From dev-return-39601-apmail-geronimo-dev-archive=geronimo.apache.org@geronimo.apache.org Wed Oct 04 06:15:01 2006 Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 80395 invoked from network); 4 Oct 2006 06:15:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 4 Oct 2006 06:15:00 -0000 Received: (qmail 38493 invoked by uid 500); 4 Oct 2006 06:14:54 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 38440 invoked by uid 500); 4 Oct 2006 06:14:54 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 38429 invoked by uid 99); 4 Oct 2006 06:14:54 -0000 Received: from idunn.apache.osuosl.org (HELO idunn.apache.osuosl.org) (140.211.166.84) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Oct 2006 23:14:54 -0700 Authentication-Results: idunn.apache.osuosl.org header.from=jason.dillon@gmail.com; domainkeys=good X-ASF-Spam-Status: No, hits=0.5 required=5.0 tests=DNS_FROM_RFC_ABUSE DomainKey-Status: good X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 Received: from [64.233.162.207] ([64.233.162.207:25544] helo=nz-out-0102.google.com) by idunn.apache.osuosl.org (ecelerity 2.1.1.8 r(12930)) with ESMTP id F5/6E-00170-C4153254 for ; Tue, 03 Oct 2006 23:14:42 -0700 Received: by nz-out-0102.google.com with SMTP id v1so12737nzb for ; Tue, 03 Oct 2006 23:14:26 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-mailer:sender; b=CSNNmZ7SBh3wvQ+1o4KTIpAXwyUUVpcRfDh+8qyx+kJOjxQHKXiREs+FpSRLPXJKjM4u1choSdXwQXhqcq+RZNqqd3iMmAzLpaHtzACV0eGMef3hG7E945YK/YFGcRAqjxNBTNj3R+j/hiiiW4HOQS6QI/U54b34+7l2l51Lk1A= Received: by 10.65.59.20 with SMTP id m20mr329431qbk; Tue, 03 Oct 2006 23:14:25 -0700 (PDT) Received: from ?10.0.1.3? ( [24.7.69.241]) by mx.gmail.com with ESMTP id e15sm331973qbe.2006.10.03.23.14.24; Tue, 03 Oct 2006 23:14:25 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <21df75940610031012i79895b22s605fb5816bdeb10@mail.gmail.com> References: <3F4A96CC-A900-44AE-90AF-C3557B9ACF28@planet57.com> <247B5E12-42E4-4397-A585-79F23EB0D0A1@visi.com> <9F3659DC-0E0D-4B5E-9423-EA1D483D4A81@planet57.com> <21df75940610030811q5d40e333ud2c5f60c5922d0c@mail.gmail.com> <7B5BB0E0-51D2-43CA-BE0F-FD4DB3C4E988@planet57.com> <21df75940610031012i79895b22s605fb5816bdeb10@mail.gmail.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <39572CF5-C828-4065-BAD0-0980B134399C@planet57.com> Content-Transfer-Encoding: 7bit From: Jason Dillon Subject: Re: What is GShell? Date: Tue, 3 Oct 2006 23:14:19 -0700 To: dev@geronimo.apache.org X-Mailer: Apple Mail (2.752.3) Sender: Jason Dillon X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N On Oct 3, 2006, at 10:12 AM, Paul McMahan wrote: > OK I should have guessed that windows was the culprit. I jumped over > to debian and now all is fine. GShell looks very promising!! I love > the idea of being able to telnet or ssh into the server and run > commands remotely. As a matter of fact this appears to provide a > vital improvement that Geronimo users have been asking for: the > ability to remotely administer a running server (see the "Swing > console?" thread from 9/17/2006). Yup, that is the general idea. :-) > A few questions : > - what's the security model? Mostly this is TBD. I plan on adding some sort of login context to allow users to login (for ssh this will be the ssh auth callback, for telnet it will have to be a custom login handler). Once credentials are established, then it should be possible to limit the set of commands that are enabled for a user. I am sure there is much more than can be done here too. But at the moment, I've only planned to get a simple login implemented and have not done much more design of a richer model. > - will GShell share a common code path with the console and the CLI > for handling things like deployment? Yes, well... yes for the CLI, as I hope to eventually replace the existing CLI tools with command plugins into gshell, so they will be one and the same. I am not really sure what the web console is doing, but we should definitely share as much as possible.... where possible. It should be possible to define a simple interface (or set o interfaces) for each admin bit in the console... and provide a portlet and gshell command (or set of commands) to adapt to the interface. I think this will be easy(ish) to do... more so once the webconsole is more xtensible/pluggbale, and when admin portlets are split up into modules that are specific to the function they provide. It certainly would be nice to have one-to-one mappings for admin functionality between the webconsole and gshell commands... but there is still work on both sides before that would be possible... but it is kind of a longer term goal. > - which subsystems of geronimo will GShell depend on and how will it > access them? e.g. will it be wrappered as a gbean and use the kernel > to get access to them? mainly I'm wondering if (unlike the console) > it will be able to administer components running in the server without > a having a run-time dependency against them. Um, well I am in the process of writing a few simple GBeans to run/ manage the server components of GShell (the telnet/ssh server and the config and monitoring aspects that they bring in). Short of that there are no dependencies on Geronimo. I am thinking that a simple GBean to mange the start/stop of the server (ie, start/stop the telnet/ssh connector), which will manage the basic port config as well as the more advanced ssh config needed. And then a simple portlet to control the gbean, to list who is logged in, maybe even allow sessions to be terminated and such. May need to introduce some extra command sets which are G specific... or augment the script command to know more about the G namespace, so that we can register some more helpful variables to allow some meaningful/useful scripts to be written. But, so far these are just ideas in my head... some with TODO comments in code... I have not had enough time to get anymore significant work done on gshell after the initial flurry of code I dropped in over a week or so. I hope that once all this build muck is over and done with that I can get back into the GShell groove... clean it up and get it integrated into the server. Anyways... ideas and suggestions are welcome :-) --jason