Create a "policy" in the machine to control the changes that might be done by other members
Quite often, any member of the GlideinWMS team has access to different machines owned by another member. In order to have control and awareness of all the changes being done in that particular machine, I propose to have some kind of “policy” which can be:
- Create a specific file (for example glideinwms_changes or something like that) that will stay in the machine. It will be updated by any member who has access to and makes any changes over the machine.
- Inform directly to the owner about the changes that might be done. It's the responsibility of the owner also to follow-up the changes and makes sure that he/she's aware of what's happening in the machine.
In any of the cases, the person who's making the changes MUST notify either of the ways, the changes that it's going to do, in order to avoid conflicts in the future.
Any better proposal for the "policy" is very welcome
#2 Updated by Marco Mambelli 4 months ago
I added the following to the main wiki:
For machines shared across the team, i.e. machines listed in the GlideinwmsTestInfrastructure, please abide by the directives listed in the operation policy to avoid stepping over the work of fellow developers; this applies also to the machine owner/main maintainer. For machines shared on a personal level, i.e. the owner gave you access, please follow whatever the owner suggested.Please edit it if needed and add the policy text in the section in GlideinwmsTestInfrastructure
My suggestion is to add and use 2 files in /root/:
- glideinwms_notify, with a list of emails of people that should be notified each time a change affecting others is performed
- glideinems_eventlog, a file where changes to the machine and other activities should be written. This file should be checked also before applying disruptive changes to check if there are tests in progress or other activities that could be disrupted
#3 Updated by Leonardo Lai 4 months ago
To inform new users about the presence of the aforementioned files (notify and eventlog) in shared machines, I suggest to append few lines to /etc/motd too.
MOTD (message of the day) shows up every time a user logs into the machine.
The new lines could be something like this:
NOTE: this machine is shared across the team, hence it is important to keep track of all the changes in the machine configuration. Please be aware of the following files in /root/: - glideinwms_notify -> people to notify about changes - glideinems_eventlog -> list of changes Update them every time you modify something in the machine
I think it's ok, provided that the already existing message ("this is a federal computer...") is not overwritten.
#4 Updated by Lorena Lobato Pardavila 4 months ago
I like your ideas! Thank you both
I have added the corresponding comments to ITB Frontend (fermicloud308) to GlideinwmsTestInfrastructure. To start with an example, I put here the two files suggested that I have added to the machine:
#List of emails of people that should be notified each time a change affecting others is performed in this machine: llobato@FNAL.GOV
#List of changes (starting by the newest) to this machine and other activities to inform the administrator if there are tests or other activities in progress that could be disrupted #Please indicate the date, your username <email> and the change in the corresponding block: i.e: # * Wed Sep 6 2019 Lorena Lobato <firstname.lastname@example.org> - Change_activity_or_test_done #-------------------------------------------------- #Changes #Activities #Tests
And also I have added Leo' suggestion in MOTD.
llobato@mac-126950:~$ ssh email@example.com Last login: Fri Sep 6 18:18:33 2019 from 22.214.171.124 NOTICE TO USERS This is a Federal computer (and/or it is directly connected to a Fermilab local network system) that is the property of the United States Government. It is for authorized use only. Users (autho- rized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorized site, Department of Energy and law enforcement personnel, as well as authorized officials of other agencies, both domestic and foreign. By using this system, the user consents to such interception, monitoring, recording, copy- ing, auditing, inspection, and disclosure at the discretion of authorized site or Department of Energy personnel. Unauthorized or improper use of this system may result in admin- istrative disciplinary action and civil and criminal penalties. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. LOG OFF IMME- DIATELY if you do not agree to the conditions stated in this warning. Fermilab policy and rules for computing, including appropriate use, may be found at http://www.fnal.gov/cd/main/cpolicy.html -------------------------------------------------------------------------- NOTE: This is the ITB Frontend for FIFE and GlideinWMS. This machine is shared across both teams, hence it is important to keep track of all the changes in the machine configuration. Please be aware of the following files in /root/ and modify them if needed: - glideinwms_notify -> List of people to notify about changes - glideinems_eventlog -> List of changes, activities or tests done in this machine -bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory