From dswan at ceh.ac.uk Wed Sep 3 06:17:13 2003 From: dswan at ceh.ac.uk (Dr Dan Swan) Date: 03 Sep 2003 11:17:13 +0100 Subject: [Bio-Linux] Bio-Linux 2.1 Upgrades, Bio-Linux installs and Bio-Linux news Message-ID: <1062584233.1083.38.camel@ivpcp032.nerc-oxford.ac.uk> Dear Bio-Linux users, As some of you may be aware we recently committed Bio-Linux 2.1. This release has now passed the testing phase and we are looking to roll out upgrades across the board soon. For those interested in the changes that have been made you can view changes on the public Bio-Linux changelog: http://envgen.nox.ac.uk/envgen/software/archives/000309.html There are a number of significant bug-fixes as well as new software. A lot of the changes described are as a result of user feedback over the last few months, and we would like to take this opportunity to thank everyone who has flagged an issue with Bio-Linux they have come across and reported to us. We do encourage any feedback on the Bio-Linux system and it contributes greatly to future development of the project. The upgrade process is relatively straightforward and does not require re-installation of the machine. You can view the instructions on updating your machine here: http://envgen.nox.ac.uk/envgen/software/archives/000360.html Upgrades for those who have not added additional software packages or modules is especially straightforward. For people who have heavily customised their systems the upgrade will require some discussion with the EGTDC about the updateclient.local.exclude file. If you are the systems administrator of a Bio-Linux machine please start thinking about the customisations and additional software packages you have installed on the machine. Obviously these should be included in the log book we hope you keep with your machines detailing all the changes you make to the system. We will be contacting people individually soon in order to proceed with the upgrades. If you would like to become an early adopter of the upgrades then please write to helpdesk at envgen.nox.ac.uk with a list of the machines you want to update, and we will take it from there. Updates will be rolled out from next week. Bio-Linux 2.1 is likely to be the last major release in the 2.X series barring minor bug-fixes. The EGTDC is now committed to the development of the first Bio-Linux 3.0 release which is scheduled for a December 2003 release. Again, we invite suggestions for what you would like to see in this release as it will be a significant step forward in functionality, look and feel. The changelog will detail development of Bio-Linux 3.0 as it happens. We would also like to take this opportunity to apologise for the delay in rolling out installs to those (few) remaining awardees. Due to the recent attack of Blaster worms (and variants) JANET and UKERNA and many individual institutions have decided to disallow "ping" traffic on their networks. Unfortunately the Bio-Linux install process relies on this working, and we are currently in discussion with the developers of our distribution system (SystemImager) on a resolution for this. We expect this to be remedied by the end of next week and will resume installs then. This does not affect upgrades to the system however. Due to popular demand we are also re-running the Basic Bio-Linux course in the new practical based format on November 25th. If people came on the Bio-Linux course prior to June 2003 they will not have had the opportunity to work in the GRID room on Bio-Linux workstations at CEH Oxford. If you would like to attend, or would like colleagues to attend then please email the helpdesk. The new course includes basic Linux usage, a bioinformatics practical and a hands on demonstration and practical with GeneSpring. regards, Dan and the EGTDC team. -- Dr Dan Swan - Bio-Linux Developer EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR Tel: 01865 281 975 Fax: 01865 281 696 http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk From dswan at ceh.ac.uk Fri Sep 5 12:57:53 2003 From: dswan at ceh.ac.uk (Dr Dan Swan) Date: 05 Sep 2003 17:57:53 +0100 Subject: [Bio-Linux] Bio-Linux installs will resume w/c 8/9/2003 Message-ID: <1062781072.1024.13.camel@ivpcp032.nerc-oxford.ac.uk> Dear All, Those of you awaiting installations of Bio-Linux will be delighted to know that I have finally managed to hack the install process so that it works again. The downside is that it required changes to the CD, so all those waiting for an install will have to wait for a replacement CD in the post. These will be sent out on Monday so hopefully we can resume the installation schedule on Wednesday, I will be in touch individually with those waiting for installs. Installs from here on in will be of the latest Bio-Linux version 2.1. A number of beta upgrades have been done (from Bio-Linux 1.0->2.1 and 2.0->2.1) and we expect to be rolling out upgrades more widely in the next fortnight. regards, Dan -- Dr Dan Swan - Bio-Linux Developer EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR Tel: 01865 281 975 Fax: 01865 281 696 http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk From dswan at ceh.ac.uk Wed Sep 17 10:00:31 2003 From: dswan at ceh.ac.uk (Dr Dan Swan) Date: 17 Sep 2003 15:00:31 +0100 Subject: [Bio-Linux] URGENT: BIO-LINUX SSHD UPDATES REQUIRED Message-ID: <1063807230.1002.246.camel@ivpcp032.nerc-oxford.ac.uk> Dear Systems Administrators, An exploit (hack) has been released on the internet for OpenSSH which controls the secure access to Bio-Linux machines. Due to the way OpenSSH has been configured on Bio-Linux Red-Carpet updates do not think there is anything to update. This is an EXTREMELY serious issue and the following steps should be taken immediately and the instructions followed TO THE LETTER WITH NO DEVIATION FROM THE FOLLOWING INSTRUCTIONS. This fix applies ONLY to people with Dell PRECISION 650 machines. If you are running Optiplex GX240 or GX260 machines please contact me immediately and do NOT use the following fix. All of the following instructions must be done on the physical console. Do NOT log in via ssh and then attempt the following as you will not be able to complete the instructions. 