|
Grex > Agora > #6: Grex Town Hall -- How do we move forward? - Fall 2015/Winter 2016 | |
|
| Author |
Message |
cfadm
|
|
Grex Town Hall -- How do we move forward? - Fall 2015/Winter 2016
| 
Dec 31 16:45 UTC 2015 |
This item is for capturing opinions and ideas about how Grex can move
forward, what Grex can do to encourage more people to use the system,
and what we want Grex to provide in terms of services or applications.
|
| 40 responses total. |
kentn
|
|
response 1 of 40:
|
Jan 3 18:40 UTC 2016 |
So, we are another year down the road and another year finished where we
did little work on a newer Grex server. Mainly this is because of life
and work events for staff who need time to work through them. This has
meant less time for Grex.
Partly it's because we have a small staff group and anything the impacts
a couple people's work slows down progress, often for a long time.
So, one solution would be to recruit more staff. This has been
problematic for several reasons, not the least of which is trust. But,
it would be good to have some new people helping on Grex. They need
to understand the history of Grex and that it is a commandline server.
That's not hard to figure out, but still some want to modernize Grex a
little bit too much for the resources we have available. We have limits
one user accounts for resource as well as security reasons, for example.
We run a BSD operating system, not Linux, so that causes some people
problems when they assume we have all the libraries and applications
that Linux has. Grex has no apt-get command, for example, yet users
continually try to sudo apt-get to install some software they want
rather than asking staff. If staff see users want to install something,
and it won't cause system issues, we often will, if we have the time.
Also, we haven't updated our server OS for several years now and are
several versions out of date. The reason for this is we want to move to
FreeBSD at some point and don't want to go through all the changes that
updating the OpenBSD version would cause, then go through it all again
for FreeBSD soon after. However, after spending several years without
making progress on the FreeBSD server, hindsight would tell us we might
have gotten our money's worth out of an update to the OpenBSD version
(including fixing an outstanding system resource bug that causes the
system to crash periodically).
Discussions of the Board regarding the issue of the new server show that
there are technical issues with FreeBSD relative to OpenBSD that need
to be worked through. For example, we may no longer be able to offer
web-based BBS due to different mechanisms of authentication in FreeBSD
and the web server. We'd like to use nginx instead of apache for the
web server. It is possible that time will allow someone else to fix
these issues. In that case, we could use that solution. Currently,
we have not found an easy solution. Giving up web-based BBS might not
be an issue given the few people who read the BBS, but it still seems
like a huge step backwards. We'd also need to give up the RT help
desk.
One advantage of FreeBSD is it has a much better ports system than
OpenBSD (and no, OpenBSD does not guarantee the security of their
ports like they supposedly do the security of their OS). FreeBSD will
refuse to install ports/packages with security issues (although you
can override the refusal). You can get a report of security issues
in ports and can see which applications you have installed which
have issues. Thus, we would not lose any security by installing
FreeBSD ports, assuming we paid attention to potential issues.
More ports means we have a better chance of installing applications
our users want to use. Currently, if an application is not in our old
OpenBSD ports setup, we are left to manually install it, which sometimes
is a time sink for staff. An example of this is the "go" programming
language. emacs was recently updated from scratch (no port) to the
latest version, but it fortunately built with little issue.
|
gelinas
|
|
response 2 of 40:
|
Jan 5 22:34 UTC 2016 |
I find myself with a little time, for the first time in years. So where should
I begin? I have never studied authentication models, but that seems to be
where effort is needed. Any suggestions for background reading?
|
tod
|
|
response 3 of 40:
|
Jan 11 17:41 UTC 2016 |
Hashes?
|
gelinas
|
|
response 4 of 40:
|
Jan 13 18:30 UTC 2016 |
I know cross redid the grex password hash a few years ago. Is that what you
mean?
|
cross
|
|
response 5 of 40:
|
Jan 13 19:19 UTC 2016 |
I didn't redo it; I just removed the custom one Marcus had designed
and replaced it with the stock hash used by OpenBSD.
|
gelinas
|
|
response 6 of 40:
|
Jan 13 23:29 UTC 2016 |
So what's needed with PAM?
|
tod
|
|
response 7 of 40:
|
Jan 15 03:26 UTC 2016 |
re #5
Yes
|
cross
|
|
response 8 of 40:
|
Jan 15 15:15 UTC 2016 |
You mean on FreeBSD?
