Upgrading from BU Linux 5 to BU Linux 6

There are two steps for the upgrade: migrating from BU Linux 5 to 6, and configuring the system to use the college’s network resources by joining AD. If you do not wish to join your system to AD please follow the directions in the “Access Networked Drives Through Grid” to access the various ENG network drives.

OS Upgrade

BU Linux 6 can be installed with IS&T’s DVD image, and ENG-IT is available to help with installations if needed. If a clean installation is not possible for your system, please contact us so that we may assist you in planning out a safe upgrade plan.

AD Setup

To make network user accounts and drives accessible, the computer will need to be joined to the university’s Active Directory domain (AD). Just as with a Windows computer, this requires the help of an IT member with an administrative account. Please contact ENG-IT for assistance.

The standard configuration will provide these features:

  • A secure single sign-on system using BU Kerberos accounts, with flexible access control
  • Secure read-write access to our file server for networked home directories, course folders, and research lab file shares
  • Access to network-installed Linux programs in Engineering
  • Access to university-provided scientific software such as MATLAB, Mathematica, and Maple

Note that although it has many benefits, enabling network login is not required to take advantage of the other features of this setup; you can also manually add accounts using the add-bu-user tool. If you do not wish to join AD at all, the section below explains an alternate method to access network drives.

Once this is set up, any user with an AD account will be able to log in to your system with non-root privileges. To give a particular user sudo privileges, add them to the “wheel” group with the following command (where “username” is their BU Kerberos username): 

gpasswd wheel -a username

By default, any Kerberos user will be able to SSH into your machine from within BU unless you have SSH restricted. We strongly recommend you restrict remote access to only specific users. To do this, add an “AllowUsers” line to the bottom of the system’s /etc/ssh/sshd_config file: 

AllowUsers username1 username2 username3

Access Networked Drives Through Grid

As an alternative to connecting directly to our file server with the standard method, you can mount individual network shares over SSH, using our grid servers as an intermediary. Note that since access control then depends on the user forming the SSH connection, you will generally need to mount shares on a per-user basis with this method.

First install the package fuse-sshfs: 

sudo yum install fuse-sshfs

Now mount the share: 

sshfs -o workaround=rename user@enggrid:/ad/eng/<share> /<local mount point>

the “workaround=rename” option is recommended to ensure that certain programs, such as Subversion, work properly.

If you get an error about not having permissions to run fusermount, you need to make it executable: 

sudo chmod +x /bin/fusermount

For more detail about accessing the network drives, see this page.