Here are the functions associated with the various dialog buttons
This will enlarge the dialog to allow more members (not completed yet).
This allows you to delete the administration group. This deletes the information in Linuxconf, but the files in
/etc/linuxconf/admgroups/group-id
are not deleted.
This takes a snapshot of the selected subsystems in the administration tree. The snapshot is installed in
/etc/linuxconf/admgroups/group-id
Once published, an administration group is ready to be shared with members of the group, using either the export functionality or any other means you can imagine. The directory tree of an administration group may be installed on any Linuxconf station with the netadm module and imported, making it operational.
Export uses a custom protocol to reach another Linuxconf host. It sends the contents of the administration group repository and then triggers an import procedure and an activation procedure (netconf --update).
Currently, this procedure is manual. For each member of the administration group, Linuxconf prompts you for its root password. Using this password, it gets access and completes the operation.
This is only one way an administration group repository may be shared. One may choose to export it using NFS (depending of the level of privacy required) or any other well known network protocol.
We believe that much will be needed to make this sharing appropriate for the various network environments out there. Comments are welcome.
Linuxconf uses special protocols to perform remote administration and cluster management. Those protocols may be encapsulated easily to enhance either connectivity and security.
One nice encapsulating tool is ssh (secure shell). ssh is a great replacement for commands like rlogin, rsh, rcp and telnet. It does basically the same thing (and more), but with added encryption and compression.
ssh is also very useful to interconnect two processes remotely, by providing a secure (encrypted) link. This is the way Linuxconf is using it.
By setting a special account on workstations and servers, you will be able to use it with Linuxconf without even knowing it. This is experimental and comments are welcome.
Linuxconf uses ssh to establish the link. It expects that a special user account "netadm" exists on the remote host. This user account must have the shell
/usr/lib/linuxconf/lib/netadmshell
The account must NOT have a password. The idea is to trigger Linuxconf immediately, which will request the root password using its remote management protocol.
You can use ssh access control to limit who may access your box this way. They need the root password, no matter what, to access it.