LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

June 2015

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS June 2015

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: SL7: Is there a GUI for systemctl?
From:	Nico Kadel-Garcia <[log in to unmask]>
Reply To:	Nico Kadel-Garcia <[log in to unmask]>
Date:	Sun, 14 Jun 2015 22:48:15 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (64 lines)

On Sun, Jun 14, 2015 at 9:54 PM, Steven Haigh <[log in to unmask]> wrote:

> We have a web interface that configures the boot process. We have
> projects like cups that have web interfaces to configure printers.

The built-in CUPS interface is one of the most notoriously bad
interfaces in open source GUI history. See Eric Raymond's essay on
open source interfaces,
http://www.catb.org/esr/writings/cups-horror.html

> Complexity and security wise, we're dumbing things down that much that
> the trend is to have a web server + god knows what else running to
> configure fairly simple things.
>
> Would you agree that webmin is a great system administration tool? If
> so, then you don't see the problem.

Umm. Tracking 30 distinct configuration files, sorting out their run
orders and activatoin settings, and presenting them as an organized
whole is precisely the sort of thing a good GUI is for.

> There are tons of EL users that care more about security and audit
> ability of systems in place - and for some, that's a legal requirement.

> So, now we have to either:
> 1) Not change; or
> 2) Be able to audit each projects back end - including its own
> implementation of a web server, its tools and other bundled cruft.

??? Why need a GUI  be web based? There are plenty of excellent old
'ncurses' based GUI's that have worked quite well for years  Some of
them are present in SL 6, such as the old 'system-config-network' and
'system-config-firewall' non-GUI scripts. And even the graphical ones
can be done as X applications, not necessarily as web clients.

Mind you, I personally *love* webmin. It's good, clean, modular work,
well documented, gracefully expandible, generally very flexible, and
far superior for DNS and web wenfiguration than most tools.

> This doesn't make life any easier for high-security systems - and indeed
> adds more vectors for attack - which I'll admit - are mostly theoretical
> until they are not.

Such GUI's need not be web based, nor need they even be X based. Most
configuration toolkits are modest enough to fit well within an
'ncurses' based text interface. I freely admit, however, that I'm a
big proponent of good web based GUI's for system configuration, to
provide sanity checking and ease the work for people who don't want to
or need to spend the time in the detailed innards. The Webmin DNS
configuration tools are an excellent example of just such an
interface.

Some of the modern interfaces that SL has inherited from RHEL, such as
the new 'spoke and wheel' structured Anaconda installation interface,
system-config-kickstart, and virt-manager..... are not such excellent
examples, for reasons mentioned in Eric Raymond's essay.

> Steven Haigh
>
> Email: [log in to unmask]
> Web: http://www.crc.id.au
> Phone: (03) 9001 6090 - 0412 935 897
>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV