[AG-TECH] Venue Server start-up configuration
Ivan R. Judson
judson at mcs.anl.gov
Thu Aug 28 20:42:47 CDT 2003
We tend to err on the side of having an ag user run it on linux, this is to
attempt to isolate actions that happen on behalf of the venue server from
being root priviledged. There's no known danger, but it's a prudent solution
either way.
The other point is that, if the ag user is enabled with a service
certificate (see other mail for that discussion), which has no passphrase
(and thus no proxy expiration) the venue server can run as a credentialed
service indefinitely. This is (IMHO) a very nice thing. We will be working
on some small documents that enumerate the vneue server and venue clients
exact foot print on the host system (what files and directories it touches,
when, and why) and what ports are required to be open in firewalls for what
purposes. This should help explain more about the system.
--Ivan
PS -- Again, if these docs are a priority let us know. The more input we get
(on what people want) the better we can decide how to move forward.
> -----Original Message-----
> From: owner-ag-tech at mcs.anl.gov
> [mailto:owner-ag-tech at mcs.anl.gov] On Behalf Of Randy Groves
> Sent: Thursday, August 28, 2003 4:46 PM
> To: ag-tech at mcs.anl.gov
> Subject: [AG-TECH] Venue Server start-up configuration
>
>
> I'm setting up a RedHat venue server, and would obviously
> like to have all
> this start up on re-boot. I notice that a couple of scripts
> for the node
> and service manager services are included, and I'll probably
> start off from
> there to craft a venue server startup script (unless of
> course, someone's
> already done this ...)
>
> Inspecting the scripts, I see that they default to having the
> ag user run them.
>
> And this brought up a couple of questions. I have been, up
> to now, running
> the venue server as root. So - is there anything inherent in
> the structure
> of the venue server (security, access to files, etc.) that
> would argue for
> root as owner or ag as owner of these processes? And is the
> general design
> philosophy that most of these processes should be run by a
> non-privileged
> user? What does this imply about possible access to data on
> the system?
>
> I guess I'm now leaning toward moving all this to have ag run
> it. But I'd
> like to get and idea of the consensus.
>
> -randy
>
>
More information about the ag-tech
mailing list