[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

umce linux mtg notes 6/15/04




Let me know if there should be any adjustments. -- Willie


Agenda:
-----------------------
Agenda Review - Willie - 3
Announcements - 5
krb5.conf - Sean - 5
Per port console server access - Bill / Martin - 10
Kernel Upgrade - Sean - 15
Desktop kernel changes - Patrick & Jane - 20
Grub - Kevin - 10
TODO list - Gab - 5
Meeting time change - Andrew - 10
Townhall meeting - Jane - 5


Unclaimed stuff todo from last meeting:
-----------------------
o we still need a tool to manage tasks. doesn't seem like footprints is that tool.
o someone needs to investigate ConsoleServer software for use with Digi
o Someone should work on IPTables userland software (akbailey may have been volunteered)


krb5.conf
---------
Relocating, there is a separate heimdal transcript, openldap will
be rebuilt against new krb5, will eventually put it into base, can
use same krb.conf for 4 & 5. Sean recommends building against new
version. Kevin wants a single krb5.conf that uses the nearest KDC first,
but that's just not going to happen at this point.


Sean will soon merge some new things into the base and cut a new versioned
release. This will include a "standard" /etc/krb5.conf.



Heimdal lives at: /usr/local/heimdal-k5-X.X.X/ MIT lives at: /usr/local/mit-k5-X.X.X/

Console server access:
----------------------
DIGI vs. cyclades - still comparing
Roy needs TACACS+, we require that console servers need to NOT use something like TACACS+.


Kernel upgrade:
---------------
Sean sent reminder, including orphaned transcripts with info of lfs-neg.T transcript obsolescence. New negative is lfs-negative-X.X.X.T.


Possibility of maintaining uid's and gid's in future. lfs-openssl097b.T must be removed
as it has been added to base.


Consensed agreement on transcript removal procedure: Builder of a new version sends out notification. If, within two weeks time no one requests an extension, move to OLD directory. If there is a request for extension, then that person will be responsible for the cleanup. Stuff in the old directory lasts for six months. Also remove things from radmind/tmp after two weeks.

We should maintain a list of deprecated transcripts with one person responsible using an audit script. Andrew Mortensen may have started a shell script work around for macosx command file auditing. Sean will be responsible for cron scripts on sixthday.
If you add hosts to radmind/config you should be responsible for taking them back out once they are decommisioned. Discussion of reasons why to do depreciation; security, ease of access, searchability, and efficiency in general.


# list command files that are not updated and machines using them
foreach i ( `grep kern * | grep -v 1.2.0 | awk -F: '{print $1}' | sort -u` )
? echo $i
? grep $i ../config
? end


The following command files are down-revved and not used by any machines. Please delete it if you own it and aren't planning ever to get off your lazy butt and upgrade (it will still be in RCS).

    lfs-gpcc-gx270.K
    lfs-gpcc1.K
    lfs-ifs-dev.K
    lfs-ifs-devide.K
    lfs-ifs-fileserver-2.4.24.K
    multiuser-test.K
    multiuser-test.K-
    rdevine-sites-desktop-base.K

Desktop Kernel update:
----------------------
Local denial of service attack:

http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html

Has updated patch. We are waiting to resolve if kernel fork is needed.

When updating base, it is good to know if other people are working on
things to merge together for a base update. You can review notes for base
update in CVS/lfs/README


Server - multi user diff:

FOR BOOT CD:
CONFIG_BLK_DEV_RAM=y
CONFIG_BLK_DEV_RAM_SIZE=6000
CONFIG_CRAMFS=y
CONFIG_ZLIB_INFLATE=y

FOR HARDWARE:
CONFIG_NET_VENDOR_3COM=y
CONFIG_VORTEX=y
CONFIG_AGP=m
CONFIG_AGP_INTEL=y
CONFIG_AGP_I810=y
CONFIG_AGP_VIA=y
CONFIG_AGP_AMD=y
CONFIG_AGP_SIS=y
CONFIG_AGP_ALI=y
CONFIG_SOUND=m
CONFIG_INPUT=y			[ Required for CONFIG_USB_HIDINPUT ]
CONFIG_INPUT_KEYBDEV=y
CONFIG_INPUT_MOUSEDEV=y
CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
CONFIG_MOUSE=m		[ PS/2 mice ]
CONFIG_PSMOUSE=y
CONFIG_USB=y			[ USB (Universal Serial Bus) support ]
CONFIG_USB_STORAGE=y	[ USB Mass Storage support ]
CONFIG_USB_HID=y		[ USB Human Interface Device (full HID) support ]
CONFIG_USB_HIDINPUT=y	[ Required for keyboard, mouse ]

FOR VIRTUAL TERMINAL
CONFIG_VT=y
CONFIG_VT_CONSOLE=y

Grub:
----
No progress. Either someone can volunteer to pick this up by their own initiative, or Kevin may once again work on it in a month or so.


Todo list:
----------
Sean needs to get his todo brain dump to Gab.
Need management software.  Send Gabi ideas.

Meeting time change:
--------------------
We reached consensus to change the meeting time to 3-4:30pm Wednesdays alternating with
Tech Forum. This will take place on the 2nd and 4th week in the month - starting July 14, then 28.


However, due to the timing, and absences of certain figures, the next meeting will take place on Wednesday, June 30th. Gabi will check for rooms.

Townhall meeting:
-----------------
Forum for linux handling, not scheduled yet, there is a problem with
delaying sites linux machines without meeting. Two townhall meetings are
already scheduled in July, so more likely to get do linux townhall in
September. There needs to be quick resolution with Gavin and Kitty to
remove faulty reasoning about building desktops from scratch. Supporting
points are collaboration sites/gpcc with common goals, compare effort with
using a pre-made load for desktops. Sites wants to advocate linux.
There will be a writeup about umce linux. Kevin will email regarding a
name change for umce.linux - send ideas & suggested names to him.



Next Meeting, Wednesday, June 30th -------------------------- Gabi will find us a room reservation Facilitator: Albert Notes: Liam