A week ago one of my old colleagues ask some help with an error he has on one of his servers, I was happy to oblige.
He had several servers all working exactly the same, same hardware, same OS and same configuration (apart from IP’s).
One of his server crashed and after the reboot one of his batch scripts stopped working specifically on this server.
The script tried to determind if a specific volume (for example: /mnt/volA) exist and have enougth free space,
This he did by invoking the “df” command and the “quota” command (Or their equivalent in the specific language).
What he found was:
While running: “df -k /mnt/volA” he got the correct line and response,
But on the other hand when he tried to run “quota -v |grep “/mnt/volA” the quota command didn’t return the volume.
This was particulary wierd because this volume was NFS volume with specified quota (set on the NFS server) – moreover the volume did apeer on the other servers when you looked for it when you’ve used “quota” Continue reading The Curious Case of Missing Quota Report on Volume
LDAP is a wonderful way to handle all your company employees users. I’ve been using it for a long time and just like the easy way to handle it and how users can be authenticated via the LDAP directory all threw our intranet sites (Ticket manager, Wiki, Tools and more).
A month ago I had a new project – simple and easy to create some directories for group of users and give some full permissions and some only read permissions.
Due to the nature of linux that was quite easy – Just create a new group (or several) to encapsulate the users and allow the permissions to the directories. For example:
1. Group: project-users – All the users who will need to access the data for this project will be added to this group.
2. User: project-admin – This is the user that can handle the directories (add, remove etc).
2. Group: project-admins – The only group that can access the project-admin users. I’ve added only selected users to this group. (The permissions to access the users is auto generated authorized_keys access)
Now let’s say that our directory is:
/opt/projects/project (User: project-admin, Group: project-users, Mode: rwxr-r—)
Now as you can see only the admin user can change the files but all the group can access.
Continue reading The Curious of the missing LDAP Groups Issue with new groups in LDAP