SysAdm: FreeBSD administration made easy


SysAdm is a new system administration framework that was created by the TrueOS team for managing FreeBSD desktops and servers. It is comprised of a FreeBSD-specific server component, which provides both REST and Websocket connection protocols via a public API, and a cross-platform client for managing multiple systems simultaneously.

The server has many features directly built in: security protocols such as brute-force detection and blacklisting, authentication protols which interface with PAM for user logins as well as SSL key support, and a clearly documented, JSON-based API for easily crafting and exchanging messages. One of my favorite features however, is that SysAdm is not designed as a replacement for the traditional FreeBSD administration methods (SSH/CLI). Instead, it is designed as a complement to the traditional methods, and performs all configuration changes directly on the system itself without the use of any special database systems or non-standard configuration files. This allows SysAdm to be deployed without any changes to a customer's administration routines or settings, and allows current FreeBSD administrators to continue to use the tools/tricks that they have developed for their particular systems. While the REST connection system allows for traditional short-lived connections, the websocket connection system is designed for long-lived connections and allows for additional features such as spontaneous "events" about system health and monitoring external processes. This session will go into details about the server and show data flow, connection protocols, server configuration, and maybe some example API calls for both the REST and Websocket connection types.

The graphical client is developed alongside the server, and is a cross-platform front-end to the public API for the server (with builds for TrueOS/FreeBSD, Windows, and OSX at the moment). In addition to this, it brings a few of it's own features to the table, such as managing multiple systems simultaneously, detecting and showing messages from systems with various priorities (all the way from simple backup notifications to urgent disk failure notifications). The client also maintains all of it's SSL connection keys within an encrypted file on the client system and adds an extra layer of security to your system administration framework, as well as the ability to import/export client settings between systems (while still encrypted). This session will show examples of how the multi-system framework works, and (time permitting) do a live demontration of the client managing the local system while performing tasks such as managing user accounts, installing packages, setting up system backups, and more.

Room 101
Sunday, March 5, 2017 - 11:30 to 12:30