General Administration

From Tardis
Revision as of 23:09, 7 January 2006 by Seth (talk)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Adding a new user account

From the admin machine... (currently baker)

foo@baker:~$ sudo tardis-adduser

The tardis-adduser script lives in cvs and is installed on baker at /usr/bin/tardis-adduser. The script prompts you to enter the details straight off the application form, please note that usernames should be no greater than 8 characters.

With the account added, sysmans will be informed, and the user will be emailed their username and password and a link to a webpage on how to login.

Users also need to be added to the allusers@tardis mailing list. On the mailing list machine (currently mccoy):

foo@mccoy:~$ sudo vi /var/lib/ecartis/lists/allusers/users

and append

<username>@tardis.ed.ac.uk : |ECHOPOST|

Removing a user

Beware: We have not removed many accounts before, so take care and pay attention to what the script is doing. If you are at all uncertain ask someone else to do it.

On baker, use the tardis-removeuser script, as root.

Providing a user with web space

This currently needs to be done manually:

foo@baker:~$ sudo mkdir /var/autofs/www/users/<username>
foo@baker:~$ sudo mkdir /var/autofs/www/users/<username>/pages
foo@baker:~$ sudo mkdir /var/autofs/www/users/<username>/cgi-bin
foo@baker:~$ sudo mkdir /var/autofs/www/users/<username>/stats
foo@baker:~$ sudo chown -R `getent passwd <username> | cut -d: -f 3-4` /var/autofs/www/users/<username>/cgi-bin
foo@baker:~$ sudo chown -R  <username>:www-data /var/autofs/www/users/<username>/pages
foo@baker:~$ sudo chown -R  root:root /var/autofs/www/users/<username>/stats
foo@baker:~$ sudo chmod 755 /var/autofs/www/users/<username>/*

Changing a user password

On any machine with a proper LDAP setup (currently only mccoy) use passwd normally.

Reading the support inbox

   foo@mccoy:~$ sudo su - support
   support@mccoy:~$ mutt

You can also use pine instead of mutt if you prefer.

Once you have dealt with a piece of support mail, please move it to a folder with the user's name so that others don't repeat your efforts, but can still find the messages later. Similarly, put any mail you send in a folder with the recipient's user name. If the person you are dealing with is not a Tardis user, use a folder named after their email address.

Mailing list adminstration

http://www.tardis.ed.ac.uk/admin/mail/ecartis.html

Adding or removing an administrator

The appropriate edits need to be made to /etc/sudoers and /root/adminschange.ldif and then updated with ./root/modifyadmins.sh on mccoy. Edits may also need made to /etc/aliases and updated with newaliases, also on mccoy, to add the user to sysmans.

Adding a new group to LDAP

First of all, you need a gidNumber, try and keep it in the range as the rest of them, and don't use one already in use. Then edit /root/addgroup.ldif on mccoy as appropriate, and update with

ldapadd -x -D cn=admin,dc=tardis,dc=ed,dc=ac,dc=uk -W -f addgroup.ldif

Adding a group account

You need to start with by adding a new user account and web directory as above. Then to remove the password, edit /root/removepw.ldif on mccoy as appropriate and update with

ldapmodify -x -D cn=admin,dc=tardis,dc=ed,dc=ac,dc=uk -W -f removepw.ldif

and then you are ready to add the group as above, and allow the users to su by editing /etc/sudoers appropriately using visudo. Advise your group account users to then use "sudo -u <groupaccountname> -s -H" to use the account.

Adding a virtualhost to apache

If all you want is (www.)society.tardis.ed.ac.uk, simply add the following lines to /etc/bind/db.tardis on leela (of course, using rcs):

society		IN CNAME	davros
www.society	IN CNAME	davros

For more advanced solutions, please contact bung.