- Check all services einstein currently provides. Locate as many custom scripts, etc. as is reasonable and label/copy them.
- Network interfaces - UNH: ???? Farm: Done!
- Iptables - Not working. Possibly because of Gourd's weirdness.
- DNS - Done!
- LDAP - Done!
- Postfix - Need to get TLS working. -It's been set in main.cf, but hasn't been applied. We need to make sure the certs are set up right.
- SpamAssassin - Done!
- Dovecot - Functioning, have to migrate cyrus e-mails from old Einstein.
- /home - Done!
- Samba If anyone needs samba access, they need to find us and have us make them a samba account. No LDAP integration.
- Web? - This will be handled by roentgen, except squirrelmail, which requires a basic apache setup.
- Fortran compilers and things like that? (Also needs compat libs) - Isn't this what pumpkin is for?
- Switch einstein.
Sudo is currently hanging on einstein2. We really should work this out before even considering the switch. Update: It's not indefinite, though. After a long time, I got this message "sudo: uid 4235 does not exist in the passwd file!" Which is shown to be untrue when I do a
getent passwd 4235. /etc/ldap.conf should have said "ssl no" instead of "ssl start_tls", in order to match old einstein's setup. It now works.
Current setup on einstein2
/ is /dev/md0, which is a 3-way mirror comprised of sda1, sdb1, and sdc1. /var/spool/imap (can be changed to match our dovecot configuration) is /dev/md1, which is a 3-way mirror comprised of sda2, sdb2, and sdc2. /home is a 2-way mirror of sdb3 and sdc3. sda3 is the swap partition. The reason it is set up this way is that the system came installed on a 250gb, and Matt wanted redundancy and space for mail and /home, since they're (some of) the most important things. Two 750gb's were added, and RHEL5 was reinstalled without a hitch. Grub should currently be installed on all three drives, so that if any one (or two!) drives fails, the system can still boot and run. The RAID setup is standard software raid1 using 3 elements for root/mail and 2 elements for home. This will allow us to put the drives in any other system if need be.
This setup apparently confused Maurik, who wondered why we need to use the original 250gb drive involved. The answer, in case it ever needs to be known in the future, is that Matt didn't want to waste a perfectly good drive with no other purpose. It's perfectly reasonable to change the drive to 750 and complete the 3-way raiding fun, if desired.
einstein2 isn't connected to the UNH network, yet somehow can access it and anybody else:
traceroute to google.com (22.214.171.124), 30 hops max, 40 byte packets 1 gourd.farm.physics.unh.edu (10.0.0.252) 0.149 ms 0.137 ms 0.129 ms 2 faculty1-gw.unh.edu (126.96.36.199) 0.546 ms 0.640 ms 0.704 ms 3 tccat1-sup.unh.edu (188.8.131.52) 1.369 ms 1.456 ms 1.490 ms 4 catwan.unh.edu (184.108.40.206) 4.955 ms 4.971 ms 5.001 ms 5 220.127.116.11 (18.104.22.168) 8.399 ms 8.234 ms 8.248 ms 6 te7-1-10G.ar2.DCA3.gblx.net (22.214.171.124) 14.197 ms 28.104 ms 14.382 ms 7 google-2.ar2.DCA3.gblx.net (126.96.36.199) 16.258 ms 16.267 ms 16.283 ms 8 188.8.131.52 (184.108.40.206) 16.852 ms 29.388 ms 220.127.116.11 (18.104.22.168) 17.033 ms 9 22.214.171.124 (126.96.36.199) 34.669 ms 188.8.131.52 (184.108.40.206) 35.986 ms 220.127.116.11 (18.104.22.168) 41.596 ms 10 22.214.171.124 (126.96.36.199) 42.588 ms 42.414 ms 188.8.131.52 (184.108.40.206) 36.595 ms 11 220.127.116.11 (18.104.22.168) 42.013 ms 22.214.171.124 (126.96.36.199) 36.180 ms 188.8.131.52 (184.108.40.206) 36.979 ms 12 220.127.116.11 (18.104.22.168) 51.523 ms py-in-f99.google.com (22.214.171.124) 42.752 ms 50.091 ms
Gourd, huh? What's this about, Aaron?
This should come in handy moving mail to the new einstein ("cyrus2courier" seems like the best and not any harder to use than the other two options. No, it isn't. It doesn't work for 2.2+)
Dovecot, postfix, squirrelmail, and mailman have all been installed. The logical plan of attack seems to be to get postfix working fully, then dovecot, then squirrel, and finally mailman, in order to satisfy dependencies as well as order of importance.
Because single large files scare me, I'm initially trying to set up postfix with maildir format. Default is mbox, but since mbox stores each user's mail as a single big file, it just looks like it's too easy to lose lots of data from random disk errors. Mbox worked, but once I copied over einstein's configs, things stopped working due to hostname/resolution errors, as can be seen in
/var/log/maillog. maildir is far more robust anyhow; the Dovecot documentation even recommends it, so I don't know why mbox is the default.