From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 9073 invoked from network); 14 Feb 2023 10:54:37 -0000
Received: from tb-ob20.topicbox.com (173.228.157.66)
  by inbox.vuxu.org with ESMTPUTF8; 14 Feb 2023 10:54:37 -0000
Received: from tb-mx0.topicbox.com (tb-mx0.nyi.icgroup.com [10.90.30.73])
	by tb-ob20.topicbox.com (Postfix) with ESMTP id B800B23D07
	for <ml@inbox.vuxu.org>; Tue, 14 Feb 2023 05:54:31 -0500 (EST)
	(envelope-from bounce.mM17036caa82debd1aa65af977.r522be890-2105-11eb-b15e-8d699134e1fa@9fans.bounce.topicbox.com)
Received: by tb-mx0.topicbox.com (Postfix, from userid 1132)
	id 77B49E769DC; Tue, 14 Feb 2023 05:54:31 -0500 (EST)
ARC-Authentication-Results: i=2; topicbox.com; arc=pass; dkim=pass (2048-bit rsa key
 sha256) header.d=gmail.com header.i=@gmail.com header.b=MEit4qWT
 header.a=rsa-sha256 header.s=20210112 x-bits=2048; dmarc=pass
 policy.published-domain-policy=none
 policy.published-subdomain-policy=quarantine policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none)
 policy.policy-from=p header.from=gmail.com; spf=pass
 smtp.mailfrom=23hiro@gmail.com smtp.helo=mail-ua1-f54.google.com;
 x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message
 has been altered)) (Message modified while forwarding at Topicbox)
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=
	topicbox.com; h=mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc:content-type:list-help:list-id
	:list-post:list-subscribe:reply-to:content-transfer-encoding
	:list-unsubscribe; s=sysmsg-1; t=1676372071; bh=Mmkv3fbBY/UNPeHA
	GvbU9FRvMgojNaTznoirQP27Iic=; b=bysyCgQZ+KDl6qEl+dP0P+Xb5D9zIJD1
	NCN7uf1pXZhJv+sKxhavInHULadm+/cI9zv+lRfWc+bdKsY3P8umY34aCUDQBeFD
	4IQsfFGL9y0wndbmlp9LxrS6y9p1WuQvrh8jCNBYIUztQeUCKFPnOzaHrlyQ4qxZ
	UiplndyO+oo=
ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t=
	1676372071; b=d4xPK2u+/Cu5IHpmtjfI0JV7m7ZZpQUvgn+B0n9xPxGPVy2jQ1
	J9wW/pkqjesBPsN9Iof7p1ZhhMWbiqpd8a2qh0uZu5Zn6jBo6DGF+PJp4pv57kE/
	ZMlkFBVgDF8QOBP8apBLe/BbYK1su3c3tDGAbkCo6QLdGMikJzBwHL2h4=
Authentication-Results: topicbox.com; arc=pass; dkim=pass (2048-bit rsa key
 sha256) header.d=gmail.com header.i=@gmail.com header.b=MEit4qWT
 header.a=rsa-sha256 header.s=20210112 x-bits=2048; dmarc=pass
 policy.published-domain-policy=none
 policy.published-subdomain-policy=quarantine policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none)
 policy.policy-from=p header.from=gmail.com; spf=pass
 smtp.mailfrom=23hiro@gmail.com smtp.helo=mail-ua1-f54.google.com;
 x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message
 has been altered)) (Message modified while forwarding at Topicbox)
X-Received-Authentication-Results: tb-mx0.topicbox.com; arc=none (no
 signatures found); bimi=skipped (DMARC Policy is not at enforcement);
 dkim=pass (2048-bit rsa key sha256) header.d=gmail.com header.i=@gmail.com
 header.b=MEit4qWT header.a=rsa-sha256 header.s=20210112 x-bits=2048;
 dmarc=pass policy.published-domain-policy=none
 policy.published-subdomain-policy=quarantine policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none)
 policy.policy-from=p header.from=gmail.com; iprev=pass
 smtp.remote-ip=209.85.222.54 (mail-ua1-f54.google.com); spf=pass
