Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
01-19-2014, 03:01 PM
|
#16
|
MLED Founder
Registered: Jun 2011
Location: Montpezat (South France)
Distribution: CentOS, OpenSUSE
Posts: 3,453
|
Quote:
Originally Posted by Woodsman
You automate the updates or ssh and update manually?
Automated or manually?
You use Slackware in your classes? What do you teach in the classes?
Do you teach other subjects?
I have one for emergencies, mostly for when I travel. Only immediate family members know the number and 95% of the time the phone is off.
Do you find there is a market for home clients? Perhaps your neck of the woods is different, but over here where the intelligence quotient is directly related to the proximity of the remote control, I envision the following happening:
"Hey, this Lee-nucks stuff works great! Thank you!
Within a few days:
"Hey! WTF! How the hell do I download Netflix?"
"You can't."
"Then get this sh-t off my computer!"
What about your business clients? How do you handle vertical software? Over here QuickBooks reigns, for example. If you use VMs, then why not just keep them on Windows directly?
|
I do all updates manually, on servers and desktops.
I'm teaching basic system administration. I have a fairly complete course program here:
http://www.microlinux.fr/download/fo...istrateurs.pdf
Desktops and workstations are explicitly for professionals, e. g. users who consider their computer as a tool to get work done, and not as an extended game console. Before installing a machine or a whole network, I always establish a list of tasks and related apps with the client. And then we both stick to that.
I can't say anything about Windows. Last time I used this OS for work was just before I replaced it by Slackware 7.1, around 2001.
As for vertical software, I'm slowly but steadily expanding my set of supported professional applications: geophysical software (ProMAX/SeisSpace), school management software (GEPI), public library management (PMB), SMB accounting (Dolibarr), etc.
Cheers,
Niki
|
|
1 members found this post helpful.
|
01-19-2014, 10:28 PM
|
#17
|
LQ Newbie
Registered: Oct 2011
Location: Tennessee
Distribution: Slackware 14.1
Posts: 25
Rep:
|
Quote:
Originally Posted by ttk
It needs something akin to Kickstart and Spacewalk, for centralized mass-installation and management of hundreds or thousands of servers. (The post-installation functions of Spacewalk are better served, imo, with chef, nagios, and other tools.)
It needs out-of-the-box support for more of the kinds of infrastructure software used in the enterprise, like ElasticSearch or Solr for search, Zookeeper and Gearman or SGE for job dispatch and management, GlusterFS or LustreFS for distributed filesystem, Hadoop (plus Hive or Pig or both) for the Map/Reduce weenies, JIRA or Redmine or Trac for ticket tracking (Redmine also provides a wiki, git management, and other nice features), and sbopkg standard with installation (and an on-site mirror of all the SlackBuild packages).
Finally, it needs documentation oriented toward the system administrators who live in the enterprise world, where "Linux" means either RHEL or CentOS, and there's an official process document for everything (and if there isn't, a task doesn't get done until there is).
I've often thought I'd like to make a Slackware framework package (not so much a distribution fork as an overlay, so anyone could trivially apply it to any Slackware release) that gave Slackware more of the capabilities of Turbo Linux and Oracle Linux, for the datacenter. Enterprise is less about "we need a server" than it is about "we need an Oracle Exalogic cluster". But then all my unfinished projects grow hands, point fingers at me, and laugh.
|
Many thanks..even browsing SUSE. RHEL and Oracle repositories don't reveal that type of information.
|
|
|
01-19-2014, 10:56 PM
|
#18
|
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 3,348
Rep:
|
I've installed a number of Slacware servers at various small to medium-sized businesses. They all pefform fairly specialized functions: - kvm hypervisors
- spam filters
- hosts for ticket systems or document management systems
- VPN concentrators
- backup servers (Ahsay)
- firewalls/routers
- file servers (Samba)
All these systems run a bare minimum of services, and perform very specific tasks. Many are VMs running on Hyper-V, kvm or VMware hypervisors. A few can be remotely accessed over the Internet via SSH, but most can only be reached from the local network or via a separate VPN connection.
Most of these Slackware installations are "PAMified". I've created scripts that download, compile and create PAM packages, as well as modified Shadow, OpenSSH and Samba packages with PAM support. That way, I can delegate certain tasks to local admins using sudo and accounts in Active Directory.
None of these systems are in any way updated automatically, for the simple reason that one would need to read the changelog and/or the security advisory before applying an update. For instance, upgrading Perl on a mail relay running a SpamAssasin sendmail milter would at the very least require a backout strategy.
Well, OK, there's one exception: I do run sa-update as a cron job.
Last edited by Ser Olmy; 01-19-2014 at 10:58 PM.
|
|
3 members found this post helpful.
|
01-20-2014, 11:36 AM
|
#19
|
Member
Registered: Mar 2007
Location: America
Distribution: Linux
Posts: 161
Rep:
|
What's missing?
-Advertising-
A website section dedicated to Slackware in the Enterprise along with testimonials would be a good way to advertise.
I'd take some of the one's listed here and put them on the Slackware website.
-Cooking Recipes-
Impatience is the worst sin in the information technology world. Maybe the addition of some Cookbook articles to SlackDocs website would help. The information is basically out there on the web for things like LAMP stacks and Email.
"IT'S A COOKBOOK!" "TO SERVE SLACK"
|
|
1 members found this post helpful.
|
01-20-2014, 12:06 PM
|
#20
|
MLED Founder
Registered: Jun 2011
Location: Montpezat (South France)
Distribution: CentOS, OpenSUSE
Posts: 3,453
|
Quote:
Originally Posted by salemboot
-Cooking Recipes-
Impatience is the worst sin in the information technology world. Maybe the addition of some Cookbook articles to SlackDocs website would help. The information is basically out there on the web for things like LAMP stacks and Email.
