Re: [Trinityos-perlwebmin] What's up ?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Stefan Ilivanov wrote:
> It's there any progres with the administration system ?

I've brought forward the I/O utilities code which is part of the webmin base
about 18 sub releases.	It includes an implementation of C flock(3) in pure
Perl which isn't portably available and is error-prone in the core of the Perl
language itself.

I've been planning something out which I probably should present for public
approval before going forward with it anymore.	I already have figured out how
to implement this proposed action, so this isn't a pie-in-the-sky idea.  It's a
sub-sub project looking for approval and feedback.

I propose that a seperate apache server be created to specifically handle the
web admin.  It should listen on a different port, and be compiled differently
than the main thttpd web server.  There are several reasons this should happen,
and several reasons why it is beneficial.  I'll go over these from this point
forward.

   Due to the nature of a dedicated server, we can profit from tactics
   which wouldn't work for the main server. (read on)

   The seperate apache binary can be a mod_perl server and still be a
   superfast, streamlined process.  Because only handles a few documents
   and CGIs it keeps its registry optimally small.  There's nothing faster
   than RAM, folks.

   The dedicated server can be compiled with the inclusion of the base webmin
   code and its supporting libs without losing performance; even GAINing
   performance by a significant measure.

   The dedicated server can be compiled with the EXclusion of more apache mods
   which would otherwise be neccessary on a fully-functionally public apache
   server.  (eg- we don't need to compile it with a bunch of language packs
   which aren't used as the OS native language, no need for logging when base
   code already handles this much better with a searchable interface, no need
   for huge mime db, no need for server-side scripting support other than the
   perl, AND a whole bunch of other stuff.)

   The seperate httpd is going to be very transparent and have a verrrrry small

   memory footprint while demanding fewer cpu cycles.  The dedicated server
   can be safely limited to a small number of child processes.

   A seperate apache binary allows us to avoid getting muddled by, and
   muddling up further the public web server with all its issues.
   We remain clear of the main server's operations that have nothing to
   do with us:

      load balancing policies for public documents shouldn't interfere with us
      Think about it for a moment:  how can web admin fix a hanging server if
it
      RUNS ON IT?

      We don't need the same storage schedule, we don't need to run
      the same cron jobs, and the pub server really doesn't need to be
      messing around with ours!

	 --especially if the inroad I'm working on provides a further layer
	 of security between the web admin and the web browser by putting
	 risky jobs in que for later admin approval with strictly onsite
	 system access.  I want my own crontab.

      Any special firewall rules for our server don't need to slow down the
main
      server, and vise versa.

      Our logging semantics and subprocesses are different.  We don't need
      to run extra helper procs and subprocs for our own programs.  We don't
      need to include our access hits in the traffic reports, for a simple
      example.

      We need different levels of access to the machine's internals which
      we shouldn't have to build into the main server.

      We can easily target and eliminate intrusion attempts on the web
      admin (yes, they will happen) providing more security by staying
      away from the main server.

      If at any time we need or decide to use SSL, we're going to have to
      create another server anyway.  This is gonna be a super pain in the
      butt if we have already built the webmin to work as part of the public
      server.  This is yet another conflict we don't need.

-- 

   -Tommy Butler
    http://atrixnet.com

I'm looking for work!
    contract or perm, full or part time
    Download my résumé http://www.atrixnet.com/resume

the ooOPps Code Library
    http://ooopps.sourceforge.net/pub/