The whole point of an authentication service is that it allows the client to prove itself to be trustworthy, or at least to prove itself to be the same nefarious character it claims. — Infrastructures.org I want to make our existing Active Directory the source for all the following: Lists of users allowed to log …
Author Archives: renfro
Client Application Management (Part 1, for .deb packages)
(Original infrastructures.org writeup here.) Wow, this part has been a learning experience. The things I’ve picked up out of this stage: aptitude is not apt-get. Obvious, yes. But how different they are was not apparent until this weekend. pkgsync is great, and does exactly what it claims, but read its claims very carefully, since it …
Continue reading “Client Application Management (Part 1, for .deb packages)”
Time Synchronization
Time synchronization makes lots of things work better, including: make Kerberos tar syslog We’ve got a central NTP server on campus, and I’m using that to sync from. Puppet handles ntp and ntpdate configuration on the managed systems. Components of that setup: ntp.pp and ntpdate.pp classes imported from puppet/classes Virtualization-detecting facter recipe (originally from here, …
The Gold Server
In infrastructures.org terminology, the gold server is the one location that all clients check in with to see if they need to make any configuration changes. No changes needed? No changes made. No gold server available right now? No changes made, check back later. In theory, this should be a pretty simple server to provision. …
Abaqus 6.6 on Debian Etch (amd64 port)
Q. Why does the condemned man get a last cigarette, instead of one of those through-the-skin stick-on nicotine thingies? A. Don’t patch the executable. — rec.humor.funny Bad Abaqus! Or more properly, bad ZeroG InstallAnywhere! This post indicates that AMD64 Java doesn’t have NPTL problems you keep checking for. And then, when I comment out the …
Infrastructures: Version Control
The infrastructures mothership says the following about version control: It may seem strange to start with version control. Many sysadmins go through their entire careers without it. But infrastructure building is fundamentally a development process, and a great deal of shell, Perl, and other code tends to get generated. We found that once we got …
The Beginnings of Infrastructure Management
Contents of this post have been moved to http://blogs.cae.tntech.edu/mwr/infrastructure-management/
Unattended Debian Installations (or How I Learned to Stop Worrying and Love the preseed.cfg)
A CMR project recently bought 12 new Dell PowerEdge SC1435 servers to replace some of our aging compute cluster systems. In previous server rollouts, I’d generally get one system installed and configured, image it with SystemImager, and then PXE-boot the rest of the systems to pull that image. However, it’s tough to audit exactly what …
Exporting Figures from MATLAB
I just discovered the WordPress.com MATLAB feed today. Frinkytown’s complaint about copying and pasting figure reminded me of things I had to do to write my M.S. thesis, and other things I discovered afterwards: MS Word is the devil, and Equation Editor is its evil spawn. When I started writing my thesis, I had been …
Work in Progress: Policy-Driven Blog Registrations for Universities
In response to this thread at the WPMU forums, I’ve hacked up parts of the signup procedure to match what I wanted for my student/faculty/staff blogs here. Particularly, the goals for us were: Restrict registration to people with email addresses in our subdomain cae.tntech.edu — this would include every engineering graduate student plus a sizable …
Continue reading “Work in Progress: Policy-Driven Blog Registrations for Universities”