Glue

From CARMA
(Difference between revisions)
Jump to: navigation, search
(System things to remember)
(Things we can keep)
Line 29: Line 29:
  
 
* mail server
 
* mail server
 +
  sendmail is the only mail transfer program that is available with glue.  We give up
 +
  a *lot* by dropping the present postfix based mail system and going back to sendmail:
 +
  o Mail to certain user names (usually mailing lists and exploders but this
 +
    can also be sensitive system names) can presently be confined to on-campus
 +
    senders.  There is no way to do this in sendmail.
 +
  o There is no greylisting in glue.
 +
  o unknown users or aliases are not even allowed into the department mail
 +
    network.  We would lose that ability, increasing the amount of spam the
 +
    department must handle.
 +
  o There is no way to move mailboxes off of a main server onto other a user's
 +
    home directory.  Thus the cpu load taken by spam filtering will always
 +
    be at the mail server, which can often be overloaded.  Using a faster
 +
    computer as mailserver has helped, but not always eliminated that problem.
 
* web server (but you cannot use $HOME/public_html, on the webserver we'll need some $USER space)
 
* web server (but you cannot use $HOME/public_html, on the webserver we'll need some $USER space)
  

Revision as of 17:25, 29 June 2007

Contents

GLUE

The GLUE project also maintains a WIKI page.


Obvious and not so obvious User changes

  • your new home directory will be /homes/$USER, and is limited to 100MB and lives on backed up computers in OIT. Note that your old $USER and new GLUE $USER name don't need to be the same, but you will not be able to share data between the two. They are completely different users on a completely different computer set. This means all data disks will need to have their user permissions changed.
  • from your $HOME directory, there are 4 directories above: home, backup, mail and pub.
  • authentication is done via kerberos. I could ssh from everto to chara, and not need the ssh keys. But have not figured out how to setup the correct way with ssh keys to get from chara to everto. perhaps kerberos forbids this. Peter files a REQUEST on this FAQ.
  • your mail is kept on glue.

Some system issues to be resolved

  • there is no root access, each user that was given root permission can run "su"
  • there is no rsync server running, which combined with the previous item, make our current RAID backup system a bit tedious to re-implement.
  • where can things like /astromake go.
  • cross-mounting all astro disks (the /n map, as well as the /backup map)
  • mysql (for mediawiki and other things?)
  • convert astro $USER to glue $USER permission. Kevin has a perl script.
  • users who want to keep a special local home directory on a given machine?

Things we can keep

  • mail server
 sendmail is the only mail transfer program that is available with glue.   We give up 
 a *lot* by dropping the present postfix based mail system and going back to sendmail:
 o Mail to certain user names (usually mailing lists and exploders but this
   can also be sensitive system names) can presently be confined to on-campus
   senders.  There is no way to do this in sendmail.
 o There is no greylisting in glue.
 o unknown users or aliases are not even allowed into the department mail
   network.  We would lose that ability, increasing the amount of spam the
   department must handle.
 o There is no way to move mailboxes off of a main server onto other a user's
   home directory.  Thus the cpu load taken by spam filtering will always
   be at the mail server, which can often be overloaded.  Using a faster 
   computer as mailserver has helped, but not always eliminated that problem.
  • web server (but you cannot use $HOME/public_html, on the webserver we'll need some $USER space)

System things to remember

  • partition tables on the boot disk need to be edited, but any data disks on that boot disk will need to be preserved in whatever partition type (physical vs. logical) they were initially. GLUE will use hda1/sda1 to populate with all logical partitions. The 3 remaining physical partitions are free to be used.
Personal tools