services:mgmt
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
services:mgmt [2018/09/29 14:32] – informatic | services:mgmt [2021/07/14 12:46] (current) – removed q3k | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | === Good practices === | ||
- | |||
- | * Zrób kopię zapasową zanim zaczniesz coś zmieniać. Jeśli widzisz gdzieś na boku kopie starsze niż 3 m-ce (mtime), a robisz nową, to starą kopię usuń. | ||
- | * Jeśli nie wiesz -> [[https:// | ||
- | |||
- | === Zarządzanie hasłami === | ||
- | Hasła do usług i urządzeń są przechowywane na serwerach w pliku / | ||
- | * antoