[SAC] server space at telascience

[Benjamin Thelen]

Howard Butler schrieb:
> At 10:40 PM -0400 7/13/06, Frank Warmerdam wrote:
>> Benjamin Thelen wrote:
>>> Hello,
>>>
>>>
>>> I'm Benjamin, systems administrator of CCGIS/Bonn in Germany.
>>> Arnulf told me, that there possibly will be server space, an incredibly
>>> fast blade server :-), at telascience for hosting mapbender.org 
>>> (mediawiki, postgresql) itself and maybe some other related stuff.
>>>
>>>
>>> Also, there is a request on OSGeo-Edu to install a wiki for the EOGEO
>>> FreeGIS Book. I think, that this would be a good opportunity to
>>> move wiki.osgeo.org to telascience, too, to have it all together.
>>>
>>> What do you think?
>>
>> Benjamin,
>>
>> Indeed, I'm keen to have this setup.  My only concern is which machine to
>> put it on, how to keep the various services segregated, and whether we
>> ought to be looking at having the freegis book wiki using the LDAP
>> service for user authentication so folks can share a signon between in
>> and other services.
>>
>> From a "which machine to put it on" point of view, we have had a delay in
>> getting some of the blades configured due to issues with a "kickstart 
>> server".
>> So, for now, we have one system with LDAP running on it, but we are 
>> trying to
>> keep this system quite secure, so we likely don't want too much else 
>> on it.
>>
>> We have another system with a variety of software already installed.  We
>> could use it, but I think if we do, then we need to treat this system as
>> "medium security" and not provide shell accounts on it widely (to the
>> geodata processing folks for instance) for fear of messing up important
>> services (starting with this wiki).
>>
>> Another service we would like to get setup is a bug database, 
>> initially for
>> Mapbender, but later for other projects too, such as GDAL.  All in all, I
>> think we need some careful planning of where things go to avoid services
>> conflicting, or stuff getting lost in a tangle of different running 
>> systems
>> all on the same machine.
>>
>> So the system I was thinking of is 198.202.74.218 described at:
>>
>>   http://wiki.osgeo.org/index.php/SAC_Service_Status
>>
>> Lastly, is there anyone but Hobu currently who can create new LDAP users?
>> If not, we will need to wait for him to return from vacation.  I think he
>> will be back Monday.  We *really* need to spread around knowledge of how
>> LDAP stuff works so others can create users soon.
>>
>> Best regards,
> 
> John should be able to create users in the LDAP as well.  I will put a 
> wiki page together to describe the process.  Basically, what needs to be 
> done is to create a user, give them a password, set their unix stuff 
> (give them a unique UID starting at 10010, home director of 
> /home/username, and GID of 100), and then add them to the "Shell" group 
> if they are to have shell access.  Email the user with a bogus and easy 
> password if they are to have shell access and have them log into the (a) 
> shell machine and reset their password with 'passwd'. Their home 
> directory will be automatically created for them upon first login.
> 
> For non-shell users, we need to provide a mechanism to at least change 
> passwords and ideally hook up Plone/Drupal/Wikipedia/whatever to be able 
> to create users with limited group membership.  This item should 
> probably go on a 'todo' list somewhere.  Any pointers on how to do this 
> (even a simple web app that *explicitly* does this sort of thing would 
> probably be sufficient) would be appreciated.
> 
> Benjamin, email me the userid you would like and I will contact you with 
> the details.
> 
> Howard


Hi Howard,

Isn't there a naming scheme? If not, "bthelen" would be quite allright 
with me, because, that is my osgeo eMail address.


Ben