Date: Wed, 28 Jan 98 11:16:00 PST From: Adam Turoff <AdamT@smginc.com> To: hackers <hackers@FreeBSD.ORG> Subject: WebAdmin (was: RE: /usr/src/release/sysinstall needs YOU. :-)) Message-ID: <34D0D540@smginc.com>
next in thread | raw e-mail | index | archive | help
>> What are peoples' thoughts on a Java administration tool for FreeBSD? One > > I feel the same way about this as I do about all the proposals I've > seen for web-based administration and installation tools in general: > Doing this is not an easy nut to crack, and security concerns are not > entirely trivial, but if you think you can do it then by all means GO > FOR IT! > > Unfortunately, it would also seem that most people are only good for > suggesting that a Java or plain-HTML based admin tool would be a good > thing and not so much good for actually coding up the proof-of-concept > that'd be required to make it anything more than a simple and > often-made suggestion. ;-) > > Jordan OK. Enough goading. :-) I'm doing perl based CGI to pay the bills and gradually getting up to speed on being a reasonable FreeBSD admin for a small workgroup. I don't feel qualified enough to start down this path alone. There are a lot of nontrivial security issues to deal with, and a lot of nontrivial configuration issues to deal with, too. I'm in a situation where Netware Admins are rushing to get up to speed with NT, and I'm throwing FreeBSD in their faces at the same time. I'll spare the anti-NT discussion here; no need preaching to the choir. Here are a few things I'd like to see in a web-based admin tool: - DNS administration - user config - ports management - samba config (admin-loadable module? :-) ) - NFS config - mounting - apache config (?) - mirroring - config replication (act like that machine there) - lynx friendly Of course, some of these issues are rife with security holes. Hopefully, used judiciously, it'll be a value add that will make FreeBSD more approachable to newbies. My guess is that limiting access to clients coming from localhost would help, allowing access from a list of trusted clients as well. The admin server could come up and down as needed rather than sitting there waiting to be abused. My questions to -hackers at large would be: - any other admin type things that should be included? - any other security issues that should be considered? - ideas for extensibility? Hopefully I should have something started in a few weeks. -- Adam Rhythm deficient bassist for Necessity & the Mothers of Invention
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34D0D540>