In order to manage the 1000+ Unix/Linux hosts in SCS, we install a custom environment on hosts that we deploy. This environment provides distributed system management capabilities and better security. Machines running this environment are often referred to as being "Facilitized" (this term is also sometimes used to refer to Windows PCs that have the Facilities Windows environment installed on them). Modifications and additions that have been made to the "stock" vendor environment on Facilitized Unix/Linux hosts include:
- An AFS client as the standard means for providing central file services.
- The mail system has been replaced with a sendmail-based system with SCS-specific modifications.
- SUP & Depot are installed to provide nightly local file updates.
- Many standard programs, including login, telnet, telnetd and ssh have been replaced with SCS-local versions that use Kerberos for authentication and encryption.
- A Kerberized SSH client and sshd are installed by default.
- Configuration files are installed so that Facilities staff have access to the host for system maintenance and troubleshooting.
- tcpwrappers are installed, though there are no global installed defaults for allowed and restricted hosts.
- named has been replaced with local, caching version.
- finger has been replaced with a version that understands our ldap database.
- ntpd has been replaced with a local version.
- A daemon (lcladm) to provide remote account administration for Facilities staff.
- Daemons to facilitate remote account administration, provide desktop backups (on machines that request them), and provide Zephyr service.
- xinetd is installed (though the actual config files are generated by a script from entries in inetd.conf).
- nanny, which is a daemon that monitors the status of other daemons and restarts them if necessary is installed.
- Many files, including inetd.conf, /etc/services, root's crontab, and /etc/printcap are automatically generated and updated.
- Logfiles are automatically rotated and old files in /tmp are automatically removed.
- Many vendor services in the default inetd.conf have been removed.
- There is a standard set of baseline and contributed software (misc collections) that is installed in /usr/local on every host.
- Linux hosts run an automatic kernel upgrade procedure.
Whenever possible, hooks have been provided to allow host-specific customizations. See the local Unix/Linux administrators guide for information on how to perform system administration tasks and customize Facilitized hosts. The Unix/Linux quick reference has an overview of some common questions when using Facilitized Unix/Linux hosts.