syslog

Sysdev has confirmed 2.33 FTE staffing for the VIDaaS project which was given the green light last month. This input, allocated over the remainder of the 12 month project, will provide systems and software development capabilities required to deliver the majority of user-facing functionality.

The VIDaaS project aims to deliver a highly cost-effective and scalable “on-demand, on-line, and on-going” database for researchers at Oxford University and other HE institutions. Development of the underlying web-based data storage and presentation software started in the JISC-funded Sudamih project, but is now set for delivery on a much grander scale. Through VIDaaS the easy-to-use online database service (DaaS) will be enhanced with a range of new features, generalised to meet the needs of the wider research activities at Oxford, and adapted for deployment on a high-availability, flexible-capacity virtual infrastructure.

John Ireland will work alongside Pete Jones (SIS) and Jon Hutchings (NSMS) as  Lead Architect, managing the design and integration of the DaaS software and service. Christian Fernau will take on the role of VIDaaS Software Developer, joining Asif Akram who developed the initial DaaS software in the Sudamih project and who will continue his work as Lead Software Developer on VIDaaS. Asif has occupied a desk next to Christian for over a year, but his post within OUCS is to be formally transferred into Sysdev to provide greater integration of the VIDaaS project with OUCS’ core Unix service team.

The VIDaaS project has attracted significant funding from the University Modernisation Fund, and sets out to provide a service which will free many researchers from the burden of maintaining local databases, whilst significantly improving discoverability, reliability, and flexibility. The project outputs will be designed for use by any Higher Education Institution, and will be added to the data management tools offered by the Digital Curation Centre. At a local level, OUCS sees this as a significant addition to the portfolio of IT services offered to Oxford researchers.

For more information about VIDaaS, visit the project web site, or contact the Office of the Director of IT at directorspa@odit.ox.ac.uk.

The software behind OUCS blogs has been updated to include security fixes released by the WordPress team last week.

Announcement of the much awaited release of WordPress 3.1.1 should bring relief to those suffering from side-effects of the WordPress 3.1 pill: key features include improved security of media uploads, performance improvements, and various bug fixes. It also addresses three security vulnerabilities. Users are advised to update “promptly”.

The official announcement followed the general availability of 3.1.1 by a few days, and was quickly followed by a deluge of derivative announcements which, bar a few more considered posts, appear to offer little more than regurgitated snippets from the original. The release announcement ends with a haiku suggesting that since only geeks will know what’s it’s all about you should just apply the update and not worry about the details.

What if you’re a geek who uses WordPress though? Surely any security announcement bears some evaluation before taking the risks associated with an upgrade. In fact there is a release note which details the changesets / trac tickets associated with each of the security issues. These are genuinely significant, although perhaps not as terminal as some commentators appear to suggest; Will all unpatched servers be out-of-service by Monday? Probably not.

If you are already running WordPress 3.1 then this update appears to offer several worthwhile benefits, and the overall changeset is relatively small. For anyone still on WordPress 3.0 (e.g. users of Debian squeeze which includes WordPress 3.0.5) then you may be considering whether its viable to backport the fixes. Good news – this is actually rather trivial. Just pick up the changesets identified in the release note and you’ll find that two of them apply as-is (XSS and CSRF vulnerabilities), and the small change to mitigate PHP crashes on “deviously devised devilish links in comments” is easy enough to apply, just a few lines too early for `patch` to cope by default.

I would like to thank whoever it was that printed out a book review and left it on the shared printer a few weeks back. All it took was a quick glance and my attention was caught by the phrase “making meetings more effective” – this is something I could do with. Amazon obliged and within a couple of days I had a copy of the book on my desk.

Game storming

A Playbook for Innovators, Rulebreakers, and Changemakers

I’ve just finished reading the book, and have picked up a few resources from associated web sites (http://www.gogamestorm.com/, http://www.selflearners.net/Notes/Gamestorming).

What does the book offer? Essentially it’s a collection of activities that can be used to help groups of people think and communicate effectively about specific topics of importance. Some of them were familiar to me from management training courses – the dreaded post-it and flip-chart-art school of creative thinking; others were things that I have done at some point but not recognised as a re-usable technique; the vast majority were new ideas.

To make this a bit more tangible for anyone reading, some of the “games” that you have probably come across are Lightning Talks (aka Pecha Kucha), Elevator Pitch, and SWOT Analysis. You might not be so familiar with Dot Voting, Speedboat, or The 5 Whys.

Was it worth reading? Definitely, and I would recommend it to anyone who finds themselves in a position of leading a group of people in thinking about how to approach a particular problem, opportunity, or other topic. It isn’t a book that I will add to my “turning points” list (books that have caused a profound change in my understanding of myself or the world around me), but it is a book that has given me a range of new tools / techniques / ideas that can be brought to bear in a wide variety of situations.

