Jason,
I'll chip in my two cents but try to keep it short:
1) LVM seems to be more stable than it used to, and there are tools to help
rescue systems when they don't boot. So if you organization is comfortable
with LVM and it is the standard, then I'd say "Sure, put the root fs in an
LV".
2) Sudo is your friend - the two basic approaches seem to be: (A) allow
users/admins to 'sudo to root' and (B) more fined-grain - only allow users
to sudo to run specific commands. The former is less maintenance and setup
for the sysadmins while the latter allow for better logs of exactly 'who
did what'.
3) It seems to me the sharing of application binaries such as WAS, MQ,
Oracle, etc. is more productive than trying to share the entire root file
system. There are just too many exceptions to the latter to justify the
effort. I believe most organizations that have tried 'read only root' have
abandoned it.
Hope this helps, again just my opinions...
-Mike MacIsaac
On Mon, May 4, 2015 at 9:53 AM, Jason Space <[email protected]
> wrote:
> All,
>
> First off, my apologies if this is slightly OT, but I'm looking for some
> help in the way(s) that Linux on z differs from Linux on open systems.
> I've been scouring the IBM redbooks and whitepapers to find tid-bits of
> information and presenting to the powers that be.
>
> Due to recent changes in our organization there has been a shift in the
> "who architects/engineers/administers" the Linux on z environment. The
> current momentum is to have the *NIX group essentially do all of it from
> the provisioning to administration. Bottom line is, they want to set it
> up like it is on the distributed systems (autoinstall vs, cloning, overuse
> of lvm, r/o binaries, etc..) some which I know fails to leverage the
> benefits of mainframe.
>
> 1. Some of the things the open systems *NIX guys like to do is LVM
> everything, including root. From the Set up Linux on IBM System z for
> Production redbook
> I found the following statement:
> "Do not include the root file system in the LVM structure
> because, if for any reason the LVM
> fails, the operating system will not boot. " - Set up
> Linux on IBM System z for Production
>
> Are there other reasoning's to not do so? These are the types of things
> that would really be helpful.
>
> 2. No root access for z/VM system programmers to z/Linux servers.
> To my knowledge the s390-tools modules require root to invoke
> them. These tools are the essential interfaces between z/Linux and z/VM
> platform.
>
> 3. Sharing of Read/Only binaries.
> Install once / share many -- This idea of this is mainframe
> centric and is foreign idea to open systems.
>
> I guess these are the "big" ones, at least in my mind. At the end of the
> day, I realize that the best intentions and reasons often result in poor
> decisions by those that are in the position to make them.
>
> Thx,
> Jason
>
> ----------------------------------------------------------------------
> For LINUX-390 subscribe / signoff / archive access instructions,
> send email to [email protected] with the message: INFO LINUX-390 or
> visit
> http://www.marist.edu/htbin/wlvindex?LINUX-390
> ----------------------------------------------------------------------
> For more information on Linux on System z, visit
> http://wiki.linuxvm.org/
>
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/
