Linux, Fedora 18 changes

From Fedora 18 and up, BCF has changed a lot in the default Linux install. This page tries to document the reasons why, and the implications for users. This page also documents the changes that were included in Fedora 18 itself.

Table of contents

  1. Why change a lot
  2. The changes
  3. Implications
  4. Other changes in Fedora
  5. For details see the items at the left side of this page

Why change a lot

The reasons that BCF felt a change was needed in the default Linux installation are:

  • Users were increasingly used to having control of their systems. Due to our usage of NIS and NFSv3, we could not give out root access on desktop systems without compromising security. This made installing research software hard as BCF needed to be involved for actions where root access was necessary.
  • Due to the use of a network home directory, providing service for Linux on laptops (or other mobile systems) was impossible.
  • Newer open source software packages have gotten worse with dealing with the edge cases of having a network home directory. For older Fedora versions we have seen conflicts in Akonadi (the KDE PIM suite), Firefox, and the GNOME desktop (e.g. multiple logins at the same time). This cost a lot of support time.
  • Having to maintain a separate authentication system for the Linux systems is time consuming. With the release of Fedora 18, most of the core system components that enable authentication against the campus Active Directory have matured enough so that Linux users can join the shared authentication system for the rest of the campus. This frees up support time.
  • Having a single authentication system also means that it is possible to use a single location for network storage, instead of having separate directories to use for Linux and Windows. This saves costs and (again) support overhead.

The changes

All of the above reasons have been considered, and the following changes have been implemented as of Fedora 18.

  • All Linux desktop owners will be granted root access using sudo(8). This means that it is possible to install non-standard software yourself.
  • The authentication system for Linux systems has been switched from our own internal server to the TU/e campus active directory.
  • The home directory of a user is now located on the local harddrive of the Linux system, and access to network drives is now only possible via an alternate path below /net.
  • The default network storage directory will be located on the same storage as the Windows G:\ drive, and not the Linux drive.

Implications

The changes listed above have the following implications for usage of Linux systems. All of the information below will be updated on the live website as soon as possible, until that time it is possible that there is conflicting information present. For users of Fedora 18, all information presented here should be considered canonical.

Root access

The registered owner of a desktop Linux machine will be granted root access to the machine, using sudo(8). We prefer not to give out the root password simply so that we can step in in emergency situations.

Note that we configure the machine using Puppet. This means that while it is possible for someone to change all configuration files, some of them will be reset when Puppet next runs. By default the software runs hourly.

BCF asks that people leave Puppet enabled as it makes it easier for us to step in in case of emergencies. In case you need to make changes that Puppet overwrites, please let us know so we can check out a way to make it work for both parties.

Further implications are that desktop users are now themselves responsible for keeping the machines up to date. The machines will prompt when updates are available. By default, BCF throttles these updates to a weekly run, as before.

Lastly, using root access it is possible to entirely misconfigure the machine. In case this happens, BCF will try to rescue the system and its data. We cannot, however, guarantee that local data can be rescued in all cases. With great power comes great responsibility; please use this power wisely, and make sure you have good backups.

Loginname

The change in authentication system means that you now need to login to your Linux system using a different user name than before:

"TUE\windows_username"

Note that the Windows username is not necessarily the same as your Linux username, especially for people enrolled at the department for a long time.

Note as well that the TUE\ part is NOT optional. There are technical implications in making it so. To avoid a lot of unnecessary typing, it is possible for most connection programs to save the username used in a connection:

  • For SSH on a Linux system, use the "User" option in $HOME/.ssh/config.

Storage locations

First of all, the default location for programs, your homedirectory or $HOME, is now on a local drive WITHOUT BACKUP.

We realize that this is more inconvenient than the old setup with NFS mounted home directories. However we refer back to the first paragraphs for the reasoning behind these changes.

The "old" network home directory is still accessible, as /net/linux/linux_username.

However we also actively encourage people upgrading to Fedora 18 to move their data to the new location, accessible as

/net/home/windows_username

This is the exact same location as is provided on Windows systems as the G:\ drive. If you already use both Windows and Linux systems, the data from the G:\ drive should be visible there.

As stated above, this change saves costs as in the future we will not have to maintain two separate network storage locations.

As a side-effect, it is now also easier to access network drives commonly used by colleagues using Windows. The following lists all possible accessible network drives and their paths

  • /net/home/windows_username corresponds to the Windows G:\ drive, your home directory
  • /net/common corresponds to the Windows S:\ drive
  • /net/public corresponds to the Windows T:\ drive
  • /net/winstorage/windows_username corresponds to the Windows O:\ drive on the storage server.
  • /net/linux/linux_username corresponds to the Linux home directory, previously accessible as /home/linux_username on Fedora 14 systems or \\vf-win\home\linux_username on Window systems.

Other changes in Fedora

The changes above are all guided by reasons applicable to our TU/e environment; however Fedora 18 itself also changed a lot compared to our old Fedora 14 environment. Of course a lot of software has simply been upgraded to the latest version, but there are some upgrades that we would like to point out beforehand:

  • The default GNOME environment has been changed to GNOME 3. This desktop environment is rather different from the GNOME 2 environment that you may be used to. We advise you to read up on the GNOME website on why and how things are changed and how to use it.

    Should you decide that GNOME 3 is not for you, the XFCE desktop environment is an alternative that is also installed by default. XFCE more closely resembles a traditional desktop environment, like GNOME 2.

Change details

See the links at the upper-left side of this page.


Contact us | Webmaster

Questions? Mail to helpdesk.win@tue.nl