<div dir="ltr"><div>Great, thanks! <br></div>I shall investgate further, but that is exactly the information I needed.<br></div><br><div class="gmail_quote"><div dir="ltr">On Sun, 22 May 2016 at 05:18 David Adam <<a href="mailto:zanchey@ucc.gu.uwa.edu.au">zanchey@ucc.gu.uwa.edu.au</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Tue, 17 May 2016, Jonathan Van buren wrote:<br>
> Got a question. What type of database (if any) does ucc use to store all<br>
> the members user account information? How accessible is this information (I<br>
> know you can finger system accounts can you also query the database for<br>
> information or do you need elevated privileges to do so)?<br>
<br>
As far as I know, there's two different sources of information.<br>
<br>
The authoritative database for account information - that is, user names,<br>
passwords, Unix and Windows user IDs, home directories and so on - is<br>
stored in our OpenLDAP server and accessed via LDAP. You do need elevated<br>
privileges to view some information such as password hashes, but you can<br>
have a look at what's stored as an anonymous user:<br>
<br>
$ ldapvi '(uid=*)'<br>
<br>
This will show you the entries for all users on the system (use plain<br>
`ldapvi` to look through the entire database, but there is lots of other<br>
uninteresting system information inside).<br>
<br>
However, the membership register - which contains full names, addresses,<br>
student numbers and so on - is maintained separately. At the moment I<br>
think we're still using MemberDB, which [PXY] started and I continued<br>
with, renamed as the Gumby Management System (after the Fish Management<br>
System, an old machine database at UCC - after all G follows F :-).<br>
<br>
This is accessible at:<br>
<a href="https://secure.ucc.asn.au/members/" rel="noreferrer" target="_blank">https://secure.ucc.asn.au/members/</a><br>
<br>
You do need to be on committee (or have committee add you) as obviously<br>
this information is private.<br>
<br>
GMS is written in a Python framework called Django, and the thing about it<br>
that made it so suitable is that the entire thing is under 100 lines of<br>
code and configuration. You can have a look at the source, I think - it's<br>
in /services/gms with the bulk of the code in<br>
/services/gms/memberdb/models.py.<br>
<br>
This sits on top of a PostgreSQL database, although that's entirely an<br>
implementation detail - in the past it was a SQLite database in the<br>
secretary's home directory.<br>
<br>
There have been plans for years to merge these two databases, or to<br>
rewrite MemberDB/GMS into something bigger that would allow online signups<br>
or even payments. The former is a bad idea - we need to keep historical<br>
records and carefully protect the privacy of the information, and OpenLDAP<br>
makes this easy to mess up. The latter is a great idea, but it's quite<br>
hard and involves words like "workflow" which are no fun.<br>
<br>
David Adam<br>
zanchey@<br>
</blockquote></div>