System Administrator
The systems administrator position is probably the position
requiring the largest amount of "ad-hoc" knowledge. In
particular, there are many decisions related to how the CSC
computers are run which may not be so obvious from looking at the
systems themselves.
For this reason, as sysadmin of the CSC it is of vital
importance that you not only read this document, but keep it up to
date as well.
Your responsibilities
According to the constitution, the following are the duties
of the sysadmin:
to operate any and all equipment in the possession of the Club;
to maintain and upgrade the software on equipment that is
operated by the Club;
to facilitate the use of equipment that is operated by the Club.
It has become quite regular for the CSC to get new equipment each
term. The sysadmin is responsible for ensuring this gear gets installed
and works as intended.
Useful contacts
You can try getting access to the machine room from MFCF/CSCF.
You probably want to talk to Dave Gawley, dlgawley@cs.uwaterloo.ca.
He's been really friendly to the CSC in the past and is a cool guy
in general.
Changing Users
To alter users and groups please use the cpu command. cpu is setup
to use ldap to change any given user or group.
To change a users group use cpu usermod -G current,groups,new,groups
man cpu-ldap
cpu groupadd cvs-ceo
Expiring Users
This procedure is for users that were expired at the end of spring
2003.
login as root on peri (you probably can't do this, but might
have access to someone who can..)
Unexpire the account in the ldap database
peri# echo username
|/root/dead-accounts/unexpire.pl If this worked, it should
spit back the username.
Extract home directory onto peri
extract home directory onto peri mount "Expired /u" on
sugar (or wherever) copy /$mntpoint/username.tar to somewhere
accessible to root@peri
Note: the home directories are not compressed on the CD,
remember this when 'cp' is telling you 'username.tgz: no
such file or directory'. tar (below) doesn't need 'z'
either. peri# tar xf /path/to/username.tar
-C /u
Restore mail onto peri
peri$ grep username
/root/dead-accounts/unreadable-accounts if the username is
there, the mbox is on "Expired mail 2" otherwise, the mbox is
on "Expired mail" mount appropriate CD cd to a temporary
directory (*not* /var/mail) extract mbox from archive -- on the
"Expired mail", this will take a while -- just hit ^C after
you see the username printed and you're happy tar has moved on to
other files.
(I say 'sugar', but really any machine with a CD
drive...) sugar$ tar jxvf
/$mntpoint/mail_tar.bz2 username (hmm.. I don't
remember what the tarball is called on Expired2, maybe the same thing,
maybe different, but I'm pretty sure this is the filename for
Expired1. Besides, there's only one file on the CD, so just
tab-complete the damn thing :) (probably scp username root@peri: or
something here) restore mail, appending any mail received since backup
was made, and preserving permissions on the file. (Note: this
doesn't take into account locks -- i.e., stuff might get screwed
if the account receives mail while one of the below cats is running. A
message received between the cats simply gets lost.)
The following commands should also work from another machine if
the account was on "Expired mail" (i.e., was not in
``unreadable-accounts''). But doing it on peri will always
peri#cat /var/mail/username
>>username
peri#cat username
>/var/mail/username