 smtp.mailfrom=23hiro@gmail.com smtp.helo=mail-ua1-f54.google.com;
 x-aligned-from=pass (Address match); x-google-dkim=pass (2048-bit rsa key)
 header.d=1e100.net header.i=@1e100.net header.b=rZOyPgDE; x-me-sender=none;
 x-ptr=pass smtp.helo=mail-ua1-f54.google.com
 policy.ptr=mail-ua1-f54.google.com; x-return-mx=pass header.domain=gmail.com
 policy.is_org=yes (MX Records found:
 alt2.gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com); x-return-mx=pass smtp.domain=gmail.com policy.is_org=yes (MX Records found: alt2.gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=-100 state=0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=
	mime-version:in-reply-to:references:from:date:message-id:subject
	:to:cc:content-type:list-help:list-id:list-post:list-subscribe
	:reply-to:content-transfer-encoding:list-unsubscribe; s=dkim-1;
	 t=1676372071; x=1676458471; bh=ddzcw+Mms0ke81iAuvA4yAzBUm0gY5EO
	mJCxv0x1L2w=; b=nwqylCb1ziCSdAun4y7mEZGsjSeBUSoogq/+Ur+VdD5mMVqJ
	Q0yU2TOHUVW3Iyoprwo61TwonMzk56Uw8fo8RyJxeDtU91DfMIl5Nqm4dM9StfbK
	vUXDuqdban3fQEWlHXLKuBx1AQj9F9onNdyRg23VQDAApFYDopJIVADux30=
Received: from tb-mx0.topicbox.com (localhost.local [127.0.0.1])
	by tb-mx0.topicbox.com (Postfix) with ESMTP id ADA39E76320
	for <9fans@9fans.net>; Tue, 14 Feb 2023 05:54:14 -0500 (EST)
	(envelope-from 23hiro@gmail.com)
Received: from tb-mx0.topicbox.com (localhost [127.0.0.1])
    by tb-mx0.topicbox.com (Authentication Milter) with ESMTP
    id DA89D627CD1;
    Tue, 14 Feb 2023 05:54:14 -0500
ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t=
    1676372054; b=LJtvRfFuFojo2Km5nBJVbv5qTEvh8YeShw3tFx/p+XI5cOIRGL
    V+ugYddOaKTtZ0erALam0r9Gdob6WVfBk4FJTjr+X5YRxDGdIQUh80CNjxlEdfpg
    I3iL2x41Oun/8Gyj9n3+IOSDNIt/oCk32WvBossEvlhIvxIpT+PuN8Cra6UgA7xJ
    BcbAZ8bw730z+zHJX5M64jE7Fo3uA9km5Jj7BDM+mCkSDcC3OoMQx/wla8hbr1fB
    AUVTQgz9VzIC+scFGKmJN7hOCJINMLjvH/DqiLLctzQERVvS4e6dEilUaWJk32mU
    T6rCxYVi9agK30J6qnormPWjVa+cpKzzmQ7w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=
    topicbox.com; h=mime-version:in-reply-to:references:from:date
    :message-id:subject:to:cc:content-type; s=arcseal; t=1676372054;
    bh=KS8rZ/MNs7fJQOzb8M89SsaFg1Pn6/h8FWhvgntiyas=; b=viT2fmAgkML1
    3UZ+ud3U1PcZwOvO8p1NFEXfYSy5stMRilqlG7Oad7TKXQUBCy+WM6K0lPi6VIMT
    rWMysHUqruI21AlMJlvCzMNhZ2xJgNWSMbkTD+WcKKJqtvFmJqIX7Yy4krrYRrcX
    wgaj/+nfUJBz/5L2Ia1+1zLaXESdDBqMEKqxZmYzn2M0SZ5u9XulGiuGnDIYAuOD
    Ne8/XILxqxJHi0R0vzZJe//bceKmooxkAd55riNCsYXbyA4GyGbnAQiTMhgHBPpk
    74qG/qdiPbskv1TITah47z87M2MrEwVlf4Uyb3L+qn3GdQADEk2YyW6i0Z8JsHUf
    mKH/8MwMWQ==
ARC-Authentication-Results: i=1; tb-mx0.topicbox.com;
    arc=none (no signatures found);
    bimi=skipped (DMARC Policy is not at enforcement);
    dkim=pass (2048-bit rsa key sha256) header.d=gmail.com
    header.i=@gmail.com header.b=MEit4qWT header.a=rsa-sha256
    header.s=20210112 x-bits=2048;
    dmarc=pass policy.published-domain-policy=none
    policy.published-subdomain-policy=quarantine
    policy.applied-disposition=none policy.evaluated-disposition=none
    (p=none,sp=quarantine,d=none,d.eval=none) policy.policy-from=p
    header.from=gmail.com;
