True. But beside the space and write cycle costs keeping the log across reboots I'm not asking for a forever growing log or logrotation. If a log ever is implemented someone could save the log to a external logserver or usb device.
My thinking is like: If you add a firewall rule it takes some kb of space. If you add 10 rules its 10 times the space. So you could reserve some kb for unduing things resp. log things and limit this to e. g. 50 lines of changes consuming xx kb's with the possibilty that the user can decide to enable it (if the devices space does allow it). Regarding wearing the flash. Personally I did't manage to kill any devices due to writing configs/snapshots to flash. I'm flashing my devices with snapshots more then I do changes to the config itself. Let's say at least flashing the device is writing more then any config change I do during the lifetime of the device.
True. But that would be another discussion. There is certainly a connection to the log request. But the log itself is more important then controlling other admins (imo). Which is out of reach anyway if no log is available at all.
Personally I don't think that a fully-fledged multiuser system is out of reach for OpenWrt because routers for >=100 bucks nowdays are very powerfull and have a lot of space unused. The big question is how common it is for for the userbase buying routers for ~100 bucks. But even some low priced devices have plently of space left on their flash nowdays.
I think RADIUS authentication in Luci would make a lot if sense. I don't see a reason to have full user accounts since that would take up a lot of space potentially. Just map a uid and don't create a home dir.
From a bulk management perspective it would make sense to use the web API to apply changes. This could be done with some python scripts that deploy changes in a controlled manner. Combine that with SNMP for monitoring and you are solid.
Well I don't demand sth. like user accounts. That was just a side aspect of the discussion having the possibility to revert/log changes. But generally it depends on your environment. If you have a lots of devices and admins you want to have user management and logging like any Cisco or Juniper router has. If you implement user accounts then it would make sense to have ACL as well implemented (IMO). E. g. for radius you could use ACL in connection with a firewall or you could use it for samba/nfs.
There is radius authentication against a radius server available within LuCI already. Radius itself is huge with a lots of packages required and does make sense only for larger environments but not for home users (IMO). Since a while there are better options for home users (with more needs) in place (Individual per-passphrase/per-MAC Wifi VLANs using wpa_psk_file (no RADIUS required)).