"IT'S A COOKBOOK!" "TO SERVE SLACK"
|
I'm currently busy writing the second edition of "Linux aux petits oignons", a 530-page cookbook-style Linux book.
Here's a link to the first edition, based on CentOS 5.x: http://tinyurl.com/no254g
The second edition will be based on Slackware 14.1.
|
|
1 members found this post helpful.
|
01-20-2014, 06:49 PM
|
#21
|
Senior Member
Registered: Oct 2005
Distribution: Slackware 14.1
Posts: 3,482
Original Poster
|
Quote:
Most of these Slackware installations are "PAMified". I've created scripts that download, compile and create PAM packages, as well as modified Shadow, OpenSSH and Samba packages with PAM support. That way, I can delegate certain tasks to local admins using sudo and accounts in Active Directory.
|
Please expand upon why you do this. I'm not in the pro-PAM or anti-PAM group. I just want to learn why you do this.
Quote:
I'm currently busy writing the second edition of "Linux aux petits oignons", a 530-page cookbook-style Linux book.
|
I wish I had retained my ability to speak and write French, now mostly lost from decades ago.
Linux with onions: Does that mean Linux is like ogres, which are like onions --- they have layers?
Actually I envy your entire business. I would enjoy spending a few weeks interning with you. Not to mention enjoying the wonderful weather of southern France this time of year.
|
|
|
01-20-2014, 06:57 PM
|
#22
|
Moderator
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=15, FreeBSD_12{.0|.1}
Posts: 6,306
|
Quote:
Originally Posted by salemboot
-Cooking Recipes-
Impatience is the worst sin in the information technology world. Maybe the addition of some Cookbook articles to SlackDocs website would help. The information is basically out there on the web for things like LAMP stacks and Email.
"IT'S A COOKBOOK!" "TO SERVE SLACK"
|
How tall are you? Kanamit slackers fattening up the herd? (Twilight Zone, Episode 89)
|
|
|
01-20-2014, 07:10 PM
|
#23
|
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 3,348
Rep:
|
Quote:
Originally Posted by Woodsman
Please expand upon why you do this. I'm not in the pro-PAM or anti-PAM group. I just want to learn why you do this.
|
As far as I know, there's no other sensible way to set up authentication against an external user database.
PAM is amazingly flexible, and installing PAM on a Slackware system breaks absolutely nothing. In fact, by itself it does nothing, since none of the system components use PAM anyway, which is why I also recompile the Shadow and OpenSSH packages and patch a few configuration files.
I mostly combine PAM and Samba4 (or Samba3 + Heimdal on older systems), which makes it possible to authenticate against AD. User profiles are created on the fly by the pam_winbind module. PAM also has modules for LDAP and RADIUS authentication, which come in handy if the system is to be used as a VPN concentrator.
I know that in the past, PAM had a significant number of security issues. There were good reasons for not including it in Slackware then, but I don't think that has been true for quite some time. (Not that it really matters all that much whether it's included in Slackware or not, as it can be added quite easily if needed.)
Last edited by Ser Olmy; 01-20-2014 at 07:14 PM.
|
|
|
01-20-2014, 07:45 PM
|
#24
|
Senior Member
Registered: Oct 2005
Distribution: Slackware 14.1
Posts: 3,482
Original Poster
|
Quote:
I mostly combine PAM and Samba4 (or Samba3 + Heimdal on older systems), which makes it possible to authenticate against AD.
|
Then your motivating reason for PAM is to use in a mixed Windows environment?
|
|
|
01-20-2014, 08:10 PM
|
#25
|
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 3,348
Rep:
|
Quote:
Originally Posted by Woodsman
Then your motivating reason for PAM is to use in a mixed Windows environment?
|
Or any network environment with a centralized authentication service, which is what you find in basically every organization everywhere. AD, Kerberos, LDAP... no-one uses locally managed user databases on all their servers, as it wouldn't scale beyond a handful of systems.
Oh, and Active Directory does not necessarily imply Windows. You can implement an entire AD infrastructure using nothing but Samba.
Last edited by Ser Olmy; 01-20-2014 at 08:11 PM.
|
|
2 members found this post helpful.
|
01-20-2014, 08:47 PM
|
#26
|
Senior Member
Registered: Oct 2005
Distribution: Slackware 14.1
Posts: 3,482
Original Poster
|
Thank you for the explanations.
Would you say that PAM is not critical in small localized networks?
|
|
|
01-20-2014, 08:59 PM
|
#27
|
Member
Registered: Mar 2007
Location: America
Distribution: Linux
Posts: 161
Rep:
|
Ha ha ha ha
Relax Mr. Slacker
Last edited by salemboot; 01-20-2014 at 09:19 PM.
|
|
|
01-20-2014, 10:44 PM
|
#28
|
Moderator
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=15, FreeBSD_12{.0|.1}
Posts: 6,306
|
|
|
1 members found this post helpful.
|
01-20-2014, 10:44 PM
|
#29
|
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 3,348
Rep:
|
Quote:
Originally Posted by Woodsman
Would you say that PAM is not critical in small localized networks?
|
Those network environments would have to be really small.
If you only have a single server then sure, PAM isn't going to do much for you. The second you have users accessing services on multiple servers, and you need authentication and authorization to work across those systems, AND the service daemons can't handle this issue themselves (Samba is an example of a system that does), you're probably going to benefit tremendously from having PAM around.
|
|
|
01-21-2014, 12:47 AM
|
#30
|
Senior Member
Registered: Oct 2005
Distribution: Slackware 14.1
Posts: 3,482
Original Poster
|
Quote:
Those network environments would have to be really small.
|
Thank you.
|
|
|
All times are GMT -5. The time now is 09:31 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|