SoylentNews is people
SoylentNews
A developer of some Ruby Gems pulled the code as a statement against certain entities (Department of Homeland Security — DHS) ultimately using the code. Chef gets owned in the process.
ZDNet has a good rundown of the incident:
https://www.zdnet.com/article/developer-takes-down-ruby-library-after-he-finds-out-ice-was-using-it/
It seems that developers at chef may have used an old copy of the dev's code to get things back up and running again, which seems like exactly the wrong approach.
This discussion has been archived.
No new comments can be posted.
Political Statement Takes Down Chef
|
Log In/Create an Account
| Top
| 57 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Nadia Comaneci, simple perfection.
-- '76 Olympics
(Score: 2) by epitaxial on Sunday September 22 2019, @11:56PM (15 children)
No clue as to what the fuck Chef is supposed to be. I went to their site but it was nothing but buzz jargon.
(Score: 0) by Anonymous Coward on Monday September 23 2019, @12:01AM (3 children)
It's a puppet for ansibles, you insensitive clod.
(Score: 0) by Anonymous Coward on Monday September 23 2019, @12:15AM (2 children)
Geez, you're stupid! It's an ansible [wikipedia.org]* for puppets, moron!
*And I included a link, so it's obvious I'm right.
(Score: 1, Touché) by Anonymous Coward on Monday September 23 2019, @12:23AM (1 child)
morons, it's clearly cfengine for noobs!
(Score: 0) by Anonymous Coward on Monday September 23 2019, @06:46AM
stop rubbing Salt in the wounds! (though it would explain the overall bad taste of DSC)
(Score: 2) by c0lo on Monday September 23 2019, @12:14AM
That's.... ummm... what's his name?... oh, yes, Gordon Ramsay.
(and no, I have no idea why celebs are suddenly worthy of S/N)
(oh, yes. GRIN - just in case someone needs it)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Monday September 23 2019, @12:51AM
A 1993 British sit-com [wikipedia.org].
(Score: 3, Interesting) by RS3 on Monday September 23 2019, @04:39AM (7 children)
It's one of the many computer / server configuration management system softwares out there, often referred to as "automation" (I don't like that term, but it's being used.)
Some other examples are puppet, ansible, webmin... They're particularly good if you have many servers, cluster, etc., and want one central control and monitoring location.
(Score: 1, Informative) by Anonymous Coward on Monday September 23 2019, @05:33AM (4 children)
From what I've read [soylentnews.org], webmin is a particularly good choice if you want to outsource your server administration or allow multiple people to do so.
(Score: 1, Touché) by Anonymous Coward on Monday September 23 2019, @06:56AM (2 children)
Just so. Especially if you don't care *which* "multiple people" have such access, as Webmin is notoriously insecure.
cf. https://www.google.com/search?q=webmin+security+issues [google.com]
(Score: 0) by Anonymous Coward on Tuesday September 24 2019, @06:28AM (1 child)
You obviously didn't notice the first part of that comment linked to a story titled "Webmin Backdoored for Over a Year."
(Score: 0) by Anonymous Coward on Tuesday September 24 2019, @06:54AM
I did not. But that doesn't invalidate my post. In fact, I think it dovetailed nicely with GP's.
What's more, I upmodded GP once I saw the posting to which the link pointed.
(Score: 2) by RS3 on Wednesday September 25 2019, @05:40AM
Only if you allow access to it from the outside. I run servers on non-routeable address subnets, and only allow webmin access from specific internal IP addresses.
That said, I don't have, nor have ever, deployed webmin ongoing- just tried it from time-to-time, and frankly I don't like what it does to my config files. I wouldn't mind if it would just edit or add certain specific parameters, but it rewrites the whole thing, so bye-bye.
(Score: 1, Interesting) by Anonymous Coward on Monday September 23 2019, @07:14AM
I've hello-worlded my way through most of them, using one full time.
I think Microsoft nailed it by calling it desired state configuration (for their powershell-based offering)
infrastructure as code might be more descriptive, if more buzzword prone.
If you treat the entire state of the machine, (or a diff of its deviations from a base image, or perhaps even to create a 'base' image from install media) in a manner that's relatively os agnostic (and perhaps more importantly in the long run, cloud/hypervisor agnostic) then outside of data, (which can easily be mapped from another host) your servers (or desktops for those who seek adventure) become expendable. lose a drive? lose a cloud provider? just spin up a new vm elsewhere, apply the state, and you're node's up in seconds / minutes, not to the restore point of something like clonezilla, but to the latest pushed commits for your environment.
I also wouldn't lump webmin in this category. webmin is more of a configure servers as snowflakes method by default. though it can replicate configuration / modules to cluster members now?
(Score: 0) by Anonymous Coward on Monday September 23 2019, @11:40AM
> and want one central control and monitoring location.
And repeateable builds.
(Score: 2) by VLM on Monday September 23 2019, @04:36PM
Puppet is one extreme where you write a config on a central server that pushes out to the clients in a wierd DSL. All the client server fun you've come to enjoy. But the client is really lightweight-ish by 2000's standards so sometimes you need small.
Ansible uses python and YAML and tends to be implemented as a pull. Actually it works "OK" as a git repo for config and run locally, which is pretty fat on the client but TB of disk cost nothing and it hasn't been 1993 in a long time now.
Chef is like those two above had sex and its client-server puppet style but written in Ruby.
If there's anyone in the users groups of the three above that I have managed not to offend, I'll try harder next time. Aside from the sarcasm I'm not entirely wrong, and spent way too many hours sysadmining using puppet and ansible. Overall I am biased and prefer Ansible, if thats not clear. I did enjoy running puppet for many years.
Now I can offend the CFENGINE people, by claiming I don't have enough multiple personalities to run CFENGINE. I had a bad time with it once where *BSD had like five versions in binaries available because each was somewhat source incompatible with each other so you get to write everything like three ways to cover a heterogeneous network. I did not enjoy that experience. AFAIK nothing is quite as bad as CFENGINE.