Cern Week 27

I bought a funky new Keyboard from Dell with a smart card reader. I spent some time writing a script that will start the screen saver when you pull the card and stop it when you put it back in. Further I did some work on putting my kerberos5 token on the card. This turned out to generate quite funky behavior in some programs (ssh for example). Further there was a root exploit for the Linux kernel, through which every user on a SLC5 machine could get root. Unfortunately SLC4 was not affected due to the very old kernel (2.6.9-67) so we got away with a blue eye. NodeCertCheck needed some minor modifications as 2 weeks warning in advance where not perceived to be long enough. So I changed it to 4 weeks. Now the manager will get 6 mails if he doesn't renew the Certificate. Then I added some methods in my rpm build scripts to sign my rpms. Nice for security a pain to add. Further I created a mailing list for my linux ldap user. So now everyone can subscribe to the linuxlda mailing list and get updates about what is going to happen on the Linux ldap side and ask some questions. As the load on my machine is getting more and more I requested a new machine so I can implement a little fail over cluster for production. I did some research into logrotate so my servers can save the log files at an appropriate time. This will be done through quattor in the production system. I tried to get OpenCVS working under Linux but failed miserably. Due to not having Bsd Make and other little things. So I will have to wait till OpenCVS is a little more mature or I get a day off.

No comments: