[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UMCE Linux 5/25 Notes

Action Items
1) Michael will come back with console documentation for discussion 5/25
(Initial implementation may happen beforehand)
2) 1.3.1 base will be new head (sean) 5/25
3) Kevin has 2.4.30 build, Sean will document
4) Sean will coordinate scheduling of hardware forum
5) Wes, Kevin & Andy will get security input and tell us the rules 5/25
6) Sean will move new syslog reporting to cleanup stage

Next Meeting is May 25th; facilitator Willie, notetaker Liam


Mike, Sean, Gabi (moderator), Wes, Jane, Dan, Liam, Kevin, Tony, Willie, Allen

Announcements: none

Console services (Michael), is responsible for 2nd generation of
console service, we currently don't have a std loadset
Is X necessary?
mdw's take? wes? ainman? rak?
allows for cut/paste
Consensus seemed to be a locked down local-only X-server should be
deployed. Opinions on this range from 'desirable' to 'acceptable'
Michael will check in with those not present
X security, local access only
login timeouts
server connected to digi (no external ssh)
UMCE wireless at SEB on 234 (gui type access from laptops)
ssh restrictions
fsck, ext2/ext3/reiserfs
junk ext2, it's already running ext3
survivability of reboot... how fast can we come up?
proposal/documentation from michael at next meeting

Loadset changes [20]

* current status
a) new base 1.3.1
on eq now
sean has stuff to review
1.3.1 will become new head
b) new kernel 2.4.30, doesn't have driver/patch for sk98lin
SATA options, SCSI
sysreq magic key
pcnet32 ethernet support
sk98lin from belkin
security ramifications, kevin will tell us how aggressively to deploy
patches: NOTES, common tracking, belkin patches not in 2.4.30

Hardware forum (sean) [5]
Hardware crisis evaluation meeting
What are individual group hardware plans?
Can we help each other immediately with hardware swapping?
Can we agree on specs so 1U hardware isn't so confusing to deploy?
Goal is to establish RFP requirements
(eg, only one type is suited to be imap SATA heads re: power
supplies, but no usable SCSI card)
What's in Andrew's head?
meeting: clunis, liamr, ainman, abisaro, skolasa, catarina,mdw,akbrooks
timeframe: schedule for next week
Come to meeting with an idea of your current group hardware plan

Security rules
Wes, Kevin, and Andrew will solicit input for a policy, and set guidelines
Will bring back at next meeting 5/25

Syslog + core dumps [20]
    2G limit, but patches available
    Should we patch to keep going?  patch for large file support?
    newsyslog / syslogng
        syslog by default
        can give other pids (apache, etc)
        every 10 minutes: 1.8G or midnight, gzips rotated logs
    Stay tuned for details
    date -d yesterday

    centralize our logging, and make it available
    Changed sysctl to dump to /var/tmp (more space) and name cores
    with process and pid, implemented corenag (rather than tripwiring)

AFS testing progress
    Martin has monitoring issues with current RAID,  he is also
    supposed to get a command line tool to test for this
    Another eval unit is on the way