Managing BSD desktop clients - "Fencing in the herd"

Hauke Fath

The members of the BSD family have traditionally prospered off the desktop, as operating systems on servers and embedded systems. The advent of MacOS X has marked a change, and moved the desktop more into focus. Modern desktop systems create a richer software landscape, with more diverse requirements, than their server counterparts. User demands, software package interdependencies and frequent security issues result in a change rate that can put a considerable load on the admin staff. Without central management tools, previously identical installations diverge quickly. This paper looks at concepts and strategies for managing tens to hundreds of modern, Unix-like desktop clients. The available management tools range from simple, image-based software distribution, mainly used for setting up uniform clients, to "intelligent" rule-based engines capable of search-and-replace operations on configuration files. We will briefly compare their properties and limitations, then take a closer look at Radmind, a suite for file level administration of Unix clients. Radmind has been in use in the Institute of Telecommunication at Technische Universität Darmstadt for over three years, managing NetBSD and Debian Linux clients in the labs as well as faculty members' machines. We will explore the Radmind suite's underlying concepts and functionality. In order to see how the concept holds up, we will discuss real-world scenarios from the system life-cycle of Installation, configuration changes, security updates, component updates, and system upgrades.
Hauke Fath works as a systems administrator for the Institut für Nachrichtentechnik (telecommunication) at Technische Universität Darmstadt. He has been using NetBSD since 1994, when he first booted a NetBSD 1.0A kernel on a Macintosh SE/30. NetBSD helped shaping his career by causing a slow drift from application programmer's work towards systems and network administration. Hauke Fath holds a MS in Physics and became a NetBSD developer in late 2006.
Managing Unix desktop clients, software distribution, tripwire