The issue is that FreeBSD stores encrypted passwords in a file
that's owned by root and only readable by root. Since PAM is a
shared library that's linked into every program that wants to use
it for authentication, PAM modules are executed with the permissions
of the program that's using them. For the web server, we want this
to NOT be root. So the question becomes, how does the web server
authenticate users for things like backtalk and RT? Most large-scale
systems don't use the traditional password database, deferring
instead to some kind of network directory service that contains
authentication data (e.g. LDAP).
On OpenBSD, this isn't an issue since OpenBSD's 'auth' library
invokes a setuid program to check passwords (and talks to it over
a pipe or socket; I forget which).
|
walkman
|
|
response 9 of 40:
|
Aug 29 15:36 UTC 2016 |
We move forward by going backward.
I'll create "The fat item" and we'll all gather 'round the fire and
tell tall tales about inclusiveness and prosperity.
|
tfurrows
|
|
response 10 of 40:
|
Oct 25 05:54 UTC 2016 |
I have no idea if my comments and ideas are welcome here, most of what is
being said appears to be internal discussion. Still, this is a semi-public
board, so I'll throw in what I can.
First of all, it's difficult to tell what Grex has to offer to the average
user. A shell account, sure, but I have to assume that many *nix users that
might want to participate have their own shell accounts on their own systems.
I for one have several, in various places, and don't necessarily need another.
I came here for the bbs, and to connect with other potentially like-minded
*nix users.
My second observation is that Grex feels very Michigan-ish. That's not a
horrible thing in and of itself, but if you're aiming for a user base that
is larger than what MI has to offer, I would suggest that you diversify your
discussions. Which brings me to...
Number 3: the bbs. The main reason I came here. I'm a vetran, used to program
and run BBSes back in the POTS days. I've been out of it for years, but have
recently re-connected with this type of crowd. It is interesting that they
live on, and beautiful in a way. I was excited and willing, but I have to say,
what you have going here is a beast. The crowd that would enjoy agora is a
small one indeed, and some other solution might receive far more
participation. I hope I'm not completely stomping on someone's baby by saying
so, but Agora is more of a pain in the neck than it is worth the content.
So to sum up, if you truly want feedback, and if you truly want a larger user
base, I'd suggest testing the waters with a different bbs, and making your
offerings (especially multi-user-centric offerings, and perhaps inclusive
online social offerings) more clear.
Thanks for listening, and I look forward to being set on the right track if
I'm off topic or off course in this post!
|
walkman
|
|
response 11 of 40:
|
Oct 27 15:58 UTC 2016 |
#10 Good post. What might be some examples of alternate BBSs that are
better than " Backtalk version 1.3.30"?
|
tfurrows
|
|
response 12 of 40:
|
Oct 27 17:26 UTC 2016 |
I'm not sure "better" is the right goal, but more friendly perhaps, keeping
in mind that not every user in the potential target market will have a lot
of experiences with text-based social interactions. The entire purpose of a
BBS is to create interaction; a system is worthless if it doesn't have users
filling it with content, and interacting.
Since Grex is an OpenBSD system, I have no idea what systems would even be
available. Perhaps a custom-built one? I have no BSD experience, only Linux
sadly, so I can't recommend something, but I do stand by my previous post.
Make the offerings more understandable, and improve the social (bbs) aspects.
