Users should have a basic understanding of Linux and Unix-like operating systems to get the most out of their VM.
Builds are managed using puppet. If you need to change any of the following puppet managed services, contact ERIS at email@example.com and we can make a variance for your VM. Tampering with, removing or disabling the puppet management tools may compromise the security of your VM. If stopping puppet services to troubleshoot, please restart them when troubleshooting is competed, they will also restart nightly.
Access to VMs is granted via SSH from inside the partners firewall using your Partners username and password. If you need access from outside, either use your VPN connection or request an SSH relay server account from firstname.lastname@example.org
. If your group has a PAS group assigned, you can request that your VM be set up to use that group for admin or user access.
Accounts requested as administrators have sudo access, use sudo to execute commands with root privileges. To add additional users or administrators, simply add their Partners username to the local “users” group for login access and “admins” for sudo access. Admins need to be members of both groups to log in and use sudo.
Our standard build is based on a basic server install of CentOS 6. The following changes are made and enforced via Puppet. If you need to make changes to any of the following defaults, contact email@example.com
and request the change.
The root password is assigned via puppet and should not be changed by users or admins. If you need to execute commands with root privileges, use sudo instead. SSH login as root is not permitted.
SELinux is set to enforcing.
Firewall is configured via Puppet, additional ports can be requested to be open. Outbound traffic on all ports is allowed.
Nagios is used to monitor hosts for issues. Copies of common log files are sent to our central syslog server.
Updates are automatically run by yum-cron on a weekly basis.
Software repositories are configured by Puppet. By default CentOS Base, extras and EPEL are enabled. Admins can install software using yum. ‘sudo yum install <packagename>’
Postfix is configured as the default MTA on these servers and outgoing mail will be sent via phsmgout.partners.org
NTP is configured to use the partners time servers as well as several internet sources as backup.
SSSD is used to authenticate users against the Partners Active Directory services.