Re: [expert] hostname questions (again)

[Tom Strickland]

On Fri, Jun 29, 2001 at 08:17:10AM -0700, Rusty Carruth wrote:
> Tom Strickland <[EMAIL PROTECTED]> wrote:
> > Hmmm - sounds great for my home machine, but not so great for the
> > charity. The idea is to set up a minimum administration system so that
> > an administrator is only needed to check the logs periodically and
> > patch the system. Backup, user admin, mail - nearly everything else
> > needs to be admin'd by the secretary. This is one area where Win NT
> > still manages to do a little better, but I'm not letting that back on
> > our server.
> 
> I was originally not going to send this to the entire list until I
> realized that someone may know of other differences than I have
> thought of.

> On the admin side:
> 
> 1 - You may want to set up sudo scripts to perform tasks like adding users
> and so forth.

On my todo list, certainly.

> 2 - Think about who you really want to handle bounce messages (ok, I suppose
>       this is more of a problem for smart smtp servers, but not much more,
>       as people would be getting bounce messages anyway, its just that the
>       ADMIN can get them too if you are the smart smtp server)

Yes - this is part of my (growing) todo list. One person gets all
bounces and re-routes them if necessary. A list of rules needs to be
written so as to decide what to do with various bounces.

> 3 - Same goes for other admin email - I assume you all are training the
>       secretary which ones can be filed and which need 'professional
>       help' ?

Yes - the secretary and information officer will share the admin roles
with clear divisions of responsibility.

> 4 - What part of backup is going to be admin'd by the secretary?
>       I'd think you'd set it up so that they just have to change
>       tapes? (And perhaps add or remove items from the 'things to
>       back up' list)

Brief: mainly changing the tapes.
Longer: To make things simple a full backup will be done every night
(working days). Training will be given in simple file recovery. We're
currently deciding between Amanda and Arkeia. If I can help it, I'd
prefer Amanda. One large tar or dump to tape seems more recoverable in
the event of mild corruption than Arkeia's propietary format. OTOH,
Arkeia has a pretty front-end that is more friendly to non-techies.

> 5 - Same for user admin - I assume you just mean being able to add
>       and remove users? I've never needed this, but I suggest sudo
>       (e.g. to allow the secretary to run 'useradd' or 'adduser')
>       (You may not want this on  your firewall!)

Since we're a small-ish branch (of the national charity MIND) we've
just got the one computer for firewall, internet gateway, Samba, web,
mail, database and backup. Fun. Some phrase containing the words 'egg'
and 'basket' is hovering at the edge of my mind, but I can't quite
make it out :-) So far the budget hasn't even stretched to RAID and
we've only just bought the tape drive - I had to waive my costs to
afford a nicer model: DDS4 - if only we could have stretched to DLT.

Anyway, I'm going to use sudo for this. If I could just unify all the
password schemes... We'll be using wwwoffle (dialup http proxy) but
I'd consider changing to Squid if Squid's auth uses PAM. wwwoffle
stores passwords in the clear in its conf file. Not good.

> 6 - Again, same for mail admin.  Are you thinking just for adding
>       and removing mail users?  Or do you have a mailing list (or
>       more)?  An awful lot can be done with scripts (shell, perl,
>       awk, sed, whatever ;-) that you allow certain folks (i.e. the
>       secretary) to run using sudo.

Thankfully, no mailing lists at the moment. We just need to add/remove
users. To be honest, if I can get the scripts right and write the docs
in time, I'd like to dump Webmin on the principle that I wouldn't need
it and it's just one more network vulnerability.

>       But in any case, consider whether you want your mail server to
>       also be your firewall (I actually am beginning to think that I
>       hope its not ;-), and whether the accounts need to actually be
>       ON the mail machine (so the mail 'lands' there) or on the
>       user's machines (so that the mail 'pauses' on your mail
>       machine but 'lands' on each user's machine - this is probably
>       NOT what you want, but I thought i'd mention it anyway).

Here's the plan: use Postfix for MDA and Cyrus IMAP. Both provide SASL
facilities to authenticate users so I can authenticate incoming and
outgoing mail. IMAP's important - I try to force users to store
everything on the server. It's more secure and easier to backup
If anything goes wrong, it's usually been one of the Windows machines
and they're not the most secure place for confidential docs anyway!
When I changed the My Documents link to point to H: (home share) and
told staff that from now on their computer could be wiped with little
or no notice, everything started getting kept on the server. If I keep
mail on the server too, then that's a security worry and a backup
worry gone.


Thanks,
Tom