Linux Security Patch to be Applied to all Hosts Beginning October 26th

CHPC is aware of a Linux kernel vulnerability known as Dirty COW (https://www.us-cert.gov/ncas/current-activity/2016/10/21/Linux-Kernel-Vulnerability  ).   As soon as we get and test the applicable patch,  we will  need to apply it and reboot all Linux systems.    As this is a security concern, we need to deploy the patch as soon as possible and therefore there will  be minimal advanced warning.  

We are now ready to proceed with the application of the required security patch on any systems that are running CentOS 6 or 7 to address the Linux kernel vulnerability.  As noted this process requires that each system be rebooted.

We will start this process with the interactive nodes late October 26th, 2016. This includes all compute cluster interactive nodes, including the owner interactive nodes, the frisco nodes, the meteo and atmos nodes. Please take whatever steps necessary to save you work if you have jobs running on these resources. No additional notices will be given.

For the compute nodes, a reservation has been put in place for October 27th in the morning at 9am, to start draining running jobs from the nodes. Any idle queued jobs will start once the reservation is lifted.

For Linux VMs, the process will start after 4pm October 26th. Again please take steps to save any running jobs as no additional notices will be given.

CHPC managed Linux desktops (such as the astro desktops) will be handled on a case by case basis.

We will send messages out as we complete the process.