SLAC Root Access Request
|UNIX at SLAC|
Security at SLAC
|Updated: 25 April 2001|
When files are shared via NFS, the various systems involved must be administered in a coordinated fashion to preserve the integrity of the files and the security of the hosts. To ensure such coordination, we restrict access to SLAC's central file servers to hosts meeting certain requirements. The database of such hosts is called the SLAC Netgroup.
For UNIX platforms supported by SCS (currently AIX, Solaris, and Linux), the easiest way to satisfy these requirements is to turn over the system administration responsibility to us. We will run several cronjobs on your system (including "taylor" and "emergency"). These scripts maintain consistent configurations (including passwd files) across all SCS-administered systems at SLAC, and can be used to install some software updates, such as security patches. We will also login as root to diagnose and correct problems when necessary.
If you need root access on your machine (e.g., in order to install special software), you may still be able to run taylor and our other cronjobs and share the system administration responsibility with us. Use the Additional Information field below to outline your specific needs and describing your level of UNIX experience.
The permission granted to be part of the SLAC Netgroup is for the machines and operating system levels that have been scanned and/or validated. If you remove the system from the network, you should contact unix-admin to request that the machine be removed from the SLAC Netgroup. If you replace the system (for example replacing a SunOS system with a Linux system), or substantially upgrade the OS (for example SunOS to Solaris), you are responsible for reapplying for membership in the SLAC Netgroup.
Machines in the SLAC Netgroup will be re-scanned for security problems regularly to insure that they continue to meet the current security requirements (which may change from time to time).
To request access to SLAC's central NFS file servers, please enter the following information for this system and its administrator.