|
|
| Author |
Message |
slynne
|
|
Call for Volunteers
| 
Nov 29 04:07 UTC 2006 |
We need some volunteers to be in charge of granting new users outbound
net access upon their request. From what I understand this will pretty
much mean
1. getting email at a special email box set up for this purpose
2. using a tool to change people's accounts so they can have outbound
net and email access. This will not require having the root password and
will be easy enough to do that even those who are not especially
technically inclined can do it.
3. replying to users by email to let them know that they have been given
net access.
Anyone interested in doing this should reply here. Thanks!!!
|
| 13 responses total. |
maus
|
|
response 1 of 13:
|
Nov 29 08:41 UTC 2006 |
Provided my expectations/assumptions are correct, I would like to help
out (I can't seem to find 60$ at any particular point in time lately,
especially with tuition about to be due, but I would like to give back
to cyberspace.org). I have a few questions, which I am sure other
potential volunteers would want to know as well.
- How many hours per week do the staff expect this to take?
- What are the qualifications for getting outbound access besides just
asking? Should one have n questions in forum or be in the server for m
weeks before their outbound access is turned on?
- Would this be turning the requester on to the level of unpaid user
(outbound web through the proxy, outbound DNS requests) or turning them
up to the level of member (pretty much any non-abusive outbound access
except (I think) pings)?
- Do we audit the people to whom we grant access or is that the job of
the system managers?
- Would we act anonymously/agents of the office (i.e. the recipient of
outbound access sees it as coming from this group/office versus coming
from a user)?
- Is there a way to step away for a short time if needed (examinations,
moving after graduation across the state) without seriously hurting the
group that does this?
Thanks in advance and stuff.
|
cmcgee
|
|
response 2 of 13:
|
Nov 29 13:18 UTC 2006 |
My question is: Would someone be able to write a script that I can use that
says "What account should be added to the 'outbound access list'? and another
script that says "What account should be removed from the 'outbound access
list'?
If all I had to do was fill in the user ID, I could handle this position.
A suggestion from being a list admin for a world wide listserve with over 500
members:
Three volunteers were able to handle all of the listserve admin tasks. We
rotated duty, a week at a time. It was considered sufficient speed if you
got online once a day and handled all the requests at that time.
The list membership was moderated, which meant that we were subscribing and
unsubscribing folks every day. Most of us found that we were checking the
requests a couple times a day, and it was easy to keep up with.
If you were going to be swamped during your week, you just switched with
someone else.
The position was a 2 year position, and you were requested to not serve more
than two years. Theory was to get other people involved, and keep the
knowledge moving around in the group.
|
remmers
|
|
response 3 of 13:
|
Nov 29 14:28 UTC 2006 |
Hey, cool -- two volunteers before the ink is dry on #0!
I agree that it's a good idea to have redundancy so that people can take
time off without disrupting the system.
I think I can answer *some* of the questions in #1:
Since the system isn't in place yet, I don't think we have a feel for
the volume of work, although my gut feeling is that it would be
manageable for two or three volunteers.
You'd be bumping the user from "no access" to "unpaid user access" (the
current default). Membership involves money and is handled by the
treasurer.
You wouldn't be responsible for subsequent monitoring of users. If a
user abused access, that would be handled by regular staff, as it is
currently.
You'd handle requests through a special email account set up for the
purpose rather than your personal account.
|
maus
|
|
response 4 of 13:
|
Nov 29 15:22 UTC 2006 |
Re #3:
As long as it does not get in the way of school or work, I'm ok with it.
Put me down as a volunteer.
|
kingjon
|
|
response 5 of 13:
|
Nov 29 17:43 UTC 2006 |
I'd volunteer, too.
|
cmcgee
|
|
response 6 of 13:
|
Nov 29 18:15 UTC 2006 |
Remmers, what does "bumping" entail?
Really, I'm asking for a very simple process like a script that lets you type
in a userID, or a comma separated list of userIDs, and the software takes care
of putting it where the Grexbox can find it and let (or not let) that userID
go out to play.
And yes, it would be nice if that script only allowed a single userID with
password to run the script (ie the admin userID).
|
remmers
|
|
response 7 of 13:
|
Nov 29 22:39 UTC 2006 |
I think the idea is to have something like that. At a technical level,
the way it would probably work is to have newuser put new users in a group
with no outbound access. The "bumping" program would accept user id's and
move those users to a group *with* outbound access. The program could be
run only by the bumping administors, i.e. the folks who've volunteered to
screen requests.
Unix allows you to associates privileges with groups, so in our
environment something like the above is the natural way to do it.
|
cmcgee
|
|
response 8 of 13:
|
Nov 29 23:12 UTC 2006 |
Yes, that sounds like exactly what I'd imagined.
I see the admins rotate checking the emails, and applying a set of criteria
to those requests.
Something as simple as: did they bother to send an email that asks nicely.
The admin opens a script, types in the IDs that are now allowed outbound
access, and at the question "Do you want to add another ID" types "no".
At that point the script checks to be sure the listed ID has been activated
more than (2, 3, 4) weeks, puts the ID in the outbound privilege group, and
sends back any IDs that did not make the cut.
The admin might send an email to those who hadn't been on long enough.
Assuming there are no more than half a dozen requests a day, this seems like
a 10 minute procedure.
|
keesan
|
|
response 9 of 13:
|
Nov 29 23:20 UTC 2006 |
Could current users, or at least current members, vouch for friends who want
to join grex, rather than have them write an email? I invited someone to join
because he is having trouble getting a list to accept mails via his ISP and
he hates webmail.
|
scholar
|
|
response 10 of 13:
|
Dec 15 06:35 UTC 2006 |
I volunteer.
|
saw
|
|
response 11 of 13:
|
Jan 26 19:21 UTC 2007 |
I'll volunteer for this, too.
I should be able to handle (most) any mechanism for it. I admin roughly
16 different servers at work (three are Windows boxen, the rest are some
type of Red Hat Enterprise or Red Hat 6.1/7.3/8/9, Fedora Core, FreeBSD,
etc.) the good ol' manual way. And then there's my personal box at work
and at home.
If you want to have me on board with it, just let me know.
|
arthurp
|
|
response 12 of 13:
|
Mar 26 09:53 UTC 2007 |
Any progress on writing the tools to allow this? Has the reap software
been updated to remove reaped accounts from the allow group?
I hesitate to volunteer for any staff/support position given my wildly
variable schedule, but I'm interrested in the 'staff problem' getting
worked out. I wish I had a magic idea.
|
naftee
|
|
response 13 of 13:
|
Apr 9 17:51 UTC 2007 |
unlucky
|