    iprev=pass smtp.remote-ip=209.85.222.54 (mail-ua1-f54.google.com);
    spf=pass smtp.mailfrom=23hiro@gmail.com
    smtp.helo=mail-ua1-f54.google.com;
    x-aligned-from=pass (Address match);
    x-google-dkim=pass (2048-bit rsa key) header.d=1e100.net
    header.i=@1e100.net header.b=rZOyPgDE;
    x-me-sender=none;
    x-ptr=pass smtp.helo=mail-ua1-f54.google.com
    policy.ptr=mail-ua1-f54.google.com;
    x-return-mx=pass header.domain=gmail.com policy.is_org=yes
    (MX Records found: alt2.gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com);
    x-return-mx=pass smtp.domain=gmail.com policy.is_org=yes
    (MX Records found: alt2.gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com);
    x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384
    smtp.bits=256/256;
    x-vs=clean score=-100 state=0
X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedvhedrudeifedgudejucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu
    rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnh
    htshculddquddttddmnecujfgurhepjghfhfffkffuvfevtgesthdtredttddtjeenucfh
    rhhomhephhhirhhouceovdefhhhirhhosehgmhgrihhlrdgtohhmqeenucggtffrrghtth
    gvrhhnpeeuheeutdefueegkedvueefudfhieeiteevffekgefgfefgudeitdeiueekveet
    ueenucfkphepvddtledrkeehrddvvddvrdehgeenucevlhhushhtvghrufhiiigvpedtne
    curfgrrhgrmhepihhnvghtpedvtdelrdekhedrvddvvddrheegpdhhvghlohepmhgrihhl
    qdhurgduqdhfheegrdhgohhoghhlvgdrtghomhdpmhgrihhlfhhrohhmpeeovdefhhhirh
    hosehgmhgrihhlrdgtohhmqe
X-ME-VSScore: -100
X-ME-VSCategory: clean
Received-SPF: pass
    (gmail.com ... _spf.google.com: Sender is authorized to use '23hiro@gmail.com' in 'mfrom' identity (mechanism 'include:_netblocks.google.com' matched))
    receiver=tb-mx0.topicbox.com;
    identity=mailfrom;
    envelope-from="23hiro@gmail.com";
    helo=mail-ua1-f54.google.com;
    client-ip=209.85.222.54
Received: from mail-ua1-f54.google.com (mail-ua1-f54.google.com [209.85.222.54])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by tb-mx0.topicbox.com (Postfix) with ESMTPS
	for <9fans@9fans.net>; Tue, 14 Feb 2023 05:54:14 -0500 (EST)
	(envelope-from 23hiro@gmail.com)
Received: by mail-ua1-f54.google.com with SMTP id bx25so1329753uab.9
        for <9fans@9fans.net>; Tue, 14 Feb 2023 02:54:14 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:references:in-reply-to
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=KS8rZ/MNs7fJQOzb8M89SsaFg1Pn6/h8FWhvgntiyas=;
        b=rZOyPgDESWUnbDEOD5/sKiCGMIJS3Q34TwZ/4//GoDKIYooJFDXeTw+s58VfUO+y3B
         3xw224395LBC9d/kbGAHTB4mcTBwCFo3LXbkiK9IEcRfjdxfZBsv+pZrYWgijvURFh4O
         P4S2UWODIom76aL2QUsFMifkScuDaApeok5d+ixNlYwB9XdLdrKzuhr/eyiO2aRrdokw
         brAVs8a7UsELeLOwTDSWpoFvGWYtZhTsbOn/AIkdj0z/VtBnIDpdM0szqEjq2IU3o8zT
         WYQeR4aq/K0CNWCzDSYLV7M2bHcZ4tXiA4nmHrEELuYFNm9pRB8dRoU/H7edyrjG4utC
         /4pw==
X-Gm-Message-State: AO0yUKXefXNO9GIAAdCzMYbv+0pj/qt/dVJxlocsYWU4dn3k50vMJ1Qv
	oqqb8lD0uHxiHY5Keu4JH+HSKKV3vRoFYVP2P5xtzy4w
X-Google-Smtp-Source: AK7set/Zo5Q9GDJs5Q56Wazip5pA8qHJ3y0fhadl7V2FAZxuWr0mpXSHVOevCOpP1D4KrALgJt3/mk1iKtYXlqfdwMU=
X-Received: by 2002:ab0:290c:0:b0:681:a1c:9731 with SMTP id
