136 lines
5.2 KiB
XML
Executable File
136 lines
5.2 KiB
XML
Executable File
<?xml version="1.0" encoding="UTF-8"?>
|
|
<chapter>
|
|
<title>System Administrator</title>
|
|
|
|
<para>The systems administrator position is probably the position
|
|
requiring the largest amount of "ad-hoc" knowledge. In
|
|
particular, there are many decisions related to how the CSC
|
|
computers are run which may not be so obvious from looking at the
|
|
systems themselves.</para>
|
|
|
|
<para>For this reason, as sysadmin of the CSC it is of vital
|
|
importance that you not only read this document, but keep it up to
|
|
date as well.</para>
|
|
|
|
<sect1>
|
|
<title>Your responsibilities</title>
|
|
|
|
<para>According to the constitution, the following are the duties
|
|
of the sysadmin:</para>
|
|
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>to operate any and all equipment in the possession of the Club;</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para> to maintain and upgrade the software on equipment that is
|
|
operated by the Club;</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>to facilitate the use of equipment that is operated by the Club.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
<para>It has become quite regular for the CSC to get new equipment each
|
|
term. The sysadmin is responsible for ensuring this gear gets installed
|
|
and works as intended.</para>
|
|
</sect1>
|
|
|
|
<sect1>
|
|
<title>Useful contacts</title>
|
|
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>You can try getting access to the machine room from MFCF/CSCF.
|
|
You probably want to talk to Dave Gawley, <email>dlgawley@cs.uwaterloo.ca</email>.
|
|
He's been really friendly to the CSC in the past and is a cool guy
|
|
in general.</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</sect1>
|
|
|
|
<sect1>
|
|
<title>Changing Users</title>
|
|
<para>To alter users and groups please use the cpu command. cpu is setup
|
|
to use ldap to change any given user or group.</para>
|
|
<itemizedlist>
|
|
<listitem>To change a users group use cpu usermod -G current,groups,new,groups</listitem>
|
|
<listitem>man cpu-ldap</listitem>
|
|
<listitem>cpu groupadd cvs-ceo</listitem>
|
|
</itemizedlist>
|
|
</sect1>
|
|
<sect1>
|
|
<title>Expiring Users</title>
|
|
|
|
<para>This procedure is for users that were expired at the end of spring
|
|
2003.</para>
|
|
|
|
<orderedlist>
|
|
<listitem>
|
|
<para>login as root on peri (you probably can't do this, but might
|
|
have access to someone who can..)</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Unexpire the account in the ldap database</para>
|
|
|
|
<para><prompt>peri# </prompt><userinput>echo username
|
|
|/root/dead-accounts/unexpire.pl</userinput> If this worked, it should
|
|
spit back the username.</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Extract home directory onto peri</para>
|
|
|
|
<para>extract home directory onto peri mount "Expired /u" on
|
|
sugar (or wherever) copy /$mntpoint/username.tar to somewhere
|
|
accessible to root@peri</para>
|
|
|
|
<para>Note: the home directories are not compressed on the CD,
|
|
remember this when 'cp' is telling you 'username.tgz: no
|
|
such file or directory'. tar (below) doesn't need 'z'
|
|
either. <prompt>peri# </prompt><userinput>tar xf /path/to/username.tar
|
|
-C /u</userinput></para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>Restore mail onto peri </para>
|
|
|
|
<para><prompt>peri$ </prompt><userinput>grep username
|
|
/root/dead-accounts/unreadable-accounts</userinput> if the username is
|
|
there, the mbox is on "Expired mail 2" otherwise, the mbox is
|
|
on "Expired mail" mount appropriate CD cd to a temporary
|
|
directory (*not* /var/mail) extract mbox from archive -- on the
|
|
"Expired mail", this will take a while -- just hit ^C after
|
|
you see the username printed and you're happy tar has moved on to
|
|
other files.</para>
|
|
|
|
<para>(I say 'sugar', but really any machine with a CD
|
|
drive...) <prompt>sugar$ </prompt><userinput>tar jxvf
|
|
/$mntpoint/mail_tar.bz2 username </userinput> (hmm.. I don't
|
|
remember what the tarball is called on Expired2, maybe the same thing,
|
|
maybe different, but I'm pretty sure this is the filename for
|
|
Expired1. Besides, there's only one file on the CD, so just
|
|
tab-complete the damn thing :) (probably scp username root@peri: or
|
|
something here) restore mail, appending any mail received since backup
|
|
was made, and preserving permissions on the file. (Note: this
|
|
doesn't take into account locks -- i.e., stuff might get screwed
|
|
if the account receives mail while one of the below cats is running. A
|
|
message received between the cats simply gets lost.)</para>
|
|
|
|
<para> The following commands should also work from another machine if
|
|
the account was on "Expired mail" (i.e., was not in
|
|
``unreadable-accounts''). But doing it on peri will always</para>
|
|
|
|
<para><prompt>peri#</prompt><userinput>cat /var/mail/username
|
|
>>username</userinput></para>
|
|
|
|
<para><prompt>peri#</prompt><userinput>cat username
|
|
>/var/mail/username</userinput></para>
|
|
</listitem>
|
|
</orderedlist>
|
|
</sect1>
|
|
</chapter>
|