MPU Meeting Tuesday 4th December 2012

Server Upgrades

Package Master
Chris is testing refreshpkgs on SL6. This is roughly what to do:
  • Touch an rpmlist to trigger refreshpkgs.
  • If that worked, try a package submission.
  • Check the contents of rpmlist.
  • Check yum. yum clean all should be run first to clear the local machine's cache.
  • There may be a missing dependency on createrepo.
  • Expect failures involving perl-AFS.
  • Create a new test bucket and check that that works.
LCFG Export
The new host for these websites will be polecat.
  • Stephen reports that the main LCFG website just works on SL6. It would be good to revamp its tech to some extent (for instance it still uses CVS) but it's not urgent.
  • The wiki isn't working so well: the content works fine with TWiki 5.1 but the LCFG theme doesn't.

Security Enhancements

Not much this week.

Inventory

The project went forward for prioritisation.

It looks as if the most complex factor will be the need to store history in the inventory as well as the current situation.

Login Logs

Stephen has been exploring Python. Its OO facilities are better than the base Perl ones but rather basic compared to Moose.

Miscellaneous Development

LVM component
Alastair has tested and shipped the latest LVM component. He'll change the kernel component to be more informative.

updaterpms
Chris will tackle bug 629, could updaterpms warn when deleting RPMs?.

sleep component
Chris has added a nosleep command to accompany the sleep component but hasn't yet shipped it.

Operational

Archiving Logs
Stephen has been looking at how we might archive the various security logs. It's a complicated problem as we want to guard against overwriting original logs with edited/hacked ones while still taking regular copies.
Process accounting
is straightforward: copy new files and shout if gzipped files differ.
Audit logs
are more awkward. They're rotated when they get to a certain size. The number suffix on each file is increased with each rotation. auditd doesn't support datestamps or logrotate. These files are currently being manually synced.
Firmware Checks
Chris checked for new HP DL180 firmware updates.
QLogic SAN problem
Richard upgraded phantom. It's like telford except that it has ten SAN volumes rather than one. telford boots fine but phantom can't boot. The QLogic driver seems too slow, or something? Alastair will investigate.
Package Forge, adding a builder
Chris had difficulty adding a builder to Package Forge while Stephen was away. The documentation should cover most of it but also check that the Postgres ACLs in the live header are sufficient to give you personal permissions to do things.
R710 Firmware
Chris will check for critical firmware updates for northern and piccadilly.
Innovative Learning Week
Paul suggests running a tutorial course to teach students about LCFG.

This Week

  • Chris
    • Carry on with refreshpkgs upgrade
    • Help Stephen with twiki theming
    • Document ssh keys mgmt - macos
    • Check R710 patches for critical fixes (so can decide whether need to do before SL6.3 upgrades of KVM servers)

  • Alastair
    • Investigate fibre problems
    • Look for new libvirt-client (sl testing or rebuild rhel) .. is in fastbugs
    • Try subscribing to more Dell models to see whether do get mail re firmware
    • Systems blog article on the KVM Service
    • Report libvirt empty LVM group issue to Redhat, unless fixed in 6.3
    • create an MPU KVM server header
    • Document ssh keys mgmt - windows
    • Stargaze
    • What jobs can we give to our CSO?
    • Reboot metropolitan

  • Stephen
    • wiki.lcfg.org upgrade
    • security enhancements
    • login logs project (learning python)
    • Document ssh keys mgmt - linux

-- AlastairScobie - 04 Dec 2012

Topic revision: r3 - 11 Dec 2012 - 09:41:07 - AlastairScobie
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
This Wiki uses Cookies