Bart Smaalders wrote:
> Garrett D'Amore wrote:
>
> > must support the various Big Rules (including auditable
> administration),
>
> I asked Gary this question, but he declined to answer:
>
> What project satisfies this big Rule today?
Um... passwd(1M), useradd(1M), bsmconv(1M), printmgr(1M),
domainname(1M), uname(1M)? I'm not going to sit and say that we have
everything perfect, but we should be able to do better for
administrators than offer only vi(1) or emacs based administration, and
we should be working to close gaps, rather than introduce new ones.
In particular, its not possible to audit, nor possible to control with
RBAC, the administration of such facilities.
> If my project introduced a config file in /etc/, how could I meet this
> big rule?
Add a CLI utility to administer the file contents. Don't rely on "vi"
as the only administrative interface.
>
> If we cannot articulate this, this isn't a rule - it's a vague wish
> that other people
> will do our work for us, and as such is _toxic_ behavior, esp. by
> sitting ARC
> members.
I think I just articulated how to achieve it. Do you disagree?
-- Garrett
>
> - Bart
>
>
>
