Subject:
|
Re: NQC in Boston University Linux :)
|
Newsgroups:
|
lugnet.off-topic.geek
|
Date:
|
Fri, 7 Apr 2000 04:49:43 GMT
|
Viewed:
|
132 times
|
| |
|
|
Matthew Miller wrote:
>
> Matthew Miller <mattdm@mattdm.org> wrote:
> > Major differences are:
>
> Oh yeah: those major differences are RH 6.[01] -> RH 6.2. RH 6.2 -> BULinux:
>
> - includes nqc :)
yup, I installed it in /usr/local for all the dept. :)
> - uses bash version 2; none of this bash w/ optional "bash2" silliness
bash? zsh :)
> - kerberos4 (via a pam module -- much nicer than needing every app to be
> made to support krb4)
nod, pam is nice.
> - autorpm gets (and optionally auto-installs) our gpg-signed updates
> - includes openssh (since we're educational, we can link against rsaref)
> - includes more stuff -- aspell, abiword, bsdgames, curl (w/ssl), gaim
> (ugh, but popular request), lavaps, memtest86, nasm, nethack,
> sudo, vacation, weblint, etc
nog... heh, if you have to put gaim, put licq too? (unless gaim is not
what I think it is...)
> - includes baseline, our in-house network-based tripwire-like system
mmmm... tripwire - let's me snoop on the other admins :) which is good,
since I have to figure out what they're breaking.
> - includes Donald Becker's ethernet card utils
> - experimental afs support via arla
hmmm... definitely want to look at afs. what about coda?
> - has pretty BU Linux logos
:)
> - includes WindowMaker session-type option (if you don't like either Gnome
> or KDE)
fvwm!
> - network install autoconfigured for our network/servers
always good.
> - xntpd configured to sync with our timeservers
nod, cool.
> - modified lilo (yay asm coding) supports password=* option, which, in
> combination with the restricted flag, makes it possible to configure lilo
> to be secure by default. (no init=/bin/sh)
I always thought it was there by default - you could put a password so
you couldn't enter parameters without it... no?
> - /etc/nsswitch.conf isn't broken by default (no references to nis. if
> nis is enabled, a different nsswitch.conf with nis support gets copied in)
> - ph, for doing lookups in our qi database
> - useradd -K automatically sets up an account compliant with our global UID
> system (necessary for backups, and a @#!$ good idea for kerberos).
> accounts with UID < 3000 are considered local and won't kerberos
> authenticate.
> - rshd intentionally broken. Our operations people are really attached to
> it and won't do backups for machines without it running (they like it for
> admin purposes; it's not technically necessary). Unfortunately, it's evil
> and makes security headaches multiply like rats in the back bay in
> spring. So our version only allows connects from key operations machines.
r*d... booooo.
> - sendmail runs in _client_ mode by default. (duh.) Also, expn and vrfy
> disabled. Considering moving to postfix.
nodnod
> - NOTHING enabled in inetd by default. (but we do run it anyway -- admins
> expect to be able to just uncomment a line and have stuff go)
heheh. interesting idea.
> - hosts.allow/hosts.deny locked down by default (ssh allowed, that's all)
nog.
> - if root runs X, a full screen message pops up explaining why that's
> discouraged. (future plague of linux virii, mark my words...)
nod - but I believe if you do that, you deserve what you get... gnome
warns of it too, no?
> - lotsa other cosmetic and small changes
cool - sounds a lot like what I end up tuning our machines to, which
takes about 20 mins... but if I had to install 100s of boxes, I might
look into this BUL :P
:)
Dan
|
|
Message has 1 Reply:
 | | Re: NQC in Boston University Linux :)
|
| (...) I don't think zsh is 100% backwards compatible with sh, so it's not an ideal replacement. Might be reasonable to add though. (...) Yeah, gaim is what you think it is. If I get requests for licq, I'll put it in. (...) We're looking at coda. But (...) (25 years ago, 7-Apr-00, to lugnet.off-topic.geek)
|
Message is in Reply To:
| | Re: NQC in Boston University Linux :)
|
| (...) Oh yeah: those major differences are RH 6.[01] -> RH 6.2. RH 6.2 -> BULinux: - includes nqc :) - uses bash version 2; none of this bash w/ optional "bash2" silliness - kerberos4 (via a pam module -- much nicer than needing every app to be made (...) (25 years ago, 7-Apr-00, to lugnet.off-topic.geek)
|
18 Messages in This Thread:
 
 
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
