Next up in the series of LISA ‘08 guest blogs: Rik Farrow.

Here’s what Rik has to say:

I will be wearing two hats at LISA this year: one as a tutorial instructor, and the other as ;login: editor. My editor’s hat, consisting of an unruly fringe of hair, will make it plain that I am on the prowl, looking for articles for 2009. I already have a good lineup of articles for the February 2009 issue of ;login:, but want to find authors who can cover the big ideas in sysadmin for the rest of the year.

Two things that come to mind immediately are VM and configuration management. The IT world has gone crazy for VMs, and that changes the nature of sysadmin. Rebooting one machine can mean the halting and restarting of a dozen VMs, for example. In a sense, the configuration of VMs is not that dissimilar to the configuration management of separate systems, rebooting aside. And VMs themselves are still a work in progress. Exactly how much swap do you devote to a VM, and should this swap reside in a virtual disk or a swap partition? I have yet to hear a good answer to this question.

And not that the configuration ‘wars’ are over. There are still at least five contenders in the ring for dominance in the configuration management arena. I imagine that there will be BOFS as well as fierce
hallway (and poolside) discussions about whose software works the best. As often is the case, there will not be a definitive winner here, not just on merit, but because people have a lot of time and brainpower tied up in a particular solution.

I’ll also be watching the various pre-LISA workshops. I’ve found that sitting in on workshops (and reading the summaries) provide fertile ground for future articles. While most workshops focus on current issues, I always learn something new that I should be paying attention to. I notice that ZFS gets its own workshop this year, a hint that either ZFS administration is still new and complex, or that this area is just too profitable to ignore. I wonder why this is a workshop and not a tutorial?

During Tech sessions, I see lots of old friends as well as many new faces in both the papers track and the two tracks of IT sessions. I found myself thinking “oh boy” several times as I read through the lineup. This week will be fun, including the hallway track, where I can get some face time with people.

I will also be wearing my NSA hat. Of course, you can’t see my NSA hat, because it is classified (and invisible as well), but I am determined that I will help people who attend my tutorial re-enable enforcing mode in SELinux. I’ve worked with SELinux over the years as a user, and often as not been frustrated by it. If an application didn’t work, I just put SELinux into permissive mode, and then, likely as not, forgot about it after I solved whatever problem I was having. I decided it was high time I learned more about SELinux.

Red Hat, and other distros, continuing insistence on including SELinux features also piqued my interest. SELinux must be worthwhile or it would have been dropped a long time ago. And second, usability features
have appeared, such as setroubleshootd, sealert, modules, and booleans, that have made managing SELinux much simpler.

Honestly, I never got an NSA hat, even after over a dozen visits. The RCMP gave me a nifty hat, though, so perhaps I will wear that one.

As always, I look forward to going to San Diego, and hope to see you there.

Rik Farrow has been teaching UNIX security classes since 1987. He wrote the second book on UNIX security, as well as hundreds of security-related articles. His experience with Linux security goes back over ten years and has led him to believe that sandboxing applications with SELinux is not just a good idea, but necessary. Rik Farrow is also editor of ;login:.

Find out more about Rik’s class Working with SELinux (New)