On 8/4/2021 11:03 PM, Michael Niedermayer wrote:
>>
>> * There is no public documentation on:
>>     * Who owns the physical infra.
> 
> its all donated one way or another IIRC, 
> I am a bit hesitant to post a names who provide the servers in public
> for the main server i think its all on the mailing list. Our fate
> machiene is seperate and provided and payed for by a FFmpeg developer
> Theres also a server hosting backups, that reminds me that the backups
> should be tested. That requirres a volunteer probably

I don't think we need to post people's names, but we genrally do
keep things open here, so I assumed the intent should be the same.
Reimbursements, funds, hardware, etc. are all posted here.

It does seem somewhat suspicious to me that people providing servers
to us for free would not want others to know who they are. Maybe I am
paranoid...

>>     * Where it is located or who hosts it.
> 
> traceroute ffmpeg.org points to telepoint.bg

OK.

I hope the admins have a direct contact there in case of issue.
>>     * Who has admin access and how to contact them.
> 
> project server line in MAINTAINERS file, not everyone is active but even 
> inactive
> ones can help in an emergency potentially

I more meant: Is that list an exhaustive / complete list of who has
access on the servers? If so, apologies. It is not clear to me if it is.
Honestly, mostly due to it being unclea who the owners / hosters are and
if they have access.

>>     * Any way to audit admin access.
> 
> What do you mean by "audit admin access" ?

A way to know accessed the server and when, should anything bad happen and
who has access - that cannot be deleted locally by someone with root. Especially
on the git server.

I may have made a bad assumption here if this is already in place. Apologies if 
so.
To my knowledge, it isn't, though.

>>     * Who to contact in case of issues.
> 
> r...@ffmpeg.org and if that doesnt work the people listed in MAINTAINERS
> directly via mail or IRC or if you know phone# and its critical SMS

I will add this to developers.texi. I didn't even know that email existed.

(I won't add the SMS part.)

>> * There is no monitoring of infra at all. Stuff does down for hours and it
>>   doensn't get fixed until somene figures out who to poke so they can 
>> manually
>>   fix it.
> 
> Its a open source project, setup some monitoring and make it tell admins

Monitoring should be on the infra side, not user side, ideally.

>> * There is no auto-restat after crashes.
> 
> thats not true. Many daemons do auto restart, some do not because thats how
> their defaults are. There are security implications with auto restarting and
> for the case where it happened (a out of memory issue) auto restart would not
> have solved it

I do not agree there are legitimate security issues with autorestarting that 
are big
enough to outweight the benefits, but we can agree to disagree here... I won't
push it further.

>> * Nobody is forthcoming with logs to help debug the issue, if there even are
>>   logs, and if we even know who has access. See point one. We are totally 
>> reliant
>>   on what the admin thinks it may be.
> 
> I posted some logs now. And yes i avoid posting logs because it provides alot
> of details about the servers configuration. Such details can be useful to an
> attacker. Also there can be privacy issues with posting logs

Fair, I suppose, re: server config. I don't think we should have needed that
info included, though.

For privacy, at least, you have my explicit permission to post logs
pertaining to my emails. 


> All this said, the truth with open source projects probably is as long as
> it works well enough noone volunteers to help. 

This is true. You can consider this me volunteering to help if you need it
somewhere.

> ALso we seem to fail in quickly informing all the admins on an issue
> maybe we should setup a mail alias / forwarding thingy elsewhere than
> ffmpeg.org so the admins can be reached when the server is down

This is not a bad idea, but good documentation in developers.texi about
who to contact and when (even saying look in MAINTAINERS) is probably a
good start.

- Derek
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Reply via email to