> From: [email protected] [mailto:discuss-
> [email protected]] On Behalf Of Tom Perrine
>
> What subtle opportunity for massive destruction would you pass on as a
> warning to the next generation of system administrators?
>
> Don't limit yourself to bash/csh, feel free to explore databases,
> storage and network catastrophes!
This is a good one.
To deploy printer configuration on a bunch of machines, create a tarball
including these files:
etc/printcap
etc/cups/printers.conf
etc/cups/lpoptions
etc/cups/cupsd.conf
etc/alchemist/namespace/printconf/local.adl
Distribute the configuration to all machines like this:
pdsh -w `allhosts` 'cd / ; tar xpzf /shared/printers.tar.gz ;
service cupsd restart'
At a later time, there is a printer config update that needs to be rolled
out. So you extract the tarball...
mkdir /tmp/foo
cd /tmp/foo
tar xpzf /shared/printers.tar.gz
Edit the files necessary. Update the tarball
cd /tmp/foo
rm /shared/printers.tar.gz
tar cpzf /shared/printers.tar.gz .
And distribute the new config to all machines:
pdsh -w `allhosts` 'cd / ; tar xpzf /shared/printers.tar.gz ;
service cupsd restart'
Suddenly, all machines on the whole network crash, and they all become
unbootable.
Root cause: The old tarball didn't include the "etc" directory, so when it
was extracted by root in a directory that didn't already contain etc, it was
created, readable only by root. The new tarball recursively included the
"etc" directory with root read-only permissions. By extracting the new
tarball on all machines, the permissions of /etc were changed, readable only
by root. Hence all machines crash, and rebooting doesn't fix it. Each
machine must be manually logged into single-user mode, and chmod on /etc to
fix the problem.
AAAAAAUUUUUGGGGHHHH
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
