Internet.
-However, a few sv hackers like to have personal accounts on the servers.
-The best approach for this is to have it be completely separate from
-normal user-level savannah access. Here was the process for `luca` in
-April 2014:
+So, the best first step is to get ssh access to fencepost. If you don't
+have that already, see
+<http://www.gnu.org/software/README.accounts.html>. After that, an
+existing savannah worker can enable your access to savannah. (By adding
+the key to `mgt:/root/.ssh/authorized_keys` and running
+`mgt:/root/bin/push-root-authkeys`.)
+You may find it convenient to automatically proxy ssh through fencepost,
+along these lines:
+
+ Host mgt.savannah.gnu.org
+ User root
+ ProxyCommand ssh -qq fencepost.gnu.org /usr/bin/connect %h %p
+ Host dl.savannah.gnu.org
+ User root
+ ProxyCommand ssh -qq fencepost.gnu.org /usr/bin/connect %h %p
+ ...
+
+Beware of unintentionally trying to do normal vc checkouts as root.
+Understand what you're doing. [[SavannahArchitecture]] lists the
+various hosts.
+
+FYI, you can also log in to lists.gnu.org (as user list) from
+mgt.savannah.gnu.org; see [[ListServer]] for tasks that this is needed for.
+
+Shell access (as separate user) for Savannah workers
+----------------------------------------------------
+
+Some sv workers like to have personal accounts on the servers. The best
+approach for this is to have it be completely separate from normal
+user-level savannah access. Here was the process for `luca` in April
+2014:
+
0. Set up a normal account in the web interface to avoid someone later
claiming the name. But this should not be used for other purposes.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-cvs] [90] more about shell access, sv people update,
karl <=