[Gllug] Linux Roadshow

John Edwards john_ed at cornerstonelinux.co.uk
Fri Dec 7 22:19:55 UTC 2001 

On Fri, Dec 07, 2001 at 04:33:19PM -0000, Richard Cottrill wrote:
> That said; do any of the major distributions have a mode/distro where you
> get a corporate desktop, rather than a 'workstation'? I mean the sort of
> thing that doesn't have a programmer's editor, or perhaps even a compiler
> (God forbid). The sort of distro where you can script it to install 1000
> times, drop each of those thousand boxes on a different functionary's desks
> and have each of them at work in 10 minutes. By the time you're done
> everyone should be able to work, and save to the file server, and NOTHING
> else.

RedHat has had Kickstart for a while and allows you to do a fully unattended 
install, though the syntax of the language options have changed in RedHat 
7.2. I use it for most of my server installs and it's not too difficult, 
and there is a GUI configuration tool and another that creates a kickstart 
file that copies a particular machine. The concept is based on Solaris' 
Jumpstart install.

Debian has FAI which is similar and developed for clusters, and SuSE is 
said to be developing something called Alice it does not appear to be well 
publicised or documented.

Linux and the other Unixes are a lot easier to lock down than Windows 
or MacOS as the usual default is that a non-root user can only save to 
their home directory, /tmp and /var/tmp. The home directory can be 
on a server, /tmp can be in RAM, but files in /var/tmp need to be 
preserved between reboots. How much /var/tmp is used depends on your 
applications, but you can allocate it it's own partition to stop / or 
/var filling up. Other world writeable directories can be found using:
	find / -type d -perm +o=w
which may bring up some lock or spool directories in /var.

Program areas (eg /usr) can be mounted read only from servers, and 
resource allocations can be enforced. You could even run the machine 
diskless, booting and mounting the whole filesystem over the network 
and only using the local disk for swap space if you can't afford the 
RAM, or use thin clients like X terminals or Sun Rays.


> That's my experience of corporate desktops. Lots of questionable reports
> flying about, water-cooler politics, and stationary cupboards being presided
> over by swivel chair fascists.

Not much to do computers, the problem is in the wetware. Boot it a couple 
of times and see if that helps, if not get another job.

> Is there a Linux distribution that can handle such 'stresses'? Windows is
> actually remarkably good. It's not stable, it's not secure, it's not fast,
> but it's familiar and IT departments are good at spewing out a thousand M$
> machines to fill an office. Even the pointy-headed luddites have resigned
> themselves learning how to get that latest trojan^H^H^H^H^H^He-card from
> across the office.
> 
> Richard

I'm not sure if there is a distribution that specialises in this kind of 
thing but with a bit of know-how most could be setup to do it, give Debian 
or RedHat a try. It all depends how much fexibility and performance you 
can sacrifice for security.


ps. Any recomendations for a good thin client that can do X and/or run a 
local web browser. Wyse seem to only be do Windows CE based stuff. Small 
size and wireless networking option would be a plus.


-- 
#------------------------------------------------------------#
|      John Edwards    Email: John.Edwards at uk.com            |
|                                                            |
|     "Security vulnerabilities are here to stay."           |
|   Scott Culp, Manager, Microsoft Security Response Center  |
#------------------------------------------------------------#

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list