Journal spun's Journal: Novell Brainshare and Miscellaneous Projects 2
I just got back from the Novell Brainshare conference in Salt Lake City. It was a fun week. I attended lots of sessions on Linux and other open source tools. There was free (well, someone payed for me to be there...) food, free massages, free lattes, & lots of swag. Novell had a tech lab giving lots of interesting demos, and there were several dozen vendors and ISVs present. On Wednesday, Frank Caliendo opened for Collective soul at a free concert put on by Novell and open to the general public.
Perhaps the most interesting was a tutorial on using AppArmor. It's a great system for protecting applications. Novell bought the company that produced it several years ago and open sourced it. Basically, you point AppArmor at an application and put it in learning mode. You put the app through its intended uses, and then answer a series of questions regarding what AppArmor saw it doing. For instance, the app accessed a file. You can allow, deny, or 'glob.' Meaning, put in an asterisk. So it could access any file in a particular directory. There are also a series of pre-built templates you can add which allow certain sets of operations. Then you put AppArmor in enforce mode, and it keeps the app from doing things it shouldn't. Even if its running as root.
I'm impressed with Novell's commitment to open source. They are moving everything to Linux. Netware is no more, Netware services live on in Open Enterprise Server built on Suse Linux. Novell gave a great presentation on using the GNU autotools for their partners who want to move their products to Linux. Who knew using autconf, automake, libtool, and the rest could be so easy? Not me.
I've been working on setting up a log server, analysis, reporting, and notification system recently. I'm using Linux HA to fail-over an IP address and restart syslog. The logs are stored on an OCFS2 filesystem shared by the two nodes in the cluster. I use octopussy to analyze, report, and notify, and monit as a client side add in for logging additional information.
CoreForce (Score:2)
Re: (Score:2)
One interesting demonstration presented at the session was building a limited root shell.