[SLL] what do you do every time for new systems?

Jeremy C. Reed reed at reedmedia.net
Sat Mar 22 07:26:43 PDT 2008 

What do you do every time (or frequently) when you install or login to a 
new system (that you will continue to use as an admin)?

I am hoping we can start an interesting discussion and share some tips or 
advice with each other. (About 15 months ago, we had a similar discussion 
about "What do you use on your desktop?" which had lots of interesting and 
useful suggestions.)

I will get started. Here are a few things I initially do:

1) see what shell I am using

ps $$

If I am using tcsh, I usually stay with it but add to ~/.login:
set autolist
I may also set a custom prompt.

I prefer ksh or bash over tcsh, so I may use chsh to choose a different 
shell.

If I am using ksh, I usually stay with it. I may add to ~/.profile a 
custom prompt like:
PS1=`hostname -s`':${PWD}$ '
or
PS1=`hostname -s`:'${PWD##/*/}'"$ "

2) If I am on a BSD system, I add my own user account to the wheel group 
(have to login as root to do that). Add my user account if needed.

3) Often I install sudo (if not there) and set it up.

4) If needed, I setup the email aliases database so root's emails go to 
me (or somewhere appropriate). Run newaliases if needed.

Make sure outbound email is enabled and test.

5) If needed and not already done, make sure that sshd service is enabled.

6) Quick check of running services and listening network connections. 
Disable in xinetd.conf, inetd.conf, remove init.d symlinks (or chkconfig 
or update-rc.d for example) for unneeded services or features. Maybe 
disable xinetd or inetd if not used.

7) If I need root to login via sshd, I enable in sshd_config. Often I use 
PermitRootLogin with without-password or forced-commands-only (and put 
keys in place as appropriate).

8) If it is not a system I installed, I also look around:

hostname
uname -a
less /etc/passwd
last | tail
w

df -h

9) Make sure logging is okay (if not a new system)

ls -lSr /var/log/
(if ls supports -S)

(And also look in sub-directories)

And adjust logrotate or newsyslog.conf as needed.

I am sure I do other tasks too. I may do more for security auditing, 
update software as needed, use yum or apt-get to check if updates are 
available, etc. But the above are just some things I commonly do.

So what do you commonly do when you first login to a system you will be 
using (not temporarily)? Any software that you nearly always install? Or a 
shell environment that you always use?


  Jeremy C. Reed

More information about the linux-list mailing list