User:iwm21: Difference between revisions
| Line 74: | Line 74: | ||
===New user=== | ===New user=== | ||
===Visitor's machine=== | ===Visitor's machine=== | ||
===DNS resolution check=== | |||
Machines that do not resolve: | |||
What is to be done for /etc/resolv.conf on the following machines? | |||
sandy:cd /usr/groups/linux/ownfiles | |||
sandy:/usr/groups/linux/ownfiles: grep -l 128.232.13 $(cd CKSUM; find * -type f -mtime -300 | sed \ | |||
's=$=/etc/resolv.conf=') 2>/dev/null | sed 's=/.*==' | |||
bretzel.xen | |||
condor68-negotiator-0 | |||
linux-serv0 | |||
linux-serv1 | |||
mta0 | |||
mta3 | |||
ssh-remote-0 | |||
svr-acjf3-armie | |||
svr-acr31-acsmobile | |||
svr-acr31-ormchem | |||
svr-acr31-trac | |||
svr-hotcrp | |||
svr-qs101-pico | |||
sxp01.xen | |||
sxp03.xen | |||
sxp05.xen | |||
sxp06.xen | |||
sxp08.xen | |||
sxp09.xen | |||
sxp18.xen | |||
sxp23.xen | |||
www-ecad | |||
Revision as of 14:33, 5 June 2015
System resources access diagram
<UnderConstruction>
Proposed changes/additions to the CL wiki:
DHCP failure
Subject: Re: [rt.cl.cam.ac.uk #95369] [Comment] DHCP failing (Re: DHCP request now processed)
>
> Most of our VLANs do not use dynamic DHCP addresses so in most cases you
> need to add an address to the DNS when a new machine is added to the VLAN.
Piete Brooks:
When you add the DHCP registration on the VLAN to the host, it says whether it is static or dynamic (there is a pull down menu which allows you to select if both are available)
In the last comment I responded with the fact that Vince and I responded with "... but we cannot change that from static"
Server types
There are three main classes of machines: 1) user Workstations 2) group servers 3) departmental servers (including the MPhil pool)
A fairly simple rule covers all three: If an extra package is wanted, ask the person who owns /etc/user-config/bundles to add the package.
In the case of (1), there's normally only one user, so they do it themselves.
In the case of (2), there is normally an 'assigned manager' so that there aren't too many people fiddling with things at the same time, and one person can keep a general overall biew of what's going on.
In the case of (3), it's "any member of the CO / HelpDesk team". A fairly strong case is needed to do it. It should be done to all machines in that class (e.g. all slog servers, or all MPhil machines).
This ia case (2), so
nile:~: ls -l /etc/user-config/bundles -rw-rw-r--+ 1 awm22 sysadmin 3996 Nov 15 2014 /etc/user-config/bundles nile:~:
redirect the user to awm22.
Hmm -- the '+' means that theer is an ACL, so use getfacl:
nile:~: getfacl /etc/user-config/bundles getfacl: Removing leading '/' from absolute path names
- file: etc/user-config/bundles
- owner: awm22
- group: sysadmin
user::rw- user:tm444:rw- group::rw- group:srg-tsars:rw- mask::rw- other::r--
nile:~:
KERBEROS access renewal
When you log into a server (e.g. the remote server) in the Computer Laboratory, your home-directory is automatically 'mounted'.
iwm21@svr-ssh-1:/$ cl-krenew --status no processes found refreshing or distributing keys
Workflow checklist for RT tickets
Visitor
New user
Visitor's machine
DNS resolution check
Machines that do not resolve:
What is to be done for /etc/resolv.conf on the following machines? sandy:cd /usr/groups/linux/ownfiles sandy:/usr/groups/linux/ownfiles: grep -l 128.232.13 $(cd CKSUM; find * -type f -mtime -300 | sed \ 's=$=/etc/resolv.conf=') 2>/dev/null | sed 's=/.*==' bretzel.xen condor68-negotiator-0 linux-serv0 linux-serv1 mta0 mta3 ssh-remote-0 svr-acjf3-armie svr-acr31-acsmobile svr-acr31-ormchem svr-acr31-trac svr-hotcrp svr-qs101-pico sxp01.xen sxp03.xen sxp05.xen sxp06.xen sxp08.xen sxp09.xen sxp18.xen sxp23.xen www-ecad
