New design, what is the Goal here?

rl at nezumi.plus.com rl at nezumi.plus.com
Tue Nov 29 14:36:49 PST 2005


On 2005-11-29 14:59:52 +0000, Kendrick wrote:
> 
> Heres an example for you.  you are the administrator of a medium sized
> business with 7 servers and 150 desktops.  the board has dictated that
> there must be X: security measures implimented in all desktops and Y:
> security measures in the servers.  After searching no commercial distro
> does it in a acceptible manner.  to build those systems by standard lfs
> would be near a impossible task for the time allowed by your job.  all 7
> servers are different hardware/software,  20 desktops have a specific
> hardware/software combo for securly scanning/encoding client records, 
> 10 for accounting have a specific hardware dongle for security issues. 
> etc...   that right there would be 10 different profiles not to mention
> department specific software/hardware setups.  once the company gets the
> inital install done it would be quite likely that yes they would image
> new systems from a prebuilt image.. but that image must be maintained
> and the servers would need to be maintained.
> that is where this idea realy shines.   you are thinking from the home
> install point only. 

I can still build this out of off-the-shelf components, in many 
different ways. Here's one way:

I can set up accounts on each machine that will execute any script 
e-mailed to them that have been digitally signed by one of the 
sysadmins. I set the script to exit one any error, and the last 
line e-mails me back that it worked.

I can subscribe all the accounting machines to to accounting mailing 
list.
I can subscribe all the retinal scanning machines to the retinal 
scanner mailing list.


I can see the advantage of automating network installs.
I cannot see the advantage of creating yet another network 
authentication protocol.

Richard



More information about the alfs-discuss mailing list