1) Sit down in front of the Bio-Linux computer 2) Log in as manager 3) Open a terminal 4) Type everything (better still cut and paste) that follows pressing enter at the end of each line: wget http://genomics.nox.ac.uk/~dswan/downloads/ssh_fix.tar.gz tar -zxvf ssh_fix.tar.gz sudo rpm -e `rpm -qa | grep ssh` (THE ABOVE LINE HAS BACKTICKS IN IT NOT SINGLE APOSTROPHES! IT IS THE KEY ON THE TOP LEFT OF THE KEYBOARD NEXT TO THE DIGIT 1) cd openssh-3.7p1 sudo make install sudo mv sshd_init /etc/init.d/sshd sudo /etc/init.d/sshd restart When you first attempt to login to the machine remotely you will be notified that the host file has changed. If you are on a Linux machine either delete or edit .ssh/known_hosts to get rid of this problem. Users with puTTY will just be asked if they want to change the host key. We apologise for this, but it is imperative you do this as soon as possible or compromise the integrity of your machine and your data. regards, Dan -- Dr Dan Swan - Bio-Linux Developer EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR Tel: 01865 281 975 Fax: 01865 281 696 http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk From dswan at ceh.ac.uk Wed Sep 17 10:11:22 2003 From: dswan at ceh.ac.uk (Dr Dan Swan) Date: 17 Sep 2003 15:11:22 +0100 Subject: [Bio-Linux] URGENT: BIO-LINUX SSHD UPDATES REQUIRED - Dell Optiplex Owners Message-ID: <1063807882.1002.249.camel@ivpcp032.nerc-oxford.ac.uk> Dear Sysadmins of Dell Optiplex GX240/260 machines. We have tested the instructions in the previous message on these machines, please feel free to update your systems using them. regards, Dan -- Dr Dan Swan - Bio-Linux Developer EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR Tel: 01865 281 975 Fax: 01865 281 696 http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk From dswan at ceh.ac.uk Thu Sep 18 08:20:45 2003 From: dswan at ceh.ac.uk (Dr Dan Swan) Date: 18 Sep 2003 13:20:45 +0100 Subject: [Bio-Linux] Bio-Linux SSHD problem followup and bugfix Message-ID: <1063887645.11092.37.camel@ivpcp032.nerc-oxford.ac.uk> Dear All, I'm very sorry to hit you with 2 updates in 2 days, but I just realised that the fix I sent out yesterday means that when you reboot your Bio-Linux machines OpenSSH will NOT start automatically. Whilst it is trivial to start by hand, this patch should be applied as follows: 1) Log in as manager (you can do this remotely) 2) wget http://genomics.nox.ac.uk/~dswan/downloads/sshd.tar 3) sudo cp sshd.tar / 4) cd / 5) sudo tar -xvf sshd.tar 6) sudo rm sshd.tar 7) exit The fix is applied. If you wish to verify the success of this: 1) cd etc/rc.d/rc0.d 2) ls -l *ssh* 3) You should see something like this: lrwxrwxrwx 1 22216 22200 14 Sep 18 12:28 K25sshd -> ../init.d/sshd regards, Dan -- Dr Dan Swan - Bio-Linux Developer EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR Tel: 01865 281 975 Fax: 01865 281 696 http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk From dswan at ceh.ac.uk Fri Sep 19 06:50:56 2003 From: dswan at ceh.ac.uk (Dr Dan Swan) Date: 19 Sep 2003 11:50:56 +0100 Subject: [Bio-Linux] OpenSSH - additional information for Bio-Linux admins Message-ID: <1063968656.11092.261.camel@ivpcp032.nerc-oxford.ac.uk> If your users rely on ssh forwarding with OpenSSH to work remotely the new OpenSSH requires some additional configuration. The fix is a lot easier this time! 1) Log in as manager 2) sudo cp /etc/ssh/sshd_config.rpmsave /usr/etc/sshd_config 3) sudo /etc/init.d/sshd restart 4) Log out - the job is done. Sorry for the additional configuration, this was only just brought to my attention - the new OpenSSH uses a different location for its configuration files and this is why it does not work as expected initially. regards, Dan -- Dr Dan Swan - Bio-Linux Developer EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR Tel: 01865 281 975 Fax: 01865 281 696 http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk From dswan at ceh.ac.uk Tue Sep 30 10:27:46 2003 From: dswan at ceh.ac.uk (Dr Dan Swan) Date: 30 Sep 2003 15:27:46 +0100 Subject: [Bio-Linux] OpenSSH - Launching X programs to Bio-Linux - advice for Admins Message-ID: <1064932066.13563.124.camel@ivpcp032.nerc-oxford.ac.uk> Dear Systems Administrators, We have been notified by a user that if you are have applied the OpenSSH fix and wish to launch graphical applications from a remote machine to your local Bio-Linux display you may encounter a problem with applications not appearing. In order to resolve this issue if it concerns you, you can apply the following fix. 1) Log in as manager 2) sudo cp /usr/etc/ssh_config /usr/etc/ssh_config_orig 2) sudo cp /etc/ssh/ssh_config.rpmsave /usr/etc/ssh_config You should now be able to launch X-windows programs to your Bio-Linux machine again. Normally this bug would not have been a problem as the OpenSSH documentation suggests that certain settings within Bio-Linux should take preference over changes in the config file whereas, on testing, this is clearly not the case. regards, Dan -- Dr Dan Swan - Bio-Linux Developer EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR Tel: 01865 281 975 Fax: 01865 281 696 http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk