LinuxQuestions.org
Page 2 of 4 1 2 34
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   Supporting Slackware in the enterprise (https://www.linuxquestions.org/questions/slackware-14/supporting-slackware-in-the-enterprise-4175491654/)

kikinovak 01-19-2014 02:01 PM
Quote:
Originally Posted by Woodsman (Post 5100883)
You automate the updates or ssh and update manually?


Automated or manually?


You use Slackware in your classes? What do you teach in the classes?

Do you teach other subjects?


:D I have one for emergencies, mostly for when I travel. Only immediate family members know the number and 95% of the time the phone is off.


Do you find there is a market for home clients? Perhaps your neck of the woods is different, but over here where the intelligence quotient is directly related to the proximity of the remote control, I envision the following happening:

"Hey, this Lee-nucks stuff works great! Thank you!

Within a few days:

"Hey! WTF! How the hell do I download Netflix?"

"You can't."

"Then get this sh-t off my computer!"

What about your business clients? How do you handle vertical software? Over here QuickBooks reigns, for example. If you use VMs, then why not just keep them on Windows directly?
I do all updates manually, on servers and desktops.

I'm teaching basic system administration. I have a fairly complete course program here:

http://www.microlinux.fr/download/fo...istrateurs.pdf

Desktops and workstations are explicitly for professionals, e. g. users who consider their computer as a tool to get work done, and not as an extended game console. Before installing a machine or a whole network, I always establish a list of tasks and related apps with the client. And then we both stick to that.

I can't say anything about Windows. Last time I used this OS for work was just before I replaced it by Slackware 7.1, around 2001.

As for vertical software, I'm slowly but steadily expanding my set of supported professional applications: geophysical software (ProMAX/SeisSpace), school management software (GEPI), public library management (PMB), SMB accounting (Dolibarr), etc.

Cheers,

Niki

baldheaded-yeti 01-19-2014 09:28 PM
Quote:
Originally Posted by ttk (Post 5100969)
It needs something akin to Kickstart and Spacewalk, for centralized mass-installation and management of hundreds or thousands of servers. (The post-installation functions of Spacewalk are better served, imo, with chef, nagios, and other tools.)

It needs out-of-the-box support for more of the kinds of infrastructure software used in the enterprise, like ElasticSearch or Solr for search, Zookeeper and Gearman or SGE for job dispatch and management, GlusterFS or LustreFS for distributed filesystem, Hadoop (plus Hive or Pig or both) for the Map/Reduce weenies, JIRA or Redmine or Trac for ticket tracking (Redmine also provides a wiki, git management, and other nice features), and sbopkg standard with installation (and an on-site mirror of all the SlackBuild packages).

Finally, it needs documentation oriented toward the system administrators who live in the enterprise world, where "Linux" means either RHEL or CentOS, and there's an official process document for everything (and if there isn't, a task doesn't get done until there is).

I've often thought I'd like to make a Slackware framework package (not so much a distribution fork as an overlay, so anyone could trivially apply it to any Slackware release) that gave Slackware more of the capabilities of Turbo Linux and Oracle Linux, for the datacenter. Enterprise is less about "we need a server" than it is about "we need an Oracle Exalogic cluster". But then all my unfinished projects grow hands, point fingers at me, and laugh.
Many thanks..even browsing SUSE. RHEL and Oracle repositories don't reveal that type of information.

Ser Olmy 01-19-2014 09:56 PM
I've installed a number of Slacware servers at various small to medium-sized businesses. They all pefform fairly specialized functions:
  • kvm hypervisors
  • spam filters
  • hosts for ticket systems or document management systems
  • VPN concentrators
  • backup servers (Ahsay)
  • firewalls/routers
  • file servers (Samba)
All these systems run a bare minimum of services, and perform very specific tasks. Many are VMs running on Hyper-V, kvm or VMware hypervisors. A few can be remotely accessed over the Internet via SSH, but most can only be reached from the local network or via a separate VPN connection.

Most of these Slackware installations are "PAMified". I've created scripts that download, compile and create PAM packages, as well as modified Shadow, OpenSSH and Samba packages with PAM support. That way, I can delegate certain tasks to local admins using sudo and accounts in Active Directory.

None of these systems are in any way updated automatically, for the simple reason that one would need to read the changelog and/or the security advisory before applying an update. For instance, upgrading Perl on a mail relay running a SpamAssasin sendmail milter would at the very least require a backout strategy.

Well, OK, there's one exception: I do run sa-update as a cron job.

salemboot 01-20-2014 10:36 AM
What's missing?
 
-Advertising-
A website section dedicated to Slackware in the Enterprise along with testimonials would be a good way to advertise.
I'd take some of the one's listed here and put them on the Slackware website.

