1825766
Members
2437
Online
109687
Solutions
SOLVED
My worst two:
Installing a server in a major call centre of a US bank...
I built the OS as required by our apps team in the US, and following our build standards put the system into trusted mode.
They installed the app, and realised they'd forgotten to ask me to put the system into NIS (system could be used by any of the call centre reps in over 40 call centers - a total of 15,000 NIS based accounts!) It's the middle of the night in the UK, so the apps team get a US admin to set up the system as a NIS client. (yes it shouldn't work when the box is trusted, but it does!)
Next day, the apps team is complaining about some stuff not working - can I take the system out of trusted mode so we can discount that? Sure course I can - I run tsconvert and wait.... and wait.... and wait.... hmmm - this usually takes about 30 seconds - what gives?
Try to open another window to check whats happening - can't log in as root, the password that worked two minutes ago no longer works!
Next root file system full messages start to scroll up the screen!
It turns out that tsconvert is busy taking ALL the NIS accounts and putting them in the /etc/passwd file (yes all 15,000 of them) and guess what? There's a root account in NIS!
All I can say is thank god for good backups!
The other one was a typical junior admin mistake which comes from not understanding shell file name generation fully:
A user can't log in, I go take a look at his home directory and note the permissions on his .profile are incorrect. I also note that the other '.' files are incorrect, so I do this:
cd /home/user
chmod 400 .*
I call the user and tell him to try again - he says he still can't log in! Huh?
So I go back and carry on looking for the problem, but before I know it the phone is ringing off the hook! No-one can log in now!
And then it dawns on me
I type the following:
cd /home/user
echo .*
and that returns (of course)
. .. .cshrc .exrc .login .profile .sh_history
Oops I didn't just change the permissions on the users '.' files - I also changed the permissions on the users directory, and (crucially!) the users parent directory /home!
These days I always use echo to check my file name pattern matching logic when doing this kind of thing...
We live and learn
Duncan
I am an HPE Employee
Installing a server in a major call centre of a US bank...
I built the OS as required by our apps team in the US, and following our build standards put the system into trusted mode.
They installed the app, and realised they'd forgotten to ask me to put the system into NIS (system could be used by any of the call centre reps in over 40 call centers - a total of 15,000 NIS based accounts!) It's the middle of the night in the UK, so the apps team get a US admin to set up the system as a NIS client. (yes it shouldn't work when the box is trusted, but it does!)
Next day, the apps team is complaining about some stuff not working - can I take the system out of trusted mode so we can discount that? Sure course I can - I run tsconvert and wait.... and wait.... and wait.... hmmm - this usually takes about 30 seconds - what gives?
Try to open another window to check whats happening - can't log in as root, the password that worked two minutes ago no longer works!
Next root file system full messages start to scroll up the screen!
It turns out that tsconvert is busy taking ALL the NIS accounts and putting them in the /etc/passwd file (yes all 15,000 of them) and guess what? There's a root account in NIS!
All I can say is thank god for good backups!
The other one was a typical junior admin mistake which comes from not understanding shell file name generation fully:
A user can't log in, I go take a look at his home directory and note the permissions on his .profile are incorrect. I also note that the other '.' files are incorrect, so I do this:
cd /home/user
chmod 400 .*
I call the user and tell him to try again - he says he still can't log in! Huh?
So I go back and carry on looking for the problem, but before I know it the phone is ringing off the hook! No-one can log in now!
And then it dawns on me
I type the following:
cd /home/user
echo .*
and that returns (of course)
. .. .cshrc .exrc .login .profile .sh_history
Oops I didn't just change the permissions on the users '.' files - I also changed the permissions on the users directory, and (crucially!) the users parent directory /home!
These days I always use echo to check my file name pattern matching logic when doing this kind of thing...
We live and learn
Duncan
I am an HPE Employee
