So, you've got a few (or more) Unix boxes (Linux, *BSD, whatever) running on your network that provide nontrivial services for your network, cutomers, or users. You and maybe
one other administrator are actually learned Unix idols. The rest? Well, let's just say Unix isn't their bag. They were raised on another OS and really don't have the desire to learn a real one (they're not dumb, they just don't do Unix). Let's call them AOSAs (Another OS Admins).
There will come a time (when you're not present) when an AOSA will need to reboot one of these boxes because it is not fucntioning properly (however unlikely). A reboot may fix the problem, but what went wrong? What was broken? Often, certain information helpful to understanding what "broke" and how to prevent it from happening again is lost during a reboot. If only the AOSA could have saved a few stats before rebooting...
Another adventure you'll get to experience is the O'dark 30 telephone call. Considering the AOSA has no Unix experience, you'll more than likely have to drive in to your office as you'd go crazy trying to walk an AOSA through CLI commands over the telephone. Wonderful!?!?
Never fear. There is a way to help yourself and the AOSA in both of these situations and many more just like them. Enter pdmenu
What is pdmenu?
"Pdmenu is a full screen menuing system for Unix.
It is designed to be easy to use, and is suitable as a login shell for inexperienced users, or it can just be ran at the command line as a handy menu." (Pdmenu's Homepage, http://www.kitenet.net/programs/pdmenu/)
"Pdmenu is the shit. It's the coolest little piece of heaven ever fit into a measly 181038 bytes." (kir, 3cx.org Log, http://3cx.org/)
Combine pdmenu with sudo
) and a few simple scripts, configure pdmenu as their login shell, and you've got a secure and simple way of giving your AOSAs "point-and-click" access to many of those scary, complicated Unix commands. Give your AOSAs access to certain log files. Allow them to view system stats, network stats, and see who's logged in. Let them restart key services and properly
reboot the system. All from the comfort a nice, fuzzy menu system.
I use a reboot script on all my servers. Its a simple little thing that asks the user if they're sure they wish to reboot and then does so if they are. Commands can be added to this script to help you troubleshoot "O'dark 30" reboots.
When a system does goes awry and gets the "reboot as fix action" treatment, you'll lose the chance to view system state info while it's broken (i.e. load average, mem utilization, etc.). If the server continues to act up and continues to get rebooted at night, add a few lines to your reboot script that will gather the information you would like to see. This should help you troubleshoot what the problem may be.
I also like to prompt the AOSA to explain why they are rebooting a system before allowing them to. This may not be very helpful, but at least you'll know why they thought rebooting your system was needed.
There are thousands of interesting, helpful, and not so helpful things you could allow a user to do via pdmenu. This is just an example of one. pdmenu is very simple to learn and compiles quite easily. Give it try.
I am aware of webmin. It's pretty and does a wonderful job, but in my situation, it's too powerful. If I gave my AOSAs complete access to just ONE
webmin module, something would get fried eventually.]