On 07/26/2013 02:25 PM, Barry Warsaw wrote:
On Jul 26, 2013, at 02:05 PM, Mark Sapiro wrote:
If there are no objections, I'll reach out to the infrastructure team to see what they'd need. I'll have to contact John and Matt to do any required DNS changes. I think the rough task list would be:
- Get python.org to assign us an IP address
- Map wiki-new.list.org to that IP
- Freeze all edits on wiki.list.org
- Have Paul do one more migration that he's happy with
- Get pdo to install that on wiki-new
- Test, test, test
- Move the DNS for wiki.list.org to the new IP
- Decommission the Confluence instance
Sounds good. Re: timing, I am off line much of now through Aug 30, so for me at least, 'Test, test, test' shouldn't begin before September.
Would you and/or Paul want shell access to the new Moin instance? I don't know if that's possible, but if you do, I'd make that part of my request to infrastructure.
It might be helpful, but the more critical things are that probably at least one of us should be in the superuser list (a configuration setting) and there should be an AdminGroup with all rights and we should be in it.
Of course we can do this with shell access to the configuration file.
There is an issue on my own Moin wiki in that people who are logged in but not members of any group can create and edit pages which don't have ACLs. At one point I was discovered by wiki spammers. I 'fixed' that by using Moin's textcha facility to effectively require a password to create an account. It could be solved more readily by not giving 'Known' users default (or any) write access.
Is that possible? I think we'd definitely want to do that. Also, I guess 'unknown' users would also not have any write access, correct?
My Moin installation is dumb in this respect. I don't remember why we wanted to set it up the way we did, maybe so a user could create their own home page before being added to a group, but in this age of wiki spam it's probably not a good idea.
And yes, we can be as loose or as tight as we want. The page at <https://moinmo.in/HelpOnAccessControlLists> gives the story, but the short answer is we can require a user to be logged in and a member of some specific group before they can create or modify any content.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan