Re: finding changes made to configurations
On 2011-03-03 22:30:24 Thu, Tapas Mishra wrote: > One way I understand is do an ls on / and store the result in a file and > then after the changes have been done where some files are delete again do > an ls on / (root) and compare the results to what files are added or > deleted. This sounds a lot like AIDE. debuntu.org has a tutorial on how to get that rolling in Ubuntu: http://www.debuntu.org/intrusion-detection-with-aide Hope that helps, Paul -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Bulk updating dozens of (not identical) servers
I agree with the others on the boon of config management systems. I use puppet to manage the configuration of around 30 Linux servers. For once-off commands (checking the version of all running kernels, etc), I use the Fedora Unified Network Controller (func). It's written in Python, so if that's your forte, a few moments with python-apt to write a new func module may be all you need. I'm going to get around to it some day, but maybe someone already has? Thanks, Paul On 2011-01-27 23:35:30 Thu, Carlos A. Carnero Delgado wrote: > Hi there, > > the number of servers we have in my organization -- both physical and > virtual -- is slowly increasing at a steady pace, and the trend will > continue for the foreseeable future. It has come to the point that > apt-get upgrading && updating each one individually, and manually, is > really time consuming and prone to errors. We're looking into stuff > like Puppet and Cfengine, and it seems that either will do fine, but > we have this "feeling" or notion that they're a little bit heavyweight > for our needs. Not to mention the learning curve. > > So, in the context of *only* dealing with installed packages updates > in an automated way[1] and having 8.04 and 10.04 LTS releases in > service, do you guys recommend anything? Did you write custom code? > Has anyone seen Fabric in the context of systems administration? > > [1] Please note that automated here really means "bulk updating" started >from a command (or thingie) given by an administrator. It should not >be interpreted as autonomously contacting repos. > > Thanks in advance, > Carlos. > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > More info: https://wiki.ubuntu.com/ServerTeam -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Best way to work with files with groups of people
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/02/2010 07:15 AM, Andy Graybeal wrote: > The problem I'm running into is when a user takes work home with them or > creates files from home, comes into work the next day and puts it onto > the server from a flash drive. > ... > This file inherited the 'group ownership' so that's good, but it doesn't > inherit the permissions. > > How do I make this so that when someone copies a file from their jump > drive into their folder, it inherits the permissions from the folder > (well everything but execute obviously)? > Are you sure you're copying the file from the thumb drive, and not moving? mv attempts to preserve the original ACL, if possible. Also, `cp - -P` will attempt to preserve the ACL. That's all I could come up with that might be hindering you. My next step would be to check for evil gnomes, but that may be regional. HTH, Paul -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkyqAQYACgkQGSnk2uvWQRex4QCgglBnlwMQDfOcgEf1cUx59tob CusAnAhMpMBSW6jgMc0i04j0VALlRwNt =fXGA -END PGP SIGNATURE- -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
Re: Disabling plymouth framebuffer on servers (virtual and physical)?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/12/2010 09:49 AM, Andreas Ntaflos wrote: > Unfortunately "nomodeset" doesn't change anything it seems. I added it > to the GRUB defaults, updated GRUB and rebooted. The flag "nomodeset" > shows up in /proc/cmdline but everything goes exactly as illustrated in > the screencast, i.e. horribly slow :( > > Is there anything else I can try? > Blacklisting the vga16fb module fixed the slowness for my 10.04 LTS VMs in VirtualBox: #/etc/modprobe.d/blacklist blacklist vga16fb # end of that mess I found this as a quick fix on a blog a while back, but if there are better ideas I'd be willing to try them! Thanks, Paul -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvxkUAACgkQGSnk2uvWQRfgOgCeOfKVTjFmYmCVdaP9ecd0Guey 44YAn0HSk1GPAHRbeBob61kBmCcC0zCl =Yi4D -END PGP SIGNATURE- -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam