So, are you proposing that instead of a "Setup Network Boot" button, we have a "Disable Network Boot" one for users who don't want the services running? Does that mean that we turn the services on (and open those security holes) until the user has a chance to tell us otherwise? From a pure security perspective, we should start at the most secure state we can and allow things to be opened up as requested, not the other way around.
This may all be moot when we get to a more wizard like wizard. The user would make all the selections on a setup networking panel, including checking (or unchecking) a net boot box, then when they hit "Next" the server will be setup properly according to their selections. We never open up any service they didn't want, but still can provide a default that makes sense for most users. We may want to delay this decision until then. Mike On Thu, 2003-01-23 at 10:19, Jason B. wrote: > It's not ludicrous to believe that most people use PXE to install their > clusters. If you were maintaining a 32, 64, 128 node cluster, would you > want to clone the same number of disks and worry about popping them in and > out and switching to each console to check status whenever you're installing > a node or collecting the MAC address? No... so don't make the claim that > NCSA is trying to impose their policy on the rest of the users. NCSA is not > claiming that PXE should be the ONLY install method available, but rather > the PREFERRED method (since it is). So... OSCAR remains general enough for > all users. > > Jason > > ----- Original Message ----- > From: "Sean Dague" <[EMAIL PROTECTED]> > To: "Jeremy Enos" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Thursday, January 23, 2003 5:15 AM > Subject: Re: [Oscar-devel] MAC collection and setup network boot > > You are now suggesting forcing POLICY into OSCAR. Up to this point we > haven't done that. I don't have a problem with asking up front if the user > will be network, floppy, or cd booting, and then doing the right thing. But > if we start forcing policy into OSCAR based on what is good practice at > NCSA, we make OSCAR something which is no longer general enough to work for > many of our existing users. > > There is a difference between allowing for a new mode where all nodes are > PXE managed all the time, and *forcing* that mode on everyone. > > > > ------------------------------------------------------- > This SF.NET email is sponsored by: > SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! > http://www.vasoftware.com > _______________________________________________ > Oscar-devel mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/oscar-devel > ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Oscar-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/oscar-devel
