UNIX Systems Control Politics? 133
pariahdecss asks: "I have just been hired as the webmaster for local college. The website for which I am responsible is hosted 'in-house' and controlled by the college. The server box does not have any other production systems on it besides my website. The website that I have inherited is driven by an amalgam of Embedded Perl and PostgreSQL. Now to the politics...the UNIX Administrator does not want to give me root access to this box. What have others done when faced with this type of systems politics? Is it even possible to function as a full scale webmaster without root access to the box you serve from?"
Comment removed (Score:3, Interesting)
Inherit the whirlwind (Score:3, Interesting)
What kind of Webmaster? (Score:5, Interesting)
If you're talking a Modern webmaster, then no, they don't need it. The Server Admin just has to make sure all the directories they are using are owned by the assigned user.
If you're talking Old-School, then yeah, it's pretty much a necessity; sudo at a minimum.
Based on your question (Score:2, Interesting)
You both suck...... (Score:3, Interesting)
Re:Yes (Score:5, Interesting)
Webmasters are more lined up with programmers these days (think maybe
Re:sudo (Score:3, Interesting)
a tale of root acquisition (Score:3, Interesting)
I started here 5 months ago. One of the things that got me the job was being able to tell my boss that "I know Linux", I've been running my own and a previous employer's web and mail servers for five years, etc. But that's not in my job description; it's someone else's job. In today's downwardly-mobile economy, I'm a mere "Technician" here.
I didn't push it. When a problem with DNS cropped up, I used my knowledge of how DNS works to help troubleshoot it, passing useful information to my boss and to the guy responsible for fixing it. A couple months later when we started having problems with DHCP, I stayed late helping to troubleshoot. When it happened again the next week and I was the only other person around, my boss logged me in under an account with root privilege (she has it because she's the boss, not because she's qualified to use it) so I could restart dhcpd. The next time, she actually gave me root, and I figured out what the problem was... but let the official admin get it working. After that, I kept my privilege to maintain the DHCP system to make sure it stayed operational.
That sounds like the end of the story, but it continues: I determined that the real problem with DHCP was that we didn't have enough addresses to accommodate student laptop plug-ins. I suggested a solution, and the boss let me do it: set up an old P2 box running Coyote Linux as a router, putting 30+ machines on their own subnet, thereby alleviating the problem (at zero expense). And on that box I don't just have root... I am root.
Re:Webmaster needs root acces? (Score:4, Interesting)
Either way, it's an absolute PITA to do development without the freedom provided by having total access (installing third party packages/software, modifying permissions, configuring services). You can install applications like Sudo [courtesan.com] to grant elevated privileges on a case-by-case basis, but you have to be serious about it because there's a lot of configuration you have to do if you want to do it properly.
Sidenote: My colleague who used to work for a bank told me a tale where he was not allowed to see what cron jobs were running on a system, but for whatever reason - had been given access to use /bin/cat with sudo. At one stage he "cat" the /var/spool/cron/tabs/xyz (or whatever the path is), in order to find out why some process was hogging the system resources. When he offered a suggestion on how to improve it - the admin looked at him oddly and was like "how do you know what cron jobs are running!?"