[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Admin site limits - long

At 03:32 PM 3/12/00 -0800, you wrote:
I've had direct experience with the Admin limits on the Raq2. Note, this is for the Raq2 only, I don't have any idea if things will work the same on any other machine. 

Certainly the limits are the same; they're linux limits.
Creating multiple admins doesn't completely fix that problem because some of my updates may be on a different "bank" of sites, but the odds are good that I can eliminate multiple FTP logins. So, my support guy suggested this and it works fine..and doesn't break the GUI. 

This is very good to know; thanks for documenting it for us.
My Raq2's IP is not shared by any virtual site on the machine, and I don't use the Admin ID for anything but the maintenance of the Raq2. So, on the main Raq2 site, we set up multiple admins users, using the GUI interface ..ex) Admin1, Admin2, Admin3, Admin4 etc. each admin can have his own password. This puts the new admin users in the following lines in the /etc/group and note here..the /etc/group- files. 

home:x:110:admin,admin2,admin3,admin4,admin5,
admin:x:27:admin,admin2,admin3,admin4,admin5
You have to add your admins after the original in the wheel by hand. (I make backups of my group and group- files every time BEFORE editing them) (Note: you have to be root to edit the /etc/group and /etc/group- files.) 

wheel:x:10:root,admin,admin2,admin3,admin4,admin5
I never use admin for a virtual site. He is only used for the maintenance of the Raq2. So admin2 was assigned sites 1-25, admin3 sites 26-50, admin4 sites 51-75, etc. This makes it easy for me to remember which admin is used for a given site, and prevents the assigning of admin# to to many groups (the basis of this problem anyway..:). Creating a site through the GUI always places admin as a user in that group. So, I edit the group and group- files to take admin out and insert the appropriate admin# for each site. 

So I presume you replace:

site11:x:122:admin

with:

site11:x:122:admin2

(for example) for each site.  Is that correct?
Because admin is not in lots of groups by default, my maintenance of these files does not have to be done on a daily or even weekly basis. Once set up, I find that I don't use the GUI interface for a given domain very often, because many of our clients like to do their own work, and most of my work is done through FTP just updating sites. You don't even have to update new sites right away unless you yourself are going to be administering/FTPing to them. Siteadmins are not affected by which of your own admins also has access..:)
Suggestion: when editing the group/group- files...be sure to run diff afterwards to make sure you did exactly the same thing to each file. They must mirror each other, exactly.
If both files need to be the same, then presumably you could just edit group and then do: 

# cp group group-
Wouldn't this work? It's certainly a lot quicker and a lot more foolproof (and it DOES retain the proper file permissions for group- as opposed to group).
I'm sorry for the length, but I'm hoping the explanation will help and find it's way to the archives. 

Great idea!


Beautiful Sunny Florida         http://crestcommunications.com/
Unless the north central Florida climate has changed a lot since I lived in Gainesville in the 60s, I'd argue that my home in the southern California desert gets a lot more sun (though it did rain here almost every day for about a month approx. Feb 9th through March 8th). Have you ever gone to Doug's Dairy Twirl in Gainesville for an ice-cream cone? There was an original Doug, about 35 years ago; I remember him well. I should be in Florida this summer; maybe we'll say hello <smile>. 

California.  Eureka!  I have found it <smile>.

Jeff

--
Jeff Lasman <jblists@xxxxxxxxxxxxx>