I'll throw this out, though I don't necessarily recommend it. It's written
in PHP, which I don't see here on grex. I'd be willing to re-write it in perl
as a custom version for grex if anyone was interested. It's a clone-of-sorts
of the bboard system that is found on SDF (which is quite active/popular even
with relatively novice users):
https://sourceforge.net/projects/slightbbs/
It runs through inetd, but can be accessed at the command line just as easily
(at least on my system.) Again, I don't necessarily recommend it, but it is
an option. I'd love to know if there were better options available on the open
market.
|
tfurrows
|
|
response 13 of 40:
|
Oct 27 17:28 UTC 2016 |
you can telnet to jozhaus.com port 2323 to try it out if you're curious.
|
tod
|
|
response 14 of 40:
|
Oct 27 17:48 UTC 2016 |
didn't work for me
|
tfurrows
|
|
response 15 of 40:
|
Oct 27 18:16 UTC 2016 |
Neonicotinoid, I'm not sure why, I just tested it from two different hosts
(both west coast) and it's working fine. Of course, you can't telnet out from
Grex itself, at least I can't.
|
kentn
|
|
response 16 of 40:
|
Oct 29 11:55 UTC 2016 |
php 5.2 and 5.3 are installed on Grex. See /usr/local/bin.
The main roadblock to getting anything going like this is staff time and
willingness to implement/install. What we have for a bbs now is one
that was written by Grex staff a long time ago now. It is Perl-based
which makes it relatively portable. It might be possible to add a new
look or new functionality to it, but someone would need to spend the
time to figure out how it all works.
I think a new look and new functionality would be good and might attract
more users to grex. However, you'll find there will be complaints
about things like users being able to edit a response, moderation of
responses, and such, that they are not used to or have philosophical
objections to.
At some point we just need to try something new. We could run two bbses
in parallel, for example. Then people who don't want to try new things
can not respond to the new system as well as the old system.
phpBB I think was another php-based system that has been discussed in
the past. In the OpenBSD ports files on Grex there is information on
fluxBB. There are a number of them available for Unix-based systems
in general. Installation hassle, security and staff maintenance time
while in operation would be considerations for any such system. We are
perennially short of staff time to do things.
Keep making suggestions! Maybe something will spark some interest in a
staff member to install a new bbs. Or maybe someone will step up and
help staff with this.
|
tfurrows
|
|
response 17 of 40:
|
Oct 31 02:25 UTC 2016 |
I definitely understand your point about staff... it's hard to want to
implement a new system and then have no one to maintain/run it.
I also agree that trying something new in parallel with the existing system
is the way to go; there is nothing to lose, and everything to gain.
phpBB and fluxBB, as far as I understand, aren't console-ready in the way that
they'd need to be. I don't personally see much value in a web-accessible BBS,
it defeats the purpose of joining a unix community, and is too exposed to the
general public. That's of course my viewpoint on the matter only. I'd prefer
something that is unique, and requires something of the users. A web-based
system would be white noise in today's internet communitites. Maybe Grex wants
to aim toward a different type of user though, and I'd understand that.
I again offer my services and participation to try something new. I'm glad
to see we have PHP here, I could implement slightBBS for console and/or telnet
access, and spin it into a Grex-unique system.
|
cross
|
|
response 18 of 40:
|
Oct 31 14:01 UTC 2016 |
I say go for it. If you can do it in your account, more's the better;
if it grows, we can make it system-wide.
It seems like you're talking about something like Mystic or Synchronet
(or MBSE or EleBBS or something) as a BBS? That may be interesting,
but my sense is that most of those BBS's just exist to pass around
the same echonet traffic that all the others do (e.g., FidoNet etc).
Personally, I'm not so interested in the BBSing aspects of Grex
anymore. I'd rather see us become a playground for programmers and
makers of varous stripes. Consider, for example, the maker communities
that have sprung up around designing retro single board computers
using Z80's and 68k's. Those folks are using web BBSes for most of
their collaboration. Why not a real Unix system like Grex?
But hey! If you've got an idea, time and motivation, run with it and
make it your own!
|
tfurrows
|
|
response 19 of 40:
|
Oct 31 15:41 UTC 2016 |
Interesting thoughts. I can't stand the echonet BBSes, but perhaps that's
something to think about. I prefer visiting individual ones for local traffic.
But again, that's just me personally :) The idea of having a place for
builders to work together is interesting, though I imagine web-based would
be best for them, unless they're feeling like console-only. Maybe they would.
In any case, I'm going to take your advice, and attempt to just start
something and see what happens. I just paid the $18 for a yearly membership.
Where should I go for help with questions? Specifically, I would like to know
if there is a place for members to place shared executable scripts, and where
a good place for shared text-files would be... for a start/testing. Thanks!
|