Presentation is loading. Please wait.

Presentation is loading. Please wait.

HEPIX May 2004 Edinburgh Linux/Unix highlights.

Similar presentations

Presentation on theme: "HEPIX May 2004 Edinburgh Linux/Unix highlights."— Presentation transcript:

1 HEPIX May 2004 Edinburgh Linux/Unix highlights

2 SLAC OS Status Linux –RedHat Enterprise 3 (RHEL3) rolling out to most servers and desktops –Begun weekly RedHat service meetings (by phone) –About 20 issues opened so far with them (missing function, driver issues) –Have yum-based service to pull updates to systems. –Working out how to update mobile/offsite systems (up2date?) –ALDI project to automate desktop upgrades

3 DESY- Linux DL5 (SuSE 8.2) rollout in progress (25% done) support for base distribution ends April 2004 – 9.0 patches will help for another 6 months successor - better: continuation - needed early next year DL5 is most likely the last DESY Linux based on SuSE – if a common HEP distribution with long lifetime is available and affordable, that's what we'll use started looking at Scientific Linux – thanks to Fermilab for providing this! – current version seems very compatible with DL5 (for users) purchase of licenses is an option - if price/value ratio ok

4 DESY- Linux/amd64 aka ia32e aka x86_x64 first test system is a success – IBM eServer 325, 2 x Opteron 246 (2.0 GHz), 4 GB RAM – SuSE 9.0 Professional/amd64 performs superior to fastest Xeon Systems (3.2 GHz) – except FP – ROOT applications especially fast, benefit from 64bit mode deployment of a small number of production systems soon – seamless integration is relatively easy concern: cernlib dependency locks users into 32bit past

5 DESY-Security rules for individually maintained systems are in effect now regular scans from outside our firewall – of all hosts with any port open through firewall – for open ports and known vulnerabilities – by commercial service provider access to mail servers now by imaps only – got rid of clear text protocols pop and imap automated deployment of patches – linux, old NT domain (netinstall), new XP domain (SUS) – policies still evolving

6 DESY - Security continued due to recent sasser threat, manually checked ALL notebooks brought on site for two days – only a few systems got infected increased update frequency for virus signatures – update server: hourly, client: every three hours a few users were tricked into installing Bagle.J – lesson: treat encrypted attachments like executables, and quarantine them firewall now inhibits outgoing SMTP, except for approved mail servers – imagine all sites and providers did that

Download ppt "HEPIX May 2004 Edinburgh Linux/Unix highlights."

Similar presentations

Ads by Google