[FFmpeg-devel] [RFC] roots duties and rights
Tue Oct 12 12:42:00 CEST 2010
On Tue, Oct 12, 2010 at 12:00:13PM +0200, Attila Kinali wrote:
> On Mon, 11 Oct 2010 13:23:42 +0200
> Michael Niedermayer <michaelni at gmx.at> wrote:
> > Heres a quick dump of /dev/brain
> > Duties:
> > * Keep the system running smoothly so all "users" can do their work.
> > -Keep the system secure so its not hacked
> > -Recognize problems early and take preemtpive action, aka a mail to
> > the MLs with "we only have 100 mb space left in incoming" for example
> > -Replace hardware when it fails, search for possible donations on ML/IRC
> > ask the foundation to fund hw where needed.
> > -Install security updates quickly
> > -Make regular backups and store them off site, keep past backups so
> > undetected corruption does not make them useless
> > * Do all the administrative things that normal users dont have the right to
> > and that havnt been delegated to volunteers.
> > - Create mailinglists that are related to the project when requested by the
> > project leader
> > - Open and Close SVN/GIT accounts if requested by the project leader (root can
> > not reject such requests)
> > - Install software that is requested by project members for their work with
> > the FOSS projects
> > - Open SSH accounts for project members when their FOSS-project related work
> > needs such account
> > - help with forgotten passwords after the user proofes his identity
> > - Root shall attempt to work on requests approximately in order and not ignore
> > requests for months
> > - Root shall in case of ambiguity of a request ask instead of guessing.
> > * Have plans in place for total hardware failure (fire / earthquake / ...)
> > * Have plans in place for the system being successfully hacked
> The above reads like you are looking for an admin/root who does this
> as a paid job and not as a volunteer, who does this in his free time,
> between job, wife and kids. Which is kind of disturbing, because you
> should be well aware that everyone who works on FFmpeg or MPlayer is
> a volunteer and hardly anyone gets actually money for working on these
> projects. Yes, a lot of things that a "comercial" admin has to do is kind
> of expected of a volunteer admin as well, but the way you formulate it
> makes it a strict requirement, which will scare off anyone who might
> want to take over this post. Keep in mind, we are all human beings who
> like to do fun things.
ok, i see some of this is unwisely formulated but still root has pretty much
done these things in the last 5 years, and you have done them well
> You also use very ambigous terms in your requirements like "smoothly"
> or "quickly". What these exactly mean and how they are interpreted is
> not clear at all. For someone who is busy, a reaction time of a week
> is pretty fast. For someone who does nothing but to sit idly around,
> a day can be expected.
> Yet, i get the feeling if something is not
> done "quickly" by your definition of "quickly", the poor guy who was
> supposed to do the job will get roasted.
if the server starts spreading warez and ffmpeg with rootkit for a month without
root reacting. Then root will be roasted by lawsuits with a bit poor luck.
I thus think no matter what we write in the "rules" reasonable reaction times
are something that anyone running a server has to be able to handle.
> > * Root must not involve itself deeply in any of the hosted projects, that is
> > to ensure roots impartiality and avoid conflict of interest
> > This conflict of interest exists both in form of making decisions as root
> > to favor ones personal preference in a project. As well as participating
> > in project internal discussions while implicating ones authority.
> So, you want someone who is totally unrelated to any project hosted
> by mphq and want him still be interested enough to invest a major part
> of his free time into the server? What, do you think, will be his motivation
> to do the job?
My idea was mostly that we could have a single trusted root. someone who has
been active in the past and is trusted by all (like you or fabrice) and this
person would delegate most work to others so would not have much to do but
rather ensure that no abuse of power happens.
> Also keep in mind that i'm probably the longest active member of the MPlayer
> project. Diego and Mans have been around for ages too. Why? Because they
> have a big interest in the project(s) to dedicate a substantial portion
> of their time and energy. And you may be sure, that if didn't had the admin
> tasks taking up a big part of my free time, i would have written more code
> in the past 5 years.
> > -Root may resign, in which case new candidates shall be found and a vote
> > amongth all developers who had write access prior to the resignation shall be
> > held.
> You cannot be serious?!? The right to resign? In a OSS project? WTF?
> I have the right to do or not do anything i want. Nobody can take that
> away from me. And nobody had to spell that out until now. If i dont like
> it, i can even disapear from one second to the next without a word or
> anything. Heck, this is a hobby and not slave labor!
Iam a technical person and i like mathematics, to me spelling out all rights
i could think off is just logic.I had no intent to offend anyone
To me there is
A. root can resign
B. root cannot resign
B is clearly unacceptable, so it has to be A
> > The project leader of each project has a veto right against candidates.
> > This veto right is necessary as root is a service provider and not a power
> > position and if one asks for candidates for root the most power hungry people
> > in the projects come forward. And it is also important that root is trusted
> > by all, more so than root being the one with the prettiest face.
> Why does the project leader get a veto right and not the other developers
> as well? If root has to be trusted by all, then everyone should have the
> right to veto.
good, i agree
> > -Like everyone root can be busy with family, military, jail, girls, pizza,
> > flamewar
> > in which case it is understood that root cannot attend to their duties for a
> > while. But its expected that the roots at least try to have 1 person of them
> > reachable by some means of communication within reasonable time intervals
> > who has then some kind of internet access within reasonable distance in case
> > of emergencies.
> So, you want to have an SLA? Are you prepared to pay for it?
> A simple 5d reaction time, Mo-Fr 9-17 SLA for a single server
> costs already well over 10kEUR/y.
i said none of that
the text just says that root should try. And i can hire someone for 10 euro
per year for "try" he just can say then he tried and failed all the time ...
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
The real ebay dictionary, page 1
"Used only once" - "Some unspecified defect prevented a second use"
"In good condition" - "Can be repaird by experienced expert"
"As is" - "You wouldnt want it even if you were payed for it, if you knew ..."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: Digital signature
More information about the ffmpeg-devel