 v12-20020ab0290c000000b006810a1c9731mr240209uap.6.1676372053618; Tue, 14 Feb
 2023 02:54:13 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:ab0:3d82:0:0:0:0:0 with HTTP; Tue, 14 Feb 2023 02:54:13
 -0800 (PST)
In-Reply-To: <1a1a0b09f464d41a@orthanc.ca>
References: <DD45CA5A-4167-4892-A296-6314F049E85C@germteig.com>
 <CAFSF3XMc7cCoRKkw2PPqdK1jP9jt6-Rou1WT4Gp1BFguG+UGiA@mail.gmail.com> <1a1a0b09f464d41a@orthanc.ca>
From: hiro <23hiro@gmail.com>
Date: Tue, 14 Feb 2023 11:54:13 +0100
Message-ID: <CAFSF3XOTf-mFugcpqHoeci5X4jfdcAUVyY6La9iitsuVbueEcQ@mail.gmail.com>
Subject: Re: [9fans] different users for different system roles
To: "Lyndon Nerenberg (VE7TFX/VE6BBM)" <lyndon@orthanc.ca>
Cc: 9fans <9fans@9fans.net>
Content-Type: text/plain; charset=UTF-8
Topicbox-Policy-Reasoning: allow: sender is a member
Topicbox-Message-UUID: ee9c42c8-ac55-11ed-80d9-a3e182533ef2
Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?=
 =?UTF-8?B?ZmFucy9UNjkwZTQzMDQ4NDdhMzRlNC1NMTcwMzZjYWE4MmRlYmQxYWE2NWFm?=
 =?UTF-8?B?OTc3Pg==?=
List-Help: <https://9fans.topicbox.com/groups/9fans>
List-Id: "9fans" <9fans.9fans.net>
List-Post: <mailto:9fans@9fans.net>
List-Software: Topicbox v0
List-Subscribe: <https://9fans.topicbox.com/groups/9fans>
Precedence: list
Reply-To: 9fans <9fans@9fans.net>
Content-Transfer-Encoding: quoted-printable
List-Unsubscribe: <https://9fans.topicbox.com/groups/9fans>,
 <mailto:9fans+unsubscribe@9fans.net?subject=x-tx-unsubscribe:2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:M17036caa82debd1aa65af977:1:IPbSUOd0swY--6kvp4CvPiI8T9R7rESY2W4MEmXGRKs>
Topicbox-Delivery-ID:
 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:M17036caa82debd1aa65af977:1:vCEISA16M7AdfRP5mzH3fEV_7NuvTu8cRKIE5YjIMvY

agreed. compartmentalization might be used to have less
users/passwords than servers. if two cpu servers are used
interchangably for the same usecase by the same end-users, why not
give them the same credentials.

next time please try to quote correctly, lyndon.

On 2/14/23, Lyndon Nerenberg (VE7TFX/VE6BBM) <lyndon@orthanc.ca> wrote:
> hiro writes:
>> > should each system role get his own user?
>> > Like one user for file servers, one for auth, one for venti, and one f=
or
>> cpu
>> > servers.
>
> My was has always been to have a file system user and an auth server
> user that are used ONLY for those roles.
>
> As for CPU servers, it really depends on how you use them.  The
> main reason you might want to have different CPU server owners is
> to control access to physical hardware.  E.g. I have machines that
> are used to control my radios via their serial and USB interfaces.
> For those, I don't want the "general pupulation" to have access to
> that hardware, so I run those servers under a userid that is distinct
> from the "general purpose" CPU server owner.
>
> Oh, the Pi I use for bluetooth dev work has its own host owner,
> for similar reasons.
>
> I'm sure there are other cases, but that's the only one where I've
> personally had a need for multiple host owners.
>
> --lyndon
>

------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/T690e4304847a34e4-M17036=
caa82debd1aa65af977
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription