Kickstart and roles
Shane Stixrud
shane at geeklords.org
Wed Apr 19 17:20:48 UTC 2006
On Wed, 19 Apr 2006, Stephen John Smoogen wrote:
>> Sadly doing the Right Thing (tm) isn't always an option due to real life
>> circumstances (cough cough management) and performing a "quick fix" to the
>> managed device without taking the time to write centralized policies is
>
> There is no technical solution to a management issue. You can hack as
> much at it but the managers will come up with a completely new way to
> be stupid. I found that getting management to buy off on how change
> control works was a better cost solution. [Getting them to sign the
> timesheet for the extra work/pay got them to cut down on last minute
> changes.]
Sure and for the most part the change control where I work is sane. There
are still issues that come up where taking the time to write the policies
isn't available for various reasons.
>> the result. Writing these policies after the fact is of course desirable
>> but in many cases this would require another change control and testing
>> cycle. In short these type of tools really need the ability to detect what
>> has changed and let the admin easily integrate/pull these changes and
>> sign off on them as part of the devices new recipe/state.
>
> This would be useful in a different manner.. when the hacker breaks in
> and fixes your broken server.
How do you mean? Such a feature would allow the admin to see what changes
a cracker made, not sign off on them and instead revert them to the
previous state.
Cheers,
Shane
More information about the fedora-devel-list
mailing list