Profiles, home directories and related things

Profiles, home directories and related things

Post by James Wil » Sun, 19 Jan 2003 17:26:46



My experience until recently has been from very small shops consisting
of only a few machines, where system administration in each machine
individually has not been burdensome.  Now, however, I am one of a
team managing about 40 machines, mostly Suns with mostly Solaris 7 or
8 ( we're migrating to 8) and system administration, which has been
something of a Cinderella, is assuming threateningly large
proportions.

A good deal of yesterday, for example, went to editing user profiles
on only two of the machines in order to eliminate thousands of error
messages in root's mailbox.  Now I want to bring some system to our
system administration before we get any bigger.

.profile files, for example.  These are very standard, with few
personalised exceptions, and come in three main flavours.

First I considered using include statements in .profile files.

Then I considered using symlinks to a .profile file on a central nfs
mount (with or without include statements).

Next I considered making /export/home a nfs mount to our admin
machine.  A slight problem would be in respect of ssh, but ssh_config
could point to another location for each user's .ssh directory.  I
don't know how this would affect gnupg, but only two users use gpg yet
so that's not a big deal.

Finally I considered making other directories - for example /usr/local
- nfs mounts.  At this point we're getting to the stage where a crash
on the nfs server brings down the whole machine park, so we'd need a
cluster arrangement, which could be on a pair of Linux machines, to
avoid the need for another Veritas cluster.

So here's my question.  What's the modern thinking on this topic?
What do you guys do who have not 40 but 400 or 4000 servers to manage?
 And how do you handle the machines in the DMZ?

I'm cross-posting this to one other - semi private - list, so
apologies if you see this in two places.

Thanks in advance for your help.

mvh/regards

James

 
 
 

Profiles, home directories and related things

Post by Rev. Don Koo » Sun, 19 Jan 2003 21:54:03


        [...snip...]

Quote:> So here's my question.  What's the modern thinking on this topic?
> What do you guys do who have not 40 but 400 or 4000 servers to manage?
>  And how do you handle the machines in the DMZ?

> I'm cross-posting this to one other - semi private - list, so
> apologies if you see this in two places.

        We put the home directories on a file server (preferably a NetApp) and
use "/etc/.login" (in SOLARIS) to configure a standard user login.

                Hope this helps,
                        Don

--
***************************      You a bounty hunter?
* Rev. Don McDonald, SCNA *      Man's gotta earn a living.
* Baltimore, MD           *      Dying ain't much of a living, boy.
***************************      "Outlaw Josey Wales"

 
 
 

Profiles, home directories and related things

Post by James Wil » Tue, 21 Jan 2003 16:39:50



Quote:

>    We put the home directories on a file server (preferably a NetApp) and
> use "/etc/.login" (in SOLARIS) to configure a standard user login.

Thanks for the input, Don.  Another possibility, of course, is to have
a kind of skeleton .profile - or .login - and possibly other
configuration files on a central server and redistribute them with,
say, spc or sftp on a regular basis or on changes.  This does of
course reduce the risk of bringing down the machine park when the
admin server is rebooted!

Any comments anyone?

mvh/regards

James

 
 
 

1. Telnet login doesn't run /etc/profile or $HOME/.profile

Hi,

A minor but irritating problem I'm having with my system (Linux-FT 1.1,
kernel 1.2.13, Pentium 90). When logging in from a remote machine by
telnet (e.g. MS-telnet in Windoze for workgroups), the telnet correctly
logs the user in, complete with starting the right shell etc, but doesn't
run /etc/profile or $HOME/.profile, so the paths, prompts and environment
variables don't get set correctly.

I'm a bit puzzled by telnet logins : they don't seem to be handled by a
getty, so I presume the telnet daemon is responsible for negotiating the
login. So, is this a problem with telnet daemon configuration, or a
compile option, or just not possible ? The telnet and telnetd man pages
are very sparse and don't say anything about this. I also couldn't find
anything in the NET-HOWTO or network configuration guide.

Any advice very gratefully received,

Steve

-----------------------------------------------------------------------------
| Steve Mottram                                                             |
|                                                                           |
| University Department of Anaesthesia  |    Internal Phone : LRI 5694      |
| Leicester Royal Infirmary             |    Phone  :  +44 (0)116 258 5291  |
| Leicester LE1 5WW                     |    Fax    :  +44 (0)116 285 4487  |

|---------------------------------------------------------------------------|
| Witty bit deleted due to budget cuts.                                     |
|---------------------------------------------------------------------------|

2. Printing html files

3. /etc/profile or $HOME/profile

4. problem installing Linux from CD-rom

5. automountd: trying to mount odd home directories(/home/.htaccess)

6. Nokia Integrated Firewall Products in Australia / NZ

7. /home and automount maps with many home directory servers

8. Need help: PS/2 mouse not working in doom

9. creating user home directories /home/username from /etc/passwd

10. help: won't create home directories in /home

11. Can anyone help me in http related things?

12. home directory=root directory

13. Script for creating a directory under user's home directory