Windows to Linux Migration - File Server Security?

Circuit Breaker asks: "I'm in the slow process of migrating my office from Windows to Linux. The servers have been Linux machines for quite a while now: Samba serves as PDC/BDC (not using Active Directory yet), and the Samba config is mirrored with rsync; all works well. No, it's time for the workstations, and all is NOT well. User lists are synchronized with NIS, which sort-of works, and will probably work better once we implement LDAP; but it seems that mounting of server directories can only effectively be done with NFS, which is a problem with security because some people really need local root. I've tried using NFS, CIFS and SSHFS, through pam_mount, automount, and independently, but it's not close to the usability of the Windows setup. It's either mounted per user, which requires a lot of work, or by root, in which case local root users bypass any remote permissions. How do you set up mounting directories that is easy to use like Windows -- everything automounted, but security settings are still respected for each user, even when local roots are involved?"

If it works now

[mboverload]

If it works, why are you migrating? If it aint broke, don't fix it.

Re:A good security

[picklepuss]

By educating and training the users, there should be a minimum amount of confusion.

IMHO, this is just asking for trouble. And having daily backups only ensures that you'll spend most of your day restoring backups when things start to get really messed up. Getting a signature doesn't do you squat, unless there is a real policy of enforcement. But once mangaement realizes they're going to have to discipline everyone because your security policy is lame, who do you think is going to get it in the end.

Re:Because someone got bitten by the Linux bug

[Sycraft-fu]

You are free to believe what you like, it has no effect on the truth of what happened. Oracle refused to install on normal Linux. I don't know what the problem was, and apparantly neither did our Solaris guy. That's why he called Oracle, to ask them to help make it install, only they wouldn't because it's an unsupported OS. Now I should clarify that the a good part of the week wasn't fighting with Oracle, but with making RAID work, however he tried and failed to install Oracle several times before giving up and calling for support.

And it sounds like you are another one bitten with the LInux bug, or rather the "anything but MS" bug. Why not Oracle on XP? I would draw your attention to the fact that it's an offically supported OS, as in Oracle themselves have declared "This OS is suitable to use with our database, and we will support installations on it." 10g2 is offically supported on Windows 2000 (Pro and Server), XP (32 and 64-bit) and 2003 Server (32 and 64-bit). While I haven't played with 10, when we did all this with 9, it installed on XP on the first try with no problems.

So what's your reasoning that XP can't be used? Is there something really backing it up or is it just general "You can't use Windows" mentality?

I'm not saying I'd recommend using Oracle on XP in most cases, however this is the same, knee-jerk "Linux bug" mentality I'm talking about. A Windows solution works, there's no problems with it, however you get this atitude like it should be Linux just because.

Change needs to have a reason, at least in the corperate world. That reason can be something as simple as "we are tired of paying for MS licenses" but you need a legit reason. "I hate MS" isnt' a legit reason. Further, the benefits of the switch must outwiegh the costs. If you can switch to Linux with no additonal support costs, then the cost argument is a good one. If switching to Linux is going to require 500 man hours to implement and an additonal 200 per year to support over Windows, it may well be that the money spent on support is more than the savings from licensing.