Re: (long reply) Re: NM saga (all of it - Joey, this means you)
On Mon, Jan 15, 2001 at 07:39:05PM -0700, Jason Gunthorpe wrote:
> It is conceivable to create a new class of people who are not DAM but,
> are at the end of the new-maintainer pipe. These folks would not have
> root, just the ability to create accounts.
fine. the method in which it is done is not terribly important. the
important thing is that it is done at all.
seeing as all debian machine accounts are in LDAP now, there is no need to
give all the DAMs root access. just write access to (parts of) the LDAP
> But just building, securing and testing the software to do that would
> take months.
scripts which allowed certain people to add accounts and logged every
action would not be terribly difficult. the important thing would be to
keep a record of every action, when it was done and who did it.
if someone can't be trusted that much then they can't be trusted to be
DAM at all.
> As for the notion that there is a wealth of people who can do this job..
> It has been my observation that generally the longer someone is in Debian
> the less time they have for Debian.
that's a major problem when there's only one or two people to do a job.
it's not a problem when there are half a dozen or so.
gotta go, taxi has harrived...heading off to linux.conf.au now.