Time  Nick      Message
12:52 pdurbin   "The pam_namespace PAM module sets up a private namespace for a session with polyinstantiated directories. A polyinstantiated directory provides a different instance of itself based on user name, or when using SELinux, user name, security context or both." -- http://linux.die.net/man/8/pam_namespace
12:52 pdurbin   "LXC (Linux Containers) is an operating system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host. LXC does not provide a virtual machine, but rather provides a virtual environment that has its own process and network space." -- http://en.wikipedia.org/wiki/LXC
12:54 pdurbin   i'm halfway through listening to FLOSS Weekly 211 about OpenShift - http://twit.tv/show/floss-weekly/211
12:54 pdurbin   openshift runs on amazon web services. and it uses pam_namespace and linux containers to put several dozen or hundred "gears" (webapps) on a single VM
12:55 pdurbin   i can't recommend this floss weekly episode enough. very interesting stuff
12:55 pdurbin   westmaas: the guy says he'd like to see openshift deployed on top of openstack
12:56 westmaas  yeah, think thats one of goals
12:56 pdurbin   also, they released the code recently: openshift (OpenShift Origin) - https://github.com/openshift
12:57 pdurbin   and they hope to put it into fedora
13:01 pdurbin   i like how the guy talks about efficiency, what we at work call green computing
13:02 pdurbin   how you want your VMs to be running as many gears as it can
13:02 pdurbin   i.e. lots of idle gears or fewer busy gears
17:30 SEJeff    Probably old news here, but perl 5.16.0: https://lwn.net/Articles/498034/
18:04 pdurbin   SEJeff: yay, perl :)
18:05 pdurbin   i was just messing around with cpan and modules(1) this morning. but i'm limited in what i can install 'cause i'm on perl 5.8
18:05 pdurbin   unrelated:
18:05 pdurbin   was just looking at this
18:05 pdurbin   'NFS4 with Kerberos is indeed the "proper" solution for this, as nobody can access another home directory without their Kerberos ticket. -- sudo users with nfs home directories - Ars Technica OpenForum - http://arstechnica.com/civis/viewtopic.php?f=16&t=1121199
19:19 pdurbin   'NFSv4 with kerberos supports authentication. A big disadvantage of nfsv3 was that root user can “su – ”, get the remote user's home directory automounted and delete/modify his files. This is a big security risk in bigger enterprises if they have 1000s of systems. In the above example, this problem is solved. If root on a system do “su - ” and can get his home directory automouted, he can't delete or modify the files without getting a t
19:19 pdurbin   -- What I Know About Linux That You May Not Know: How to configure nfsv4 with kerberos in RHEL? - http://sadiquepp.blogspot.com/2009/02/how-to-configure-nfsv4-with-kerberos-in.html
19:39 pdurbin   "What is happening is that user jim has set the permissions on his data to 0700 meaning only he, the owner, should get access. But someone on the NFS client with knowledge of the super-user password can become root (user id 0), and then become jim and circumvent jim's protections." -- http://nfsworld.blogspot.com/2006/02/real-authentication-in-nfs.html
19:42 pdurbin   this might be good but it's a 404: http://blog.delouw.ch/2011/12/25/identity-management-with-rhel-6-2-part-ii-kerberized-nfs-service/ Identity Management with RHEL 6.2 Part II – Kerberized NFS service
20:25 pdurbin   http://www.nfsv4bat.org/Documents/nasconf/2003/eisler.pdf (since it's a 404 at http://nfsworld.blogspot.com/2006/02/real-authentication-in-nfs.html )
20:25 pdurbin   even more at http://www.nfsv4bat.org/Documents/nasconf/2003/
20:32 pdurbin   ironcamel: i'm mad with power. became root. installed perl modules all over the place. messy but now i (and our users) have (most of) my favorites. too bad it's only perl 5.8.8 #enterpriselinux
20:32 ironcamel pdurbin++
20:33 ironcamel it's not messy :) it's all installed cleanly in your site_perl folder
20:33 pdurbin   we use "modules" for this. module(1)
20:34 ironcamel and managed perfectly via cpan* (your favorite CPAN package manager)
20:34 pdurbin   Modules -- Software Environment Management - http://modules.sourceforge.net/
20:35 ironcamel pdurbin: now that you can install whatever, make sure to try App::Notes
20:35 ironcamel cpanm notes
20:35 pdurbin   "hpc/perl5mods - perl 5 modules, miscellaneous add-on modules to the default perl installation" -- `./modules --whatis | grep perl5mods`
20:35 pdurbin   https://github.com/fasrc/api/blob/master/modules
20:35 ironcamel you know perl 5.16 just got released
20:35 pdurbin   SEJeff linked it above ^^
20:36 ironcamel cool
20:36 ironcamel you guys are up to speed :)
20:36 pdurbin   i tried cpanm briefly. back to cpan for now
20:36 ironcamel other than the fact that you are still on 5.8
20:36 pdurbin   5.8.8
20:36 ironcamel which has been deprecated for 2 cycles now
20:36 pdurbin   i was thinking i could make a module(1) called perl5latest
20:37 pdurbin   or something
20:37 ironcamel but perlbrew to the rescue
20:37 ironcamel cpanm perlbrew
20:37 pdurbin   yeah, i guess
20:37 pdurbin   whatever works with module(1), which seems to be more or less everything...
20:37 ironcamel perlbrew install perl-5.16.0
20:38 pdurbin   will have to look another day. take care, all
20:39 pdurbin   (though i have played with perlbrew on snow leopard, where i can't install XS modules because the perl apple shipped is so broken)
20:47 ironcamel not sure what this modules business is
20:48 ironcamel doesn't look very appealing
21:24 SEJeff    http://nmap.org/6 NMAP 6.0 released!