--wRRV7LY7NUeQGEoC
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jan 23, 2003 at 09:19:47AM -0600, Jason B. wrote:
> It's not ludicrous to believe that most people use PXE to install their
> clusters. If you were maintaining a 32, 64, 128 node cluster, would you
> want to clone the same number of disks and worry about popping them in and
> out and switching to each console to check status whenever you're install=
ing
> a node or collecting the MAC address? No... so don't make the claim that
> NCSA is trying to impose their policy on the rest of the users. NCSA is =
not
> claiming that PXE should be the ONLY install method available, but rather
> the PREFERRED method (since it is). So... OSCAR remains general enough f=
or
> all users.
But the moment you enable a security hole service like tftp for users that
don't need it, you have enforced policy on them. Why not ask a question up
front about what method you are using for install:
1. PXE - Managed (nodes will always PXE boot)
2. PXE - Non-Managed (nodes will not PXE boot unless they are being install=
ed
the first time)
3. CD=20
4. Floppy
Only in case 1 & 2 do you install tftp at ALL, and only in case 1 do you
leave the service on after the wizard exits.
Now you have a framework which supports all users, and doesn't open up
security holes. The moment you install something for the user that they
don't *NEED* for their cluster, you have enforced policy. And what is good
enough for many of the current oscar members, may not be good enough for
others, and may be a reason they chose not to use OSCAR as their solution.
-Sean
--
_______________________________________________________________________
=09
Sean Dague [EMAIL PROTECTED] http://dague.net
There is no silver bullet. Plus, werewolves make better neighbors than
zombies, and they tend to keep the vampire population down.
_______________________________________________________________________
--wRRV7LY7NUeQGEoC
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+MBurSamXem9TdyYRAvagAJ90OcyX6AR/lC4CHHzEvfqfPhrhkACgjWK6
kxq6mmONr5b3gD0Ovlf0atE=
=PLi3
-----END PGP SIGNATURE-----
--wRRV7LY7NUeQGEoC--
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Oscar-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/oscar-devel
