Re: [9fans] different users for different system roles

9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed

From: "Lyndon Nerenberg (VE7TFX/VE6BBM)" <lyndon@orthanc.ca>
To: 9fans <9fans@9fans.net>, hiro <23hiro@gmail.com>
Subject: Re: [9fans] different users for different system roles
Date: Mon, 13 Feb 2023 16:45:37 -0800	[thread overview]
Message-ID: <1a1a0b09f464d41a@orthanc.ca> (raw)
In-Reply-To: <CAFSF3XMc7cCoRKkw2PPqdK1jP9jt6-Rou1WT4Gp1BFguG+UGiA@mail.gmail.com>

hiro writes:
> > should each system role get his own user?
> > Like one user for file servers, one for auth, one for venti, and one for =
> cpu
> > servers.

My was has always been to have a file system user and an auth server
user that are used ONLY for those roles.

As for CPU servers, it really depends on how you use them.  The
main reason you might want to have different CPU server owners is
to control access to physical hardware.  E.g. I have machines that
are used to control my radios via their serial and USB interfaces.
For those, I don't want the "general pupulation" to have access to
that hardware, so I run those servers under a userid that is distinct
from the "general purpose" CPU server owner.

Oh, the Pi I use for bluetooth dev work has its own host owner,
for similar reasons.

I'm sure there are other cases, but that's the only one where I've
personally had a need for multiple host owners.

--lyndon

------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/T690e4304847a34e4-Md4c6b5c3652a1888a1f863c4
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription

next prev parent reply	other threads:[~2023-02-14  0:46 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-02-10  8:15 Marco Feichtinger
2023-02-10  9:30 ` Frank D. Engel, Jr.
2023-02-10 11:19 ` hiro
2023-02-14  0:45   ` Lyndon Nerenberg (VE7TFX/VE6BBM) [this message]
2023-02-14 10:54     ` hiro

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1a1a0b09f464d41a@orthanc.ca \
    --to=lyndon@orthanc.ca \
    --cc=23hiro@gmail.com \
    --cc=9fans@9fans.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).