Järjestelmän ylläpitäjät
Oikeudellisten ja turvallisuussyiden vuoksi Wikimedia Foundation on päättänyt, että tähän rooliin vaaditaan kaksivaiheinen tunnistautuminen. |
Järjestelmän ylläpitäjät hoitavat järjestelmän ylläpitäjien työtä Wikimedian palvelimilla. Heidän ensisijainen tehtävä on varmistaa, että säätiön wikikokoelma yli 800 wikistä toimii sujuvasti, jotta käyttäjät voivat jatkaa sivujen lukemista ja muokkausten tekemistä. Wikimedian palvelinklusteri-laitteistojen ja ohjelmistojen ylläpidon lisäksi he ovat vastuussa Wikimedian palvelimilla toimivan MediaWikin versiopäivityksistä ja sen määrittämisestä, jotka vaativat suoraa palvelimen tai tietokannan käyttöä, kuten uusien wikien luomisen, wikien sulkemisen ja kokoonpanoasetusten muuttamisen jne.
The Wikimedia Foundation legally controls the servers; ultimately the Wikimedia Foundation Board of Trustees is responsible for determining who has sysadmin access, and how that responsibility is exercised. However, this power is delegated to various Wikimedia Foundation managers. On a day-to-day basis, various system administrators with root or shell access manage the server clusters.
Järjestelmän ylläpitäjän toiminnat
Vaikka järjestelmän ylläpitäjät eivät usein ole aktiivisia itse Wikimedian wikeissä, heidän on joskus jouduttava suorittamaan toimia teknisistä syistä, kuten käyttäjien tai bottien estäminen, jotka kuluttavat kohtuuttomia määriä järjestelmän resursseja. Lisäksi he saattavat joutua kumoamaan muokkauksia, jotka rasittavat palvelimia. Tällaisia toimia ei pitäisi kumota tai perua konsultoimatta järjestelmän ylläpitäjää.
To facilitate these changes being made in a transparent fashion, all system administrators who ask can be added to the 'sysadmin'
global group (automatic members lists). This group allows them to set user rights for any user on any wiki, in the same fashion as stewards. So if a system administrator needs to perform an action restricted to administrators (like editing system messages) on a particular wiki, they can simply grant themselves admin status on that wiki to make the action. In addition, the 'sysadmin'
group has access to Special:GlobalGroupPermissions, where system administrators can change the permissions assigned to their global group. So as an alternative, the system administrator could add editinterface
to the global group permissions, and would then be able to edit system messages on all wikis.
System administrators are encouraged to use the latter method of granting permissions, to avoid the lists of administrators/bureaucrats on local wikis becoming cluttered with users who are not 'permanent' members of those groups. These self-promotions may be removed at any time by stewards, as they can be easily restored if needed. However, some system administrators have permissions on certain wikis as a result of due process on that wiki, for instance Tim Starling's adminship on English Wikipedia; such rights should not be removed in this fashion.
Requesting on-wiki access
Approving the on-wiki sysadmin global group to any account (staff and volunteers) is the responsibility of the Trust and Safety team in consultation with Legal at the Foundation. Not all system administrators have this permission. The on-wiki permission can be given to those who already have relevant permission/access in Wikimedia’s technical spaces (i.e. shell access) and can demonstrate a need of doing related on-wiki changes in order to better support the communities.
- The requester needs to submit their request on the Steward requests/Global permissions Meta page. After submitting the request on Meta, the requester needs to send a note with a detailed use case (i.e. what do you need the rights for?) to Trust and Safety through ca wikimedia.org for approval.
- Once approved by the Legal department, one of the members from the Trust and Safety team will coordinate with the Stewards and will confirm the approval on the Meta request page.
- Once the approval from the Foundation is secured, the Stewards ensure that the 2FA requirement for the user account is met and grant the rights.
- The Stewards will remove the rights if the user wishes to resign and/or loses access to the server, Foundation asks for removal, or in case of abuse and in an emergency situation (i.e. account compromised).
Luettelo
There are various levels of shell access (through user groups) and many (whether or not overlapping) groups of servers that access is granted to. The canonical list of users with access to the servers is maintained in the Git repository that hosts the Puppet configuration used to configure the servers.
Users in the restricted
, deployment
, or ops
groups (and by extension the release-engineering
group which is included by reference) have sysadmin access to the servers running MediaWiki itself.
Historia
Initially, it was Jimmy Wales who installed software, ran update programs, etc., on the servers. In March 2002, he proposed to give login accounts to some developers ("Trusted user access to machine", Wikitech-l).
System administrators formerly had an important role in the Wikipedia power structure, since they were the only ones able to promote and demote sysops and lock user accounts (before the "block" feature of MediaWiki existed).
Katso myös
- palvelinjärjestelmän ylläpitäjät: global permission · global groups (toolforge) · member list · group changelog
- Global groups