[Gllug] Linux Roadshow
John Edwards
john_ed at cornerstonelinux.co.uk
Fri Dec 7 22:19:55 UTC 2001
On Fri, Dec 07, 2001 at 04:33:19PM -0000, Richard Cottrill wrote:
> That said; do any of the major distributions have a mode/distro where you
> get a corporate desktop, rather than a 'workstation'? I mean the sort of
> thing that doesn't have a programmer's editor, or perhaps even a compiler
> (God forbid). The sort of distro where you can script it to install 1000
> times, drop each of those thousand boxes on a different functionary's desks
> and have each of them at work in 10 minutes. By the time you're done
> everyone should be able to work, and save to the file server, and NOTHING
> else.
RedHat has had Kickstart for a while and allows you to do a fully unattended
install, though the syntax of the language options have changed in RedHat
7.2. I use it for most of my server installs and it's not too difficult,
and there is a GUI configuration tool and another that creates a kickstart
file that copies a particular machine. The concept is based on Solaris'
Jumpstart install.
Debian has FAI which is similar and developed for clusters, and SuSE is
said to be developing something called Alice it does not appear to be well
publicised or documented.
Linux and the other Unixes are a lot easier to lock down than Windows
or MacOS as the usual default is that a non-root user can only save to
their home directory, /tmp and /var/tmp. The home directory can be
on a server, /tmp can be in RAM, but files in /var/tmp need to be
preserved between reboots. How much /var/tmp is used depends on your
applications, but you can allocate it it's own partition to stop / or
/var filling up. Other world writeable directories can be found using:
find / -type d -perm +o=w
which may bring up some lock or spool directories in /var.
Program areas (eg /usr) can be mounted read only from servers, and
resource allocations can be enforced. You could even run the machine
diskless, booting and mounting the whole filesystem over the network
and only using the local disk for swap space if you can't afford the
RAM, or use thin clients like X terminals or Sun Rays.
> That's my experience of corporate desktops. Lots of questionable reports
> flying about, water-cooler politics, and stationary cupboards being presided
> over by swivel chair fascists.
Not much to do computers, the problem is in the wetware. Boot it a couple
of times and see if that helps, if not get another job.
> Is there a Linux distribution that can handle such 'stresses'? Windows is
> actually remarkably good. It's not stable, it's not secure, it's not fast,
> but it's familiar and IT departments are good at spewing out a thousand M$
> machines to fill an office. Even the pointy-headed luddites have resigned
> themselves learning how to get that latest trojan^H^H^H^H^H^He-card from
> across the office.
>
> Richard
I'm not sure if there is a distribution that specialises in this kind of
thing but with a bit of know-how most could be setup to do it, give Debian
or RedHat a try. It all depends how much fexibility and performance you
can sacrifice for security.
ps. Any recomendations for a good thin client that can do X and/or run a
local web browser. Wyse seem to only be do Windows CE based stuff. Small
size and wireless networking option would be a plus.
--
#------------------------------------------------------------#
| John Edwards Email: John.Edwards at uk.com |
| |
| "Security vulnerabilities are here to stay." |
| Scott Culp, Manager, Microsoft Security Response Center |
#------------------------------------------------------------#
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list