|
|
|
We need some volunteers to be in charge of granting new users outbound net access upon their request. From what I understand this will pretty much mean 1. getting email at a special email box set up for this purpose 2. using a tool to change people's accounts so they can have outbound net and email access. This will not require having the root password and will be easy enough to do that even those who are not especially technically inclined can do it. 3. replying to users by email to let them know that they have been given net access. Anyone interested in doing this should reply here. Thanks!!!
13 responses total.
Provided my expectations/assumptions are correct, I would like to help out (I can't seem to find 60$ at any particular point in time lately, especially with tuition about to be due, but I would like to give back to cyberspace.org). I have a few questions, which I am sure other potential volunteers would want to know as well. - How many hours per week do the staff expect this to take? - What are the qualifications for getting outbound access besides just asking? Should one have n questions in forum or be in the server for m weeks before their outbound access is turned on? - Would this be turning the requester on to the level of unpaid user (outbound web through the proxy, outbound DNS requests) or turning them up to the level of member (pretty much any non-abusive outbound access except (I think) pings)? - Do we audit the people to whom we grant access or is that the job of the system managers? - Would we act anonymously/agents of the office (i.e. the recipient of outbound access sees it as coming from this group/office versus coming from a user)? - Is there a way to step away for a short time if needed (examinations, moving after graduation across the state) without seriously hurting the group that does this? Thanks in advance and stuff.
My question is: Would someone be able to write a script that I can use that says "What account should be added to the 'outbound access list'? and another script that says "What account should be removed from the 'outbound access list'? If all I had to do was fill in the user ID, I could handle this position. A suggestion from being a list admin for a world wide listserve with over 500 members: Three volunteers were able to handle all of the listserve admin tasks. We rotated duty, a week at a time. It was considered sufficient speed if you got online once a day and handled all the requests at that time. The list membership was moderated, which meant that we were subscribing and unsubscribing folks every day. Most of us found that we were checking the requests a couple times a day, and it was easy to keep up with. If you were going to be swamped during your week, you just switched with someone else. The position was a 2 year position, and you were requested to not serve more than two years. Theory was to get other people involved, and keep the knowledge moving around in the group.
Hey, cool -- two volunteers before the ink is dry on #0! I agree that it's a good idea to have redundancy so that people can take time off without disrupting the system. I think I can answer *some* of the questions in #1: Since the system isn't in place yet, I don't think we have a feel for the volume of work, although my gut feeling is that it would be manageable for two or three volunteers. You'd be bumping the user from "no access" to "unpaid user access" (the current default). Membership involves money and is handled by the treasurer. You wouldn't be responsible for subsequent monitoring of users. If a user abused access, that would be handled by regular staff, as it is currently. You'd handle requests through a special email account set up for the purpose rather than your personal account.
Re #3: As long as it does not get in the way of school or work, I'm ok with it. Put me down as a volunteer.
I'd volunteer, too.
Remmers, what does "bumping" entail? Really, I'm asking for a very simple process like a script that lets you type in a userID, or a comma separated list of userIDs, and the software takes care of putting it where the Grexbox can find it and let (or not let) that userID go out to play. And yes, it would be nice if that script only allowed a single userID with password to run the script (ie the admin userID).
I think the idea is to have something like that. At a technical level, the way it would probably work is to have newuser put new users in a group with no outbound access. The "bumping" program would accept user id's and move those users to a group *with* outbound access. The program could be run only by the bumping administors, i.e. the folks who've volunteered to screen requests. Unix allows you to associates privileges with groups, so in our environment something like the above is the natural way to do it.
Yes, that sounds like exactly what I'd imagined. I see the admins rotate checking the emails, and applying a set of criteria to those requests. Something as simple as: did they bother to send an email that asks nicely. The admin opens a script, types in the IDs that are now allowed outbound access, and at the question "Do you want to add another ID" types "no". At that point the script checks to be sure the listed ID has been activated more than (2, 3, 4) weeks, puts the ID in the outbound privilege group, and sends back any IDs that did not make the cut. The admin might send an email to those who hadn't been on long enough. Assuming there are no more than half a dozen requests a day, this seems like a 10 minute procedure.
Could current users, or at least current members, vouch for friends who want to join grex, rather than have them write an email? I invited someone to join because he is having trouble getting a list to accept mails via his ISP and he hates webmail.
I volunteer.
I'll volunteer for this, too. I should be able to handle (most) any mechanism for it. I admin roughly 16 different servers at work (three are Windows boxen, the rest are some type of Red Hat Enterprise or Red Hat 6.1/7.3/8/9, Fedora Core, FreeBSD, etc.) the good ol' manual way. And then there's my personal box at work and at home. If you want to have me on board with it, just let me know.
Any progress on writing the tools to allow this? Has the reap software been updated to remove reaped accounts from the allow group? I hesitate to volunteer for any staff/support position given my wildly variable schedule, but I'm interrested in the 'staff problem' getting worked out. I wish I had a magic idea.
unlucky
Response not possible - You must register and login before posting.
|
|
|
- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss