Quote:
Thinking of it, you could very well have jobs running without anyone connected...How will you find out that? with ps?
You will have to go through all /var/spool/cron... etc...
I usually keep a userlist file I use to kill everything at 20:00 (so that I can do some cleanup and sanity check before backups, people having specific jobs or who need to works after have to see with me... (and I remove them temporarily from the list...).
Could you not use that approach for a start? (machines are to not work from 21:00 -9:00, so who/what are the exceptions...)
That's interesting. This is pretty much the goal we're planning to achieve :
We want to establish exclusion lists of hosts that cannot be concerned under any circumstance by the energy saving (I'm thinking of the simulation workstations running some fluid calculus, it sometimes takes days to complete) and other critcal workstations.
This will be the VIP list.
Then we'll add another exclusion list where the user himself has control on. Let's say that user1 has a workstation which is pretty standard and so tagged as an energy saving one. For some reason, a day a week he uses it to compute a large amount of data, in this case, he puts his hosts in the temporary list by himself to exclude it from the process just for this one time.
But all of that will come soon enough, first we need to know what we are dealing with.
The reason why I'm investigating the nightly thing is because nobody has any clue of what exactly is going on at night. I can't think of any other way to do it and it could be pretty bad if I miss something...
---------- Post updated at 07:39 PM ---------- Previous update was at 07:20 PM ----------
Quote:
Originally Posted by
Peasant
Information who is connected available in syslog.
Please look at the syslogd on your box, you can increase / decrease / separate various logging on your system, for your scripts and/or log managment software to parse it.
For doing what really depends.. it would be a better approach to think what do you don't want users to do to the system or information.
That's why you have user kernel limits, unix permissions and ACLs and secure protocols to communicate and authenticate with (ssh, ssl, kerberos)
Try to make folks think about what they want, who will do it and with what permissions.
root account can be fine-tuned and logged (command wise) per your desire using sudo
The syslog approach is a pretty good idea actually. I will look into it on monday for sure. Thanks for the tip.
Concerning the
doing what part, nobody but the sysadmin team has root access, some users have limited sudo rights (like ifconfig or some tools they're using). We really have a lot of different roles for workstations (thank God I'm only in charge of the workstation side) so I really don't know how I can monitor processes running with accuracy...