On Thu, Aug 4, 2011 at 10:24, Kevin Fenzi <kevin(a)scrye.com> wrote:
On Thu, 4 Aug 2011 10:02:21 -0600
> To me the
> bigger question is.. do we need to have the root emails going to
> sysadmin or to a subgroup. If those emails go down to say
> sysadmin-noc,fi-apprentice,sysadmin-main,sysadmin-hosted it would do
> the same thing.
No, root emails only go to sysadmin-main. I'd really prefer that to
stay that way. We do get emails with passwords or the like... (bounces
from fas accounts that have invalid emails, etc)
Sorry I meant cron and other emails that various people get that they
don't know why
> > 2. I'd like to allow apprentice folks to look at logs on
log02.
> > Currently this is just sysadmin-main and -noc. Can anyone think of
> > anything we log that might be too sensitive for this? We shouldn't
> > be logging any passwords (although I can look). I'd also like to
> > make sure all the logs on log02 are ro to everyone (but main).
> > Currently many of the directories there are writable for sysadmin
> > group, which seems wrong to me.
>
> Passwords creep into the logs every now and then. The usual is that
> someone tries to login with their password. Sorry about the write on
> group, I thought i fixed that a while ago.
Yeah, I'll go look thru logs and see if there's anything there that
looks problematic. We might be able to just have the system log ones
readable, but leave the httpd ones closed up (those would be the only
ones that might have passwords I would think).
Hmmm I thought the httpd ones were more open :).
kevin
_______________________________________________
infrastructure mailing list
infrastructure(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
--
Stephen J Smoogen.
"The core skill of innovators is error recovery, not failure avoidance."
Randy Nelson, President of Pixar University.
"Let us be kind, one to another, for most of us are fighting a hard
battle." -- Ian MacLaren