Overview of Unix / Linux Environment
IRIS maintains a legacy Unix environment with central account management (NIS). We run a login server for all account holders to access, and also provide support for advanced users who want to run their own Unix servers. All services supporting Unix hosts (e.g. NFS exports, NIS access, printer access, time service) are blocked at the IRIS network border. However ssh (port 22) is open by default, and is the preferred method for remote access to Unix servers.
UNIX USERNAME AND GROUPS
All IRIS account holders are assigned a unique id, called the “login name” or “username”. Everyone gets a Unix account with that name, and is also assigned a unique Unix UID. As of September, 2015, all users are also assigned a personal Unix group called “u-<login>” which is their primary unix group. Users can be added to addtional Unix groups by request to the helpdesk. The Unix command
groups can be used to list current group membership.
NETWORK INFORMATION SERVICES (NIS)
Unix password,group and other information is distributed via NIS. The NIS domainname is mammoth and the NIS servers are cronus.cs.berkeley.edu and rhea.cs.berkeley.edu. These servers are only accessible to hosts on IRIS-controlled networks. The command
ypcat <mapname>, issued on any NIS client in the mammoth domain, can be used to view a given map. For example,
ypcat group, etc.
The specifics of how to configure your client will vary depending on the distribution.The Linux Documentation Project has a page which might be helpful.
Every user has a home directory on the department’s fileserver which is NFS-exported to the department login server and webserver and some other administrative systems (e.g. the backup servers). Additional NFS exports can be requested by sending email to help@eecs. The Unix command
showmount -e home.eecs.berkeley.edu can be used to view the current exports list from any machine on an IRIS-controlled network.
We make extensive use of netgroups of machines to make our exports lists more manageable, and netgroups of users to facilitate login control on NIS clients. For example, a research group called “MyGroup” might have netgroup called mygroup-c conisting of all their NFS clients, and mygroup-l consisting of all their NIS users. We can use @mygroup-c when doing NFS exports, and the clients can be configured to only allow logins to users in mygroup-l.
The NIS server distributes automount maps to facilitate automounting of user home directories. To see a full list of available maps, use
ypwhich -m on a system which is an NIS client in the mammoth domain, e.g. login.eecs.berkeley.edu. Usually you can “bootstrap” your server by starting with auto.cs.master.nomail, but most people really only need auto.home.eecs and auto.project.eecs.
Supported Unix / Linux Distributions
A variety of unix platforms are used within EECS. Those that are officially supported by the department infrastructure are:
- Solaris 9 and 10 (Sparc, x86)
- Linux (Red Hat/CentOS, x86, x86_64)
This list is not static. Other platforms are used in EECS, but the department makes no guarantees as to the interoperability of those systems with the departmental computing infrastructure or software support via SWW.
In general, IRIS recommends using “long-term support” versions of Linux, where possible. For instance, use Ubuntu LTS; or RedHat/CentOS rather than Fedora. For laptops or brand-new hardware, though, you may have more success with drivers from cutting-edge, frequently-updated distributions like Fedora or the latest Ubuntu release.
The department maintains a Solaris general login server,login.eecs.berkeley.edu. All departmental users (non-Instructional) may access this server.
If you have further questions regarding *nix support or are looking for more information, the following may prove useful: