[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
UMCE Linux 5.18 meeting minutes
courtesy of gabrielle:
-Andy will send dell evaluation hardware query to the list (ainman)
-Evaluate footprints for umce linux todos, and deploy (gelle,
-Kevin or team looking at grub (web team)
-Evaluate remote power control and console hardware (wwb)
-Group to form for user machine security audits of UMCE Linux
(ainman to lead, admorten, rdevine, gpcc? and mdw? to participate)
-Migrate to 2.4.26!!! (all)
-build iptables software (unassigned, but very much on the list)
-Linux for laptops - make your interest known (anyone?)
Kevin (F), Patrick, Wes, Sean, Dan, Andrew A., Marcus, Albert,
Rodger, Aaron, Bill, Gab(N), Willie, Andrew M.
( 5 minutes) Announcements
-unix admins meeting Kevin, wes discuss UMCE linux server, engin's
discussed as well
- synctree vs. radmind?
Does anyone need the Dell evaluation unit?
Andy will also send mail to the list. Otherwise it's going back.
( 5 minutes) Agenda Review
( 5 minutes) Sites update
-kerberos working, afs local users
-plan to have test units in Angell by end of week.
( 5 minutes) IMAP Hardware Update
-Dell told us not to buy their 0-channel RAIDs so we aren't
-Western Scientific evaluation machine should be coming soon
for benchmarking etc.
-order should be moving forward soon.
-Burn in over month of July, implementation August?
(10 minutes) The ToDo list
https://develop.www.umich.edu/umce/tasks/ (in development) - note the
"https://" but don't use webpage for update.
- this will likely be production list, editable by all
http://www.umich.edu/~umce/linux/todos/20040518.html (most current)
- also in omni outliner format
Lists I need: (Gab keeping the list)
What software should we use? Is this more of an issue
Aaron/Gab will investigate footprints. He has a demo available.
- let Aaron know if you want to take a look and he will get
(HEAT was tho other issue software. 86 grand plus atleast 10
thus footprints was chosen. - AK)
(10 minutes) Grub
LILO is the suck. It sucks. Kevin loathes it. Sean has some kind
of personal LILO issue.
GRUB sort of kind of (not very well) supports CD-ROMs
GRUB has branches. If we have had issues in the past we should
see if the newer branch still has them. Serial console cut/paste
Diffculties in exploring the disk (no ls?)
Some kind of SCO aftermath makes the contribution process odd.
Sites likes GRUB for configuration/on screen graphics/dual booting
Who is going to investigate it? Marcus is interested. Kevin
it up. *Kevin can have something by the next meeting, or delegate
someone on the web team.
(10 minutes) Terminal Servers
Marcus built the Digi/STS stuff. He has it in the test lab.
Works with Linux/AIX. Only found one problem of unclear origin.l
Uses our existing hardware.
Alternatives: Etherlite, Cyclades. Lantronics is an option.
New digi solution:
The Digi/STS stuff works, but they seem to be unbuyable.
Ebay doesn't even have any.
Pressing need for a console in order to rack the new IMAP server.
Etherlite is networked. It can be far from your server.
So can the new Digi thing. How much does it cost per port.
Ease of use v. integrated product (as in console integrated with
Needs researching. Digi stuff can also do power management.
*Bill is going to research the Digi stuff and serial power
(10 minutes) 64 bit/32 bit linux hardware and how we're going to
Stats machines need to be 64-bit. This is the beginning of the
for UMCE Linux in general.
A different kernel will be needed.
A limit on memory space per process (4G theoretical, 3G actual)
makes 32 bit linux no good for current scientifical and statistical
two 64 bit machines on order, here by end of month
Some stuff is shareable. Only the kernel and libraries and
need to be 64 bit, but we can probably use the 'regular' stuff for
Future direction of stats service is unclear.
We may pilot a 64-bit linux stats project in the Fall, or the
stats project may vanish completely.
How are distros handling it? SUSE has a separate 64 bit
$4,000 with 8GB of RAM. Processor is slower (clock speed), real
This is a strategic issue.
( 5 minutes) MultiUser Security needs
GPCC & Sites.
No security measures have yet been taken to secure the machines
against local exploits.
Every applicable software package must be reviewed for local exploits.
Our current sendmail has no priviledge separation.
We get notification for software updates, nothing currently
on the machines is known to be vulnerable.
Do we need stack protection and address space scrambling?
Andy is happy to lead the group... admorten, rdevine, andy will
select someone from gpcc, we will try and get some of marcus's
*Andy will schedule a meeting and announce it to the group.
(10 minutes) There be a new kernel, argh
New kernel version 2.4.26, addresses two known exploits.
This kernel supports IP packet filtering, iptables. User
software is not yet installed (add as todo)
PRODUCTION GROUPS SHOULD HAVE A TESTING AND DEPLOYMENT PLAN
*Sean will send a list of those running old kernels to the next
It appears that some groups are using OLD kernels.
IFS & GPCC will be updated when Jane gets back.
Web team has some downrev machines.
DON'T FORGET TO RUN LILO. Sean recommends a post-it note.
Kevin has a more hands on approach.
Has someone built 2.4.26 AFS stuff? Patrick reports that
FYI, 2.4.27 pre-Changelog has this:
o e1000: fix probable security hole
(10 minutes) Linux for Laptops
-any desire, interest or concern (Adam has expressed some interest
in this topic)
-someone asked about it at the last UNIX admin meeting
-we do not run a laptop service (though Kevin has told big ten
schools that we do)
-if we had a reason we could, but we do not at this point
-any interest in this send email to the list.
-no clear call for a linux desktop service
moved to TODOS
-We should keep 64-bit linux in mind as a future direction
when making key strategic decisions.
For next meeting:
-Willie is facilitator
-Roger will do notes