Difference between revisions of "ASS"
Jump to navigation
Jump to search
Line 27: | Line 27: | ||
==ASS Priorities== | ==ASS Priorities== | ||
− | (What ASSes should | + | (What ASSes should prioritize when using systems) |
− | *Communications ( | + | *Communications (Users, other ASSes) |
*Security (stopping people from doing things that they shouldn't be doing) | *Security (stopping people from doing things that they shouldn't be doing) | ||
*Data Integrity (No loss of important data) | *Data Integrity (No loss of important data) | ||
Line 38: | Line 38: | ||
*Legal/Policy (making sure users keep to our legal policy of using the internet, no spambots, no pornography, no torrenting) | *Legal/Policy (making sure users keep to our legal policy of using the internet, no spambots, no pornography, no torrenting) | ||
*Abuse of Resources (using the internet for only what is necessary, no installing programs not needed by more than one person of Free Geek) | *Abuse of Resources (using the internet for only what is necessary, no installing programs not needed by more than one person of Free Geek) | ||
+ | *Annoying (no spamming, nothing annoying :D) | ||
+ | *Understanding (making sure to understand the implications of your actions before taking them) | ||
== Ongoing Tasks == | == Ongoing Tasks == |
Revision as of 11:07, 29 September 2007
ASS is an acronym representing "Administrators of Systems and Security".
The ASSes are the oldest working group at Free Geek. They are the people who design and manage the network at Free Geek, and are responsible for developing our IT security policy.
You'd think this would mean we'd have a better wiki section =:)
Members
(ASSes, please list yourselves here):
- Martin Chase
- Michael Westwind
- Richard Seymour
- wren ng thornton
- Dave Haskins
- Kenny
- Joren
- Jeff
- Paul Brett
- Matteo
- Vagrant
- Stacy
Vancouver, BC, Canada ASSes:
ASS Priorities
(What ASSes should prioritize when using systems)
- Communications (Users, other ASSes)
- Security (stopping people from doing things that they shouldn't be doing)
- Data Integrity (No loss of important data)
- Privacy (user data, user confidentiality)
- Minimize and Mitigate downtime (keeping servers up as much as possible)
- No breaking (keeping systems in working order, researching new versions of software before updating)
- Efficiency (keeping number of tickets in rt down, keeping systems working)
- Legal/Policy (making sure users keep to our legal policy of using the internet, no spambots, no pornography, no torrenting)
- Abuse of Resources (using the internet for only what is necessary, no installing programs not needed by more than one person of Free Geek)
- Annoying (no spamming, nothing annoying :D)
- Understanding (making sure to understand the implications of your actions before taking them)
Ongoing Tasks
- RootMail Cleanup - Often (Matteo)
- Tape Swapping - Weekly (Richard)
- Test UPSes in server room - once per week/ASS meeting/month
- apt-get upgrade - once per month or sooner if critical security holes
- freekbox dist-upgrade - weekly chroot into /usr/local/clones/freekbox/ and do and update/dist-upgrade
- Reporting debian bugs
$ reportbug PACKAGENAME
- or -$ reportbug --no-check-available PACKAGENAME
- http://www.debian.org/Bugs/Reporting
- http://www.debian.org/Bugs/Access
- updating netboot
- http://ftp.debian.org/dists/ * /main/installer-i386/current/images/netboot/
- http://archive.ubuntu.com/ubuntu/dists/ * /main/installer-i386/current/images/netboot/
- Services provided to other groups
Projects
LDAP
To integrate our account management and make it possible to change email passwords.
- So far we have
- the ldap server itself is built, with ldap and sldap installed
- we did a test run for authenticating a user on a remote machine which "worked"
- What we need
- to better define how we will use ldap
- to create better schema for our purposes
- possibly put the ldap server into the dmz, if we want to authenticate mail with it.
- review and update the security on the server (passwords, webmin, &c.)
More fun
Some folks at Free Geek or in our extended community are CA Cert Assurers. See the page.