Re: non-disclosure of infrastructure problem a management issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I don't mean to be rude, but, ...

[...]  One thing this
incident has taught us is to take regular backups of that mirror so that we can roll back to a non-suspect version of the Fedora updates. Didn't have
that before, really missed it the last couple of weeks.

Consider that a lesson well learned. And, while it may not have been the most convenient time to learn it, things could have been much worse.

It's one of the costs (and, actually, one of the benefits) of working with open source. With "Proprietary" you have "guarantees". When they fall down on the job, or when other bad stuff happens, you can theoretically get some sort of compensation. But when you look at the record, the compensation you get isn't worth it.

With opensource, you have both the responsibility and the privilege to run your own install servers and backups. And you don't have the guarantees that seem to fool the bean counters.

Are you using site specific kickstart config files that install local
yum config files, ssh keys, sendmail setup and sudo config files so your admins
can access the hosts without typing pass words?

Yes, to all. Unfortunately that regime isn't 100% adhered to, which is
something we work on.  Equally unfortunately, we have had to give the
footwork guys sudo access to a limited set off commands.  Sudo with or
without passwords have different security implications, we've landed on
"with".

"With" is not a bad alternative.

Balancing resources is always a problem. No matter how you choose, sometimes bad stuff happens. Again, if accounting or management is coming after you, point to the actual results (not the promises and fudged guarantees) that could be obtained from the proprietary alternatives.

F/OSS, while better than the alternatives, is not some magic utopia.

Now, I think they're handling this pretty well so far.

I'm considering things from the overall perspective. A certain "Proprietary" vendor has put the entire world's infrastructure at risk, and they've managed to delay things with weird legal and political games for more than ten years, putting society at further risk. What we hear in public is not the worst that could happen (or is happening, really), and anyone whose infrastructure is dependent on that "Proprietary" vendor, is basically living on borrowed time and illusions. It's definitely time to run a tight ship now.

[...]

Joel Rees

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux