BSDCan2017 - 0722d

BSDCan 2017
The Technical BSD Conference

Ken Moore
Day Talks #2 - 10 June - 2017-06-10
Room DMS 1110
Start time 10:00
Duration 01:00
ID 797
Event type Lecture
Track System Administration
Language used for presentation English


FreeBSD Administration Made Easy

What can you accomplish with a full, remotely-accessible API for performing system administration tasks? The new SysAdm project for TrueOS and FreeBSD systems is here to help answer this question. It provides a fully-documented and simple API to transparently perform a multitude of tasks on FreeBSD systems, without the use of a separate system database. Instead, it automatically performs the same system-level changes to configuration files, services, and more. Generally, FreeBSD administrators typically conduct these changes by hand, but using SysAdm avoids interfering with any currently used toolchains or administration routines for servers in production environments.

This session explains the details of the SysAdm server (with usage API examples), and demonstrates a cross-platform GUI client for administrating systems via the API, which is currently available on FreeBSD, Windows, and Mac OSX.

SysAdm is a new project by the developers of TrueOS designed to provide a full-system API for administration of FreeBSD systems (servers and desktops). This project has three components:

  • a small service/daemon for FreeBSD systems (the "sysadm-server")
  • an optional graphical client to communicate with the server (the "sysadm-client")
  • an experimental discovery service to facilitate finding and connecting to a server (the "sysadm-bridge").

The server is designed as a remotely-accessible API for FreeBSD itself, which means there is no internal database for SysAdm which can get out of sync. Instead, it is simply an interface to the same configuration files administrators typically modify some other way, allowing SysAdm to be implemented on current production systems without changing the workflow for administrators. The server also provides many built-in security features such as blacklisting, PAM authentication, SSL authentication, and privilege separation, simplifying the deployment process.

The client side of SysAdm is completely written in Qt5 and currently available for FreeBSD/TrueOS, Windows, and Mac OSX. While many think of SysAdm as "just" a graphical front-end to the server API, there is more to the project. SysAdm also provides a complete multi-system connection and management solution with system event messages, in addition to notifications about system health and other general status updates. The interface framework is also highly modular, and will present various "pages" to the user. These "pages" depend on the specific subsystems which the server reports as being available at that time. This makes SysAdm very flexible, as every system connection can be extended by installing additional 3rd party packages (such as "iocage" or "iohyve") to enable even more management options. This session breaks down each of the SysAdm components to discuss how they are designed, give usage examples, and list some future improvements.