[Openvds-devel] RE: [Openvds-clients] Webmin Control Panels

[Clint Nelissen]

The reason being is that you want to create a seperate installation of
the webmin scripts underneath each VDS so THEY can have full control
over webmins ACL's as well. What if they want to create users that only
have access to DNS? What if they want to be able to add a user to only
be able to administer one virual domain?

By creating a dumbed down verison of webmin, you can give all the same
functionality to the end-user without having to spend countless hours
configuring the ACL's at a server level. Just give them access to their
control panel and let them setup the permissions as they see fit. The
admin would add the VS.. the end-user version of webmin would get
created and installed.. and from that point on there are no other
configurations that need to be made in order for them to administer
their site.

The VDS module that we are talking about would basically emulate all the
same functionality that the end-user version has, only it could be done
without having to login with their username and password. The server
admin could setup users and groups or create virtual domains underneath
that specific VS, the same as the admin of the VS.

Also, what you need to take into consideration is this. Say you have 2
physical machines... and you have a VS on one machine that is taking up
to many resources, so you want to move him to the other server that has
more resources available. By following this model, you could easily tar
up the client folder and FTP it to the other server and the
configuration stays pretty much the same. By following your model, you
would have to re-configure the user and all of the permissions on the
other server. 

These control panels need to stay pretty much detached from the server
itself and any processes that run on the server, (without regard to the
actual VDS process), so that they can be easily portable.

Clint Nelissen - Technician
Digital Internet Services Corporation
Phone - 760-776-0800 x 300
Fax - 760-776-0076
http://www.dis.net
 


-----Original Message-----
From: Eje Gustafsson [mailto:address@hidden 
Sent: Tuesday, December 11, 2001 11:00 AM
To: Clint Nelissen
Cc: address@hidden;
address@hidden
Subject: Re: [Openvds-clients] Webmin Control Panels


Hello Clint,

Tuesday, December 11, 2001, 11:17:52 AM, you wrote:

CN> I think that we are all in agreement that we need to start working
with
CN> Webmin as a base for our client administration scripts... I have
some
CN> ideas that maybe we could all have some input on.

CN> The scripts as a whole would be comprised of 3 separate scripts
CN> (programs whatever).

CN> 1 - An end-user version of webmin - This would be a dumbed down
version
CN> of webmin.. taking out all of the root and non-vds specific stuff
from
CN> webmin, such as the hard-disk modules and the network configuration
CN> modules. This would also run as the admin-pseudo user rather than
root.
CN> This way it executes commands in the same exact manner as the admin
user
CN> would through telnet, and no added security risks. Also whether this
CN> runs as an apache version or the webmin.pl version is of no security
CN> consequence. If it is to be a stand-alone, it should run on a
different
CN> port than the standard webmin install.. so that for the network
CN> recognition features of webmin... it will not find every single VDS
CN> running the control panel. We don't want our customers to be able to
see
CN> how many customers we have and where they are on the network. Even
if we
CN> axe this all together from the client version, that would be best.
But
CN> at the server admin version.. it would not find every VDS version.

Why dumb it down. Why not make a simple end user group and do it on an
ACL level instead ? All the ACL stuff is in place in webmin.

I got end users that I give access for example to ONLY DNSing and ONLY
to THEIR domains and can not create new domains and a few other
limitations. All by standard webmin and it's default ACL controls.
Basically what we would need is a separate end user module that would
have to be build and the end users only get access to this single
module (settings on the user can be to go to their module if they only
have one that way they would be put right away in the right place).

CN> 2 - The server version. This would be a standard webmin install..
all
CN> features intact. From here the network recognition could take place
as
CN> normal.. allowing a network admin to locate and administer every VDS
CN> server (physical server) on the network.

Pretty much same here. Just use default webmin add a VDS server module
in which you can do all administrative tasks you want for the VDS and
at the same time have normal server access to do standard tasks.

CN> 3 - A webmin VDS module. The network recognition here would only
find
CN> the VDS version control panels for the server they are logged in on.
CN> (basically the same method only searching for webmin on the other
port).
>>From there the admin could administer all of the VDS's under that
CN> server, such as add/remove/edit VDS's/users/software.

Now your on it. A module that gives access to only the VS and the
stuff you want to allow him/her to do on it.

CN> Any thoughts on that?

CN> Clint Nelissen - Technician
CN> Digital Internet Services Corporation
CN> Phone - 760-776-0800 x 300
CN> Fax - 760-776-0076
CN> http://www.dis.net
 

CN> _______________________________________________
CN> Openvds-clients mailing list
CN> address@hidden
CN> http://mail.freesoftware.fsf.org/mailman/listinfo/openvds-clients



Best regards,
 Eje Gustafsson                       mailto:address@hidden
---
The Family Entertainment Network      http://www.fament.com
Phone : 620-231-7777                  Fax   : 620-231-4066
eBay UserID : macahan
          - Your fulltime professionals -