[SLL] what do you do every time for new systems?

[Ski Kacoroski]

Jeremy,

I check the clocks (I think the clock on your email server is off by an
hour :).  I also do...

- last to see who has been on recently
- check disk space
- check logs and services
- change to bash shell (install if necessary)
- I often start sar so in a week or so I get a good idea of system load
- install my ssh key
- solaris: I will install several gnu utilities such as top, etc.
- debian: check sources.list and run apt-get update
- check for multiple ip's and host names
- tar up /etc and move to another system for disaster recovery
- sometimes tar up /opt or /usr/local also for disaster recovery
- check on backups and verify with a restore that they are ok

cheers,

ski

On Sat, 22 Mar 2008 09:26:43 -0500 (CDT) "Jeremy C. Reed"
<reed at reedmedia.net> wrote:
> What do you do every time (or frequently) when you install or login
> to a new system (that you will continue to use as an admin)?
> 
> I am hoping we can start an interesting discussion and share some
> tips or advice with each other. (About 15 months ago, we had a
> similar discussion about "What do you use on your desktop?" which had
> lots of interesting and useful suggestions.)
> 
> I will get started. Here are a few things I initially do:
> 
> 1) see what shell I am using
> 
> ps $$
> 
> If I am using tcsh, I usually stay with it but add to ~/.login:
> set autolist
> I may also set a custom prompt.
> 
> I prefer ksh or bash over tcsh, so I may use chsh to choose a
> different shell.
> 
> If I am using ksh, I usually stay with it. I may add to ~/.profile a 
> custom prompt like:
> PS1=`hostname -s`':${PWD}$ '
> or
> PS1=`hostname -s`:'${PWD##/*/}'"$ "
> 
> 2) If I am on a BSD system, I add my own user account to the wheel
> group (have to login as root to do that). Add my user account if
> needed.
> 
> 3) Often I install sudo (if not there) and set it up.
> 
> 4) If needed, I setup the email aliases database so root's emails go
> to me (or somewhere appropriate). Run newaliases if needed.
> 
> Make sure outbound email is enabled and test.
> 
> 5) If needed and not already done, make sure that sshd service is
> enabled.
> 
> 6) Quick check of running services and listening network connections. 
> Disable in xinetd.conf, inetd.conf, remove init.d symlinks (or
> chkconfig or update-rc.d for example) for unneeded services or
> features. Maybe disable xinetd or inetd if not used.
> 
> 7) If I need root to login via sshd, I enable in sshd_config. Often I
> use PermitRootLogin with without-password or forced-commands-only
> (and put keys in place as appropriate).
> 
> 8) If it is not a system I installed, I also look around:
> 
> hostname
> uname -a
> less /etc/passwd
> last | tail
> w
> 
> df -h
> 
> 9) Make sure logging is okay (if not a new system)
> 
> ls -lSr /var/log/
> (if ls supports -S)
> 
> (And also look in sub-directories)
> 
> And adjust logrotate or newsyslog.conf as needed.
> 
> I am sure I do other tasks too. I may do more for security auditing, 
> update software as needed, use yum or apt-get to check if updates are 
> available, etc. But the above are just some things I commonly do.
> 
> So what do you commonly do when you first login to a system you will
> be using (not temporarily)? Any software that you nearly always
> install? Or a shell environment that you always use?
> 
> 
>   Jeremy C. Reed


-- 
"When we try to pick out anything by itself, we find it
 connected to the entire universe"            John Muir

Chris "Ski" Kacoroski, kacoroski at gmail.com, 206-501-9803
or ski98033 on most IM services and gizmo