Tips and Tricks For Hardworking Admins

By Carla Schroder | Sep 27, 2005 | Print this Page
http://www.enterprisenetworkingplanet.com/netsysm/article.php/3551926/Tips-and-Tricks-For-Hardworking-Admins.htm

Today you get a hearty serving of some of my favorite tips and tricks, painstakingly accumulated and carefully squirreled away for a special occasion. Autumn is here, which is always special, so here they are.

Colorizing Remote BASH Prompt
When you get a bunch of remote SSH sessions going it's easy to lose track of where you really are, because all you see are boring old generic prompts. Sure, they show the hostnames, but it's still easy to get confused. Which can be a bit amusing when you issue a reboot command to the wrong computer, or send a cranky broadcast message to all users on the wrong system. An easy way to keep track is to colorize and customize the Bash prompt on your remote systems, so you can easily differentiate them from your local login. You can assign different colors and text for different machines and accounts. For example, you can make the prompt turn green and display the text "THIS IS AN SSH SESSION" by adding these lines to ~/.bashrc of your remote account:

if [ -n "$SSH_CLIENT" ]; then text=" THIS IS AN SSH SESSION"
fi
export PS1='[e[0;32m]u@h:w${text}$e[m] '

So when you log into to your remote machine, you see something like this displayed in green:

carla@windbag:~ THIS IS AN SSH SESSION$

This works by testing for the presence of the SSH_CLIENT environment variable; if it exists, the customized prompt is displayed. Only the prompt is colored, all other text remains its normal color. You can easily test the color and text instantly by running the export PS1='[e[0;32m]u@h:w${text}$e[m] ' command, then open a new terminal. The new terminal will show the new prompt.

You can easily modify this by changing the color code and the text. The color code in this example is 0;32. The backslashes are all escapes; to find out what everything means in this example visit the BASH Prompt Howto.

Running a Local Timeserver the Easy Way
Keeping your LAN hosts synchronized is very important, and easy. It's more important for them to be synchronized to each other than to have the correct time, but there's no reason you can't have both. The old-fashioned way is to select several individual public timeservers and enter them in /etc/ntp.conf. However, this approach has several problems. Timeservers tend to suffer considerable abuse from inconsiderate users, so they get taken offline. And your only redundancy is whatever active servers you have hunted down and entered in your configuration file. The old-fashioned way has long been deprecated in favor of using pool.ntp.org. This is a DNS round-robin that selects random servers from a large pool of participating servers. Simply make your /etc/ntp.conf look like this:

driftfile /etc/ntp.drift
logfile /var/log/ntp.log

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org

Then use this machine as your local timeserver, and point your other LAN hosts to it:

driftfile /etc/ntp.drift
logfile /var/log/ntp.log

#use hostname or IP for your local timeserver
server localtimeserver.carla.com
server 127.127.1.0
fudge 127.127.1.0 stratum 10

The "fudge" factor means the ntp daemon will continue to calculate the time on the PC even when it is disconnected from the timeserver, based on past performance.

You might consider letting your server join pool.ntp.org. It won't get clobbered with a lot of traffic, and you'll make a useful contribution. See www.pool.ntp.org/join for details.

Rotating Message of the Day
When users log in they first see the contents of /etc/issue displayed with the login prompt:

 _     _ _                          _
| |   (_) |__  _ __ __ _ _ __   ___| |_
| |   | | '_ | '__/ _` | '_  / _  __|
| |___| | |_) | | | (_| | | | |  __/ |_
|_____|_|_.__/|_|  __,_|_| |_|___|__|

Libranet GNU/Linux 3.0 i686 windbag ttys1
windbag login:
Then after logging in they see the Message of the Day as specified in /etc/motd:

Linux windbag 2.6.11-ln.std #1 Sun Apr 10 18:27:05 PDT 2005 i686 GNU/Linux

Libranet GNU/Linux

That's pretty dull. You can jazz it up by editing /etc/motd. Some admins like to do elaborate ASCII art (see the Figlet program to create these), some display helpful messages with information about new servers, policies, downtimes, and such. To push out new /etc/motd messages to multiple hosts use cfengine.

Another way to deliver new MOTDs is to use the fortune program. Fortune has been around forever, and a bit of searching will find all sorts of different fortune databases, like BOFH excuses, fortune cookies, Top 100 things you don't want the sysadmin to say, Quotes from Murphy's laws, riddles, offensive fortunes, and literary quotations. Here is an example Debian installation and setup:

# apt-get install fortunes fortune-mod fortunes-bofh-excuses

Then start having fun. To see a list of all your installed fortune databases:

# /usr/games/fortune -f
100.00% /usr/share/games/fortunes
3.01% art
1.32% law
0.07% ascii-art
1.30% food
0.98% kids
0.98% love
2.19% linux
6.74% computers
1.49% startrek
2.75% wisdom
2.97% bofh-excuses
...

Let's try a couple of these:

$ /usr/games/fortune linux
Let's call it an accidental feature.
--Larry Wall

$ /usr/games/fortune startrek
"Can you imagine how life could be improved if we could do away with jealousy, greed, hate ..."

"It can also be improved by eliminating love, tenderness, sentiment -- the other side of the coin"
-- Dr. Roger Corby and Kirk, "What are Little Girls Made Of?", stardate 2712.4

To see a new, randomly-selected fortune every time you login or open a new shell, simply make an entry in ~/.bashrc, or in /etc/bash.bashrc to run it system wide, like this:

#run a new fortune randomly
/usr/games/fortune

You can easily create a custom fortune database. Create a plain text file with each fortune separated by a percent sign, like this homegrown admin-policies file:

Remember, today is the annual change-your-login password day! Make it eight to twelve characters long. Do not use dictionary words, names of animals or people, company or product name. Use a mix of letters, numbers, and punctuation marks. Write it down and keep it in a safe place! You know, like hidden!
-- Thank you, your faithful sysadmin deity

%
Today is Sysadmin Appreciation Day. Please deliver offerings of cookies, cake, and good strong coffee to my office.
-- Thank you, your faithful sysadmin deity

%
Remember to shut your workstations down at the end of the day! Don't be a watt-waster!
-- Thank you, your faithful sysadmin deity

Store this file in /usr/share/games/fortunes, and make it world-readable. Fortune does not read the file, but its associated .dat file. Create it with the strfile command:

# strfile admin-policies admin-policies.dat
"admin-policies.dat" created
There were 201 strings
Longest string: 1690 bytes
Shortest string: 43 bytes

To display fortunes from this file, simply run /usr/games/fortune admin-policies.

You may edit any existing fortune database, just remember to run the strfile command every time you make a change.

Come back next week for more excellent Tips and Tricks For Hardworking Admins.

Resources