Some this was brought to bear in a sysdev team meeting. We used a series of three games to develop a set of strategic developments that would be worth pursuing (from our own perspective). In just 40 minutes we collaboratively agreed on 7 key developments. Since then, five have already seen action, and the remaining two are on the cards to be fitted in when time allows. One person at the meeting commented that we had “…acheived more in 40 minutes than [another group] had acheived in a whole day”. Storming!

It’s been another busy week: Friday has come, and almost gone, but what is it that has filled up every working hour?

As I mentioned previously, Sysdev is involved in the provision of a number of IT services, handling all aspects of some and looking after the infrastructure of others. Here’s a list of the things we’re involved with:

• Webauth, Kerberos, Oak LDAP, and Shibboleth
• Maillists
• GNU/Linux computing environment (linux.ox.ac.uk)
• User web publishing (users.ox.ac.uk)
• Web virtual hosts (including many of OUCS’ own web sites)
• Oxford’s Alumni Email Forwarding Service
• News, IRC, and Jabber
• Mirror service (mirror.ox.ac.uk)
• Self-registration (hosting only)
• WebLearn (hosting only)
• Podcasts (hosting only)
• Green IT – Desktop Computing (wake-on-lan and power management monitoring)

We also provide a number of tools for use within OUCS, including the Request Tracker, Subversion, Room booking system, and OUCS Blogs, and various members of sysdev sit on OUCS, unit, and University-wide groups and panels.

Sysdev is occasionally described as having a “hive mentality” on account of everyone having a sufficiently broad range of skills and knowledge to cover pretty much everything we do. We have a daily rotation to decide who will take support enquiries, and much of our development work is done collaboratively (albeit over IRC/email as we’re split across four physical offices).

On a day-to-day basis our work broadly falls into four main areas:

• systems development (selection, installation, and configuration of servers, operating systems, and applications),
• systems administration (updates, patches, attending to reports from automated maintenance jobs, …),
• support (processing service requests, second/third-line advice and fault diagnosis),
• management (planning, advisory groups, project management, service management, reporting).

So a typical day might involve applying security patches to c. 100 servers, helping out a user who is getting unexpected results from the maillist service, setting up a new queue in our Request Tracker, contacting the maintainers of the Fedora upstream repository to work out why we weren’t able to fully update our local mirror, deploying some new software and an updated database for one of the other OUCS teams, and meeting with the podcast team to discuss growing storage requirements.

Regarding our longer-term committments, here are some of the projects and groups that we are participating in:

• Student Systems Replacement project
  Providing technical expertise to assist UAS in selecting a replacement for the Oracle Student System and associated services;
• Core User Directory
  Augmenting our identity and access management stack with a very wide-reaching directory of people having some association with Oxford University;
• Energy Efficiency and Monitoring project
  Enhancing the Power Monitoring and Management and Wake-on-LAN services pilotted in 2010;
• Enhanced Authentication and Privacy project
  Developing a multi-factor authentication capability to offer stronger user authentication for applications that require it (e.g. for controlled access to examination papers);
• UAS Identity and Access Initiatives
  Advising UAS and BSP on identity and access management, and helping address issues such as SSO integration of key applications such as student systems, and the new HRIS.

If you are involved with web sites at Oxford then you are likely to have received a survey invitation in the last day or so. This is part of our “Blue Spinner” project which aims to collect information to help us design a new generation of web hosting service(s) for the University. We have already received a huge response, but would welcome any further submissions as this will be an important development for the University and has the potential to provide a range of  cost-effective and easy-to-use web hosting options for ITSS, web managers, web authors and publishers, and many more besides.

However, it is after 5pm on Friday, so don’t go looking for the survey right now – it’s time to head off for the weekend!

Hello from the OUCS Systems Development and Support Section, or “sysdev” as we are known by our friends.

We are one of the Infrastructure Systems and Services teams within OUCS, and specialise in delivering a range of high availability IT services. Some services, such as Web Single Sign-On, are entirely our responsibility whilst others, such as WebLearn, are hosted by us on behalf of other teams. We also provide a number of internal tools to support OUCS such as the Request Tracker, and public facilities such as the mirror.ox.ac.uk site.

Our systems are built almost entirely on the Debian GNU/Linux platform, and we offer specialised advice in this area. For those interested in such things, our current server estate is mainly Sun (now Oracle) based, with the tail-end of some older IBM kit being taken out of service this year.

The type of service that we manage keeps us in day-to-day contact with ITSS around the University, although we do have the pleasure of providing 2nd/3rd line support to other University IT users and working with broader-based project groups around Oxford.

We hope that this blog will enable us to provide more information about what we are getting up to, notify you of changes to the range of services that we are involved in delivering, and raise various topics of general interest to anyone working in the same field as ourselves.