-Cooking Recipes-
Impatience is the worst sin in the information technology world. Maybe the addition of some Cookbook articles to SlackDocs website would help. The information is basically out there on the web for things like LAMP stacks and Email.
"IT'S A COOKBOOK!" "TO SERVE SLACK"

kikinovak 01-20-2014 11:06 AM
Quote:
Originally Posted by salemboot (Post 5101541)
-Cooking Recipes-
Impatience is the worst sin in the information technology world. Maybe the addition of some Cookbook articles to SlackDocs website would help. The information is basically out there on the web for things like LAMP stacks and Email.
"IT'S A COOKBOOK!" "TO SERVE SLACK"
I'm currently busy writing the second edition of "Linux aux petits oignons", a 530-page cookbook-style Linux book.

Here's a link to the first edition, based on CentOS 5.x: http://tinyurl.com/no254g

The second edition will be based on Slackware 14.1.

Woodsman 01-20-2014 05:49 PM
Quote:
Most of these Slackware installations are "PAMified". I've created scripts that download, compile and create PAM packages, as well as modified Shadow, OpenSSH and Samba packages with PAM support. That way, I can delegate certain tasks to local admins using sudo and accounts in Active Directory.
Please expand upon why you do this. I'm not in the pro-PAM or anti-PAM group. I just want to learn why you do this. :)

Quote:
I'm currently busy writing the second edition of "Linux aux petits oignons", a 530-page cookbook-style Linux book.
I wish I had retained my ability to speak and write French, now mostly lost from decades ago.

Linux with onions: Does that mean Linux is like ogres, which are like onions --- they have layers? :)

Actually I envy your entire business. I would enjoy spending a few weeks interning with you. Not to mention enjoying the wonderful weather of southern France this time of year. :)

astrogeek 01-20-2014 05:57 PM
Quote:
Originally Posted by salemboot (Post 5101541)
-Cooking Recipes-
Impatience is the worst sin in the information technology world. Maybe the addition of some Cookbook articles to SlackDocs website would help. The information is basically out there on the web for things like LAMP stacks and Email.
"IT'S A COOKBOOK!" "TO SERVE SLACK"
How tall are you? Kanamit slackers fattening up the herd? (Twilight Zone, Episode 89)

Ser Olmy 01-20-2014 06:10 PM
Quote:
Originally Posted by Woodsman (Post 5101823)
Please expand upon why you do this. I'm not in the pro-PAM or anti-PAM group. I just want to learn why you do this. :)
As far as I know, there's no other sensible way to set up authentication against an external user database.

PAM is amazingly flexible, and installing PAM on a Slackware system breaks absolutely nothing. In fact, by itself it does nothing, since none of the system components use PAM anyway, which is why I also recompile the Shadow and OpenSSH packages and patch a few configuration files.

I mostly combine PAM and Samba4 (or Samba3 + Heimdal on older systems), which makes it possible to authenticate against AD. User profiles are created on the fly by the pam_winbind module. PAM also has modules for LDAP and RADIUS authentication, which come in handy if the system is to be used as a VPN concentrator.

I know that in the past, PAM had a significant number of security issues. There were good reasons for not including it in Slackware then, but I don't think that has been true for quite some time. (Not that it really matters all that much whether it's included in Slackware or not, as it can be added quite easily if needed.)

Woodsman 01-20-2014 06:45 PM
Quote:
I mostly combine PAM and Samba4 (or Samba3 + Heimdal on older systems), which makes it possible to authenticate against AD.
Then your motivating reason for PAM is to use in a mixed Windows environment?

Ser Olmy 01-20-2014 07:10 PM
Quote:
Originally Posted by Woodsman (Post 5101849)
Then your motivating reason for PAM is to use in a mixed Windows environment?
Or any network environment with a centralized authentication service, which is what you find in basically every organization everywhere. AD, Kerberos, LDAP... no-one uses locally managed user databases on all their servers, as it wouldn't scale beyond a handful of systems.

Oh, and Active Directory does not necessarily imply Windows. You can implement an entire AD infrastructure using nothing but Samba.

Woodsman 01-20-2014 07:47 PM
Thank you for the explanations. :)

Would you say that PAM is not critical in small localized networks?

salemboot 01-20-2014 07:59 PM
Ha ha ha ha
 
1 Attachment(s)
Relax Mr. Slacker

astrogeek 01-20-2014 09:44 PM
1 Attachment(s)
To Serve Man - Twilight Zone Episode 89

Ser Olmy 01-20-2014 09:44 PM
Quote:
Originally Posted by Woodsman (Post 5101872)
Would you say that PAM is not critical in small localized networks?
Those network environments would have to be really small.

If you only have a single server then sure, PAM isn't going to do much for you. The second you have users accessing services on multiple servers, and you need authentication and authorization to work across those systems, AND the service daemons can't handle this issue themselves (Samba is an example of a system that does), you're probably going to benefit tremendously from having PAM around.

Woodsman 01-20-2014 11:47 PM
Quote:
Those network environments would have to be really small.
Thank you.


All times are GMT -5. The time now is 07:09 PM.
Page 2 of 4 1 2 34
Show 50 post(s) from this thread on one page