<html><head></head><body><div>SWEET! </div><div><br></div><div>LDAP auth means my IPA process can be used to further brutalize, er, um, manage user access to specialty locations as required.</div><div><br></div><div>On Tue, 2017-09-19 at 13:24 -0400, Niel Bornstein wrote:</div><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><pre>I'll also put this right here:
<a href="http://port.us.org/">http://port.us.org/</a>
On 09/19/2017 11:25 AM, Jerald Sheets wrote:
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex">
That’s what Jim and I were bantering about. There’s “DockerHub” which
provides baked images, and there are several official ones from the
vendors there. You can also have your own space (a lot like GitHub)
where you curate and manage your own images, and reference those
directly instead of the publicly managed ones by “God knows who”…
Check it out.
<a href="https://hub.docker.com/">https://hub.docker.com/</a>
—jms
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex">
On Sep 19, 2017, at 9:57 AM, Jeff Hubbs <<a href="mailto:jhubbslist@att.net">jhubbslist@att.net</a>
<<a href="mailto:jhubbslist@att.net">mailto:jhubbslist@att.net</a>>> wrote:
I was referring to the first one. I'm trying to get used to the notion
of a package management system that runs underneath or beside the
operating system's.
On 9/18/17 5:25 PM, lnxgnome wrote:
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex">
Jeff,
Are you asking about Anaconda <a href="https://www.anaconda.com/">https://www.anaconda.com/</a> or Anaconda
<a href="https://fedoraproject.org/wiki/Anaconda">https://fedoraproject.org/wiki/Anaconda</a> ?
For the first, there is...
<a href="https://github.com/ContinuumIO/docker-images/tree/master/anaconda">https://github.com/ContinuumIO/docker-images/tree/master/anaconda</a>
For the second, there is...
<a href="http://atodorov.org/blog/2015/10/28/building-docker-images-with-anaconda/">http://atodorov.org/blog/2015/10/28/building-docker-images-with-anaconda/</a>
On 20170918 12:49 PM, Jeff Hubbs wrote:
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex">
Can someone help characterize for me how Anaconda fits into this
whole container business?
On 9/18/17 11:52 AM, Jim Kinney wrote:
<blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex">
I'm very close to the point of isolating my docker junkies in every
possible way and letting their stuff get broken into. That will be
the only way to get the political leverage to be able tell a PhD
faculty "NO. It ALL runs through me and upstream university
security. No exception."
On September 18, 2017 9:34:37 AM EDT, Solomon Peachy
<<a href="mailto:pizza@shaftnet.org">pizza@shaftnet.org</a>> wrote:
On Mon, Sep 18, 2017 at 09:18:46AM -0400, Jerald Sheets wrote:
All containers should be curated by Systems. The Developers
should submit them for security scanning, or you should
employ a DevSecOps model for deployment. i.e., federate
security scanning by providing OS, App, transport,
penetration, and network security testing as APIs that devs
can leverage instead of leaving them to security. Left to
their own devices, unreasonable deploy timelines set for
them, and golf-playing pointy-hairs with unreasonable ship
date requirements, it’ll never happen.
This should all be automated and part of a security CI/CD
pipeline without which a “pass” from the security field,
cannot ever be deployed into production. This is how we do it.
The unspoken assumption here is that your needs are sufficient to make
this (completely necessary!) administrative overhead worthwhile.
Unfortunately, much like VMs before, most shops just "download an image"
from the likes of DockerHub and then deploy it, with no real thought
towards ongoing maintainence or security concerns. Because those cost
time/effort -- and therefore and money.
- Solomon </grumble>
--
Sent from my Android device with K-9 Mail. All tyopes are thumb
related and reflect authenticity.
_______________________________________________
Ale mailing list
<a href="mailto:Ale@ale.org">Ale@ale.org</a>
<a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a>
</blockquote>
_______________________________________________
Ale mailing list
<a href="mailto:Ale@ale.org">Ale@ale.org</a>
<a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a>
</blockquote>
_______________________________________________
Ale mailing list
<a href="mailto:Ale@ale.org">Ale@ale.org</a>
<a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a>
</blockquote>
_______________________________________________
Ale mailing list
<a href="mailto:Ale@ale.org">Ale@ale.org</a> <<a href="mailto:Ale@ale.org">mailto:Ale@ale.org</a>>
<a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a>
</blockquote>
_______________________________________________
Ale mailing list
<a href="mailto:Ale@ale.org">Ale@ale.org</a>
<a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a>
</blockquote>
</pre><pre>_______________________________________________
Ale mailing list
<a href="mailto:Ale@ale.org">Ale@ale.org</a>
<a href="http://mail.ale.org/mailman/listinfo/ale">http://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a href="http://mail.ale.org/mailman/listinfo">http://mail.ale.org/mailman/listinfo</a>
</pre></blockquote></body></html>