From infrastructure-dev-return-665-apmail-infrastructure-dev-archive=apache.org@apache.org Tue Nov 25 15:17:07 2008 Return-Path: Delivered-To: apmail-infrastructure-dev-archive@locus.apache.org Received: (qmail 91345 invoked from network); 25 Nov 2008 15:17:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 25 Nov 2008 15:17:06 -0000 Received: (qmail 20403 invoked by uid 500); 25 Nov 2008 15:17:17 -0000 Delivered-To: apmail-infrastructure-dev-archive@apache.org Received: (qmail 20280 invoked by uid 500); 25 Nov 2008 15:17:17 -0000 Mailing-List: contact infrastructure-dev-help@apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: infrastructure-dev@apache.org Delivered-To: mailing list infrastructure-dev@apache.org Received: (qmail 20268 invoked by uid 99); 25 Nov 2008 15:17:17 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Nov 2008 07:17:17 -0800 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [88.198.32.38] (HELO mail.ellumination.de) (88.198.32.38) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Nov 2008 15:15:50 +0000 Received: from localhost (debian3164m [127.0.0.1]) by mail.ellumination.de (Postfix) with ESMTP id 970CE418553 for ; Tue, 25 Nov 2008 16:16:44 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ellumination.de Received: from mail.ellumination.de ([127.0.0.1]) by localhost (mail.ellumination.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7lbW2WrCMjvu for ; Tue, 25 Nov 2008 16:16:42 +0100 (CET) Received: from hoffmannPC (unknown [213.157.14.203]) by mail.ellumination.de (Postfix) with ESMTPA id 2A63B41854A for ; Tue, 25 Nov 2008 16:16:42 +0100 (CET) From: "Juergen Hoffmann" To: References: <55ef8e0d508559e7567041e44f6c61d5.squirrel@mail.pc-tony.com> <492B57AB.3010003@apache.org> <1227608308.9859.1857.camel@urgyen> <006601c94efa$510a7480$f31f5d80$@hoffmann@heagmedianet.de> <1227620011.9859.2097.camel@urgyen> In-Reply-To: <1227620011.9859.2097.camel@urgyen> Subject: AW: AW: Centralised authentication/authorisation Date: Tue, 25 Nov 2008 16:15:55 +0100 Message-ID: <007201c94f10$b672aed0$23580c70$@org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AclPAxfTAfMmFXpiS2GGM5jxR+FEsQADTGag Content-Language: de X-Virus-Checked: Checked by ClamAV on apache.org Hi, that is exactly what I meant. I find it very useful. Plus I can grant = certain users privileges to run a certain command on a certain host. But = then again, you can do the exact same thing with the sudoers file.=20 It is probably best to focus on the important parts first, and migrate = minor considerations when time slots are available. I just thought that = this might find its place on the wishlist. Kind regards Juergen > -----Urspr=C3=BCngliche Nachricht----- > Von: Upayavira [mailto:uv@odoko.co.uk] > Gesendet: Dienstag, 25. November 2008 14:34 > An: infrastructure-dev > Betreff: Re: AW: Centralised authentication/authorisation >=20 > (resending to infra-dev after bad typing sent it to infra@) >=20 > On Tue, 2008-11-25 at 13:35 +0100, J=C3=BCrgen Hoffmann wrote: > > Hi, > > > > it still hast o be discussed if we want to use sudo LDAP = Integration. > > We like it very much inside our company. >=20 > Do you mean storing the contents of the sudoers file in LDAP? >=20 > If so, I'm saying we shouldn't be doing that at this point. The number > of people who have that right is minuscule in comparison to the number > of committers and users using SVN, Jira, confluence, etc. That is the > area we should be focusing on, not on our tiny (in comparison) > admin/infra team. >=20 > UpayaviraOn Tue, 2008-11-25 at 13:35 +0100, J=C3=BCrgen Hoffmann = wrote: > > Hi, > > > > it still hast o be discussed if we want to use sudo LDAP = Integration. > We > > like it very much inside our company. >=20 > Do you mean storing the contents of the sudoers file in LDAP? >=20 > If so, I'm saying we shouldn't be doing that at this point. The number > of people who have that right is minuscule in comparison to the number > of committers and users using SVN, Jira, confluence, etc. That is the > area we should be focusing on, not on our tiny (in comparison) > admin/infra team. >=20 > Upayavira