ECS Linux

Overview

Linux is a free, open source, UNIX-type operating system, created by Linus Torvalds with the help of developers and hobbyists all over the world.

ECS supports an automatic installation of Red Hat Enterprise Linux (RHEL) that has been customized for operation within the School of Engineering, specifically for modern 64-bit Intel-compatible PC platforms. “ECS Linux” is the only Linux platform recommended by ECS for use in the School of Engineering.

ECS Linux has been tailored for integration with the computing environment within the School of Engineering. It provides access to specialty software, user home directories, and a fully Kerberized single-sign-on environment. ECS Linux is our recommended Linux solution for general use within the school, and it is the only Linux solution which we can fully support at this time. A technical overview is available below.

 

Current Version: Red Hat Enterprise Linux (RHEL) 7.x

Technical Overview

ECS Linux is built atop Red Hat Enterprise Linux (RHEL) version 7. As of this writing, the current minor build is RHEL7.2.

Previous ECS Linux versions were based on Ubuntu LTS. RHEL offers several advantages, especially for server installations:

1. RHEL is built on top of a recent, yet proven stable kernel version and code base, whereas Ubuntu is more “cutting edge” which may lead to stability and compatibility issues.

2. RHEL is licensed to UConn through UITS. This license entitles us to technical support direct from Red Hat in addition to vast community-based support.

3. Most commercial and enterprise-level open source applications are tested and supported primarily on Red Hat and/or other rpm-based distributions.

The combination of stability and support make RHEL the perfect choice for servers. Likewise, the same advantages can be leveraged for workstations. Both virtual and hardware installations are supported by ECS.

The updated security model based on System Security Services Daemon (SSSD) allows quick and seamless direct integration with Active Directory, without the need for NIS or even Linux-based LDAP.

RHEL7 is recommended for all new server and workstation installations.

 

Also Supported: Ubuntu 14.04 LTS (Trusty Tahr)

Technical Overview

ECS Linux is currently Ubuntu 14.04 LTS (codename Trusty Tahr). Users log in using the same Active Directory credentials they use to log into domain-connected Windows PCs. They have access to the same protected home directory and a consistent user experience.

The home directories are mounted securely from our Hitachi HNAS file server using Kerberized-NFS. Anything stored in the public_html sub-directory of a user’s home directory and made world readable is visible on the users webpage. Access to files stored in the home directories is also available through sftp, ftp, and CIFS. Home directories are backed up to on-disk snapshots multiple times during the day, and to tape nightly. Tape retention of data is currently limited to 8 months.

The Linux machines are members of an MIT Kerberos realm, ENGR.UCONN.EDU, and have service principles generated automatically in the ENGR.UCONN.EDU realm during the installation process. The machines are configured to allow users to authenticate off of the realm controlled by the Microsoft Active Directory, AD.ENGR.UCONN.EDU. We have created a cross-realm trust between AD.ENGR.UCONN.EDU and ENGR.UCONN.EDU. Authentication is fully Kerberized, allowing knowledgeable users to employ single sign-on techniques for starting jobs on many PCs simultaneously, or simply to avoid retyping their passwords.

Ubuntu (based on Debian) inherits a rich set of nearly 20,000 free software packages to choose from. Software is installed by request from anyone within SoE. If you would like to make a request, please use this form. Currently we are providing 1178 free software packages chosen to be useful to our users, including, gcc, g++, R, java development kits, Eclipse, and gnu screen. Commercial software packages are available as well including Matlab, Cadence and more.

Remote access is available to the machines via OpenSSH and X applications can be tunneled through OpenSSH. FreeNX and VNC are also available for running an entire GUI desktop remotely. Valid authentication with SoE username and password or Kerberos credentials are required for any type of access. The machines are patched regularly and locked down with iptables-based firewall rules.