Automating Unix and Linux Administration
A couple of months ago I promised a review of the book Automating Unix and Linux Administration
I`m lucky I took notes while reading it because otherwise this review would never have been written.
Kirk Bauer does a good job in higlighting important parts of modern
system administration. He gives a good overview of the tools you
should use such as Nagios and CFengine but on some occasions my
opinion differs with his.
Allowing Remote root is one of those things, for me there is no
reason whatsoever why someone must be able to login as root remotely
, I want them to ssh into a box as a normal user , then su to root.
The main reason for this is that passwords tend to be exchanged by
people and getting to know a root password isn't always that
difficult (remember the human being the weakest factor in security),
so even if someone knows the root password of a machine, as long as
he doesn't have another valid account that password isn't worth
anything.
There were some moments where I was puzzled, somewhere in the book
he described on how scripts that had an "add" function also needed a
"remove" function. I always assume you generate configs or file, put
them in CVS( Feel free to replace CVS with your favourite version
control system.), distribute the files and when you have to rollback
you have the older versions in CVS.
Some other things I didn't like were some of his "Software
Distribution" methods, as in use rsync for sharing data and code ??
No way, code should be packaged in to rpm or deb files (pick your
favourite) and packages should be updated or installed. We don't
want any orphaned files on our systems do we ?
But apart from those disagreements the book was really interresting
to read and it actually taught me some new things. Thumbs up !