[CentOS] How protect bash history file, do audit alike in server

m.roth at 5-cent.us m.roth at 5-cent.us
Wed Aug 8 21:03:48 UTC 2012 

Les Mikesell wrote:
> On Wed, Aug 8, 2012 at 2:56 PM,  <m.roth at 5-cent.us> wrote:
>>
>> <flame, but not to you, Heng Su>
>> VCS's that let multiple people check the same object out at the same
>> time.... You're *exactly* back where you were before people were using
>> VCSs.
>> </flame>
>
> Errr, what?  No sensible VCS forces you to wait for someone else to
> finish their portion of the work.

You're wrong. I've worked in small and large teams, and *ALWAYS* we
checked out with locks. If two people need to work on one file, then
either they need to work together on one copy, and check it back in
together, or the file needs to be split into more than one, so that one
person can work on each. This is the way it was at a medium sized
environmental company I worked at (that was working on ISO 9000), and it
was the way it was at a Baby Bell I worked at, and it was the way it was
when I worked on the City of Chicago 911 system.

I have vehemently been against the fad of the last half a dozen or so
years, with multiple people checking out and working on the same file.
I've seen hours or days of a developer's work wiped out, when a team lead
hacked some quick fixes, then merged the file back in.
>
>> Extract to test, and test the damn thing. Then label it.
>> Then, when they agree it's ok, you, the admin, get to install it, NOT
>> THE DEVELOPERS!!!!! AND you extract it by label (or whatever the VCS calls
>> it) to production directly from the VCS. You're guaranteed that the wrong
>> file won't be moved to production.
>
> That part is true enough, although it is not so much who does the
> work, it is following the procedure.   If you are going to be picky
> about who does what, there should really be a QA person involved that
> makes the actual decision about what version should be running in
> production in between the developers making changes and the operators
> doing the installs.

I haven't had q/a move to prod; that was always the prod admin's job,
after q/a was done, and had promoted it to prod.

      mark

More information about the CentOS mailing list