Hi,
> -----Original Message-----
> From: Testbed Support for GridPP member institutes
> [mailto:[log in to unmask]] On Behalf Of David McBride
> Sent: 15 June 2006 10:12
> To: [log in to unmask]
> Subject: Re: Top 5 Things to change in the LCG Middleware?
>
> On Wed, 2006-06-14 at 23:44 +0100, Gordon, JC (John) wrote:
>
> > > > 2. Remote management of a service - the ability with appropriate
> > > > authorisation to STOP, and START a service without
> logging on to the
> > > > host.
> > >
> > > What's wrong with SSH?
> >
> > a) I envisaged people having management rights over a
> service without
> > the complete control of root.
>
> This is not a new problem; sudo / set-uid root scripts are common ways
> to solve this problem.
Yes, but dropping in/removing a DN from a gacl file on gridsite is a
damn site more lightweight than creating/disabling accounts, managing
sudoers entries and all the general overheads that go with giving
someone else interactive access to your machine.
Yours,
Chris.
|