OCF staff are members of the OCF who contribute their time as volunteers, and are given responsibilities and privileges to maintain and improve the OCF's infrastructure. There are many powers granted to staff, which for simplification have been consolidated into a tiered structure.
Each tier includes the privileges of the preceding tiers.
Staff privileges are distinct from the Board of Directors and Officers, which hold legislative and executive powers respectively, although in practice virtually all Directors are staffers.
staff@ocf mail (including staff discussions and announcements)
wheel@ocf mail (including discussions with technical jargon)
motd (message of the
day on public servers)
In order to reset user passwords, staff must possess a
Before RSOs became able to reset their passwords online in 2015, this principal
was widely given out. Since then, it has become much less necessary to have for
staff hours. It is now given out as needed.
The most technical and "on-call" staff members are given sudo access (root privileges) on all servers and the ability to modify LDAP/Kerberos directly.
The Site Manager(s) and Deputy Site Manager(s) are always Technical Managers. Other Deputy Managers and the General Manager(s) often happen to be Technical Managers as well.
You must be in the
ocfroot LDAP group in order to use
sudo on most
servers, other than desktops and your own staff VM.
The ability to become root via sudo on machines other than your staff VM
requires the existence of a
/root principal (see above).
In order to modify LDAP or Kerberos, staff must possess a
and it must be granted Kerberos-editing rights in
Technical Managers also have the following privileges:
Some Technical Managers, particularly the DSMs and SMs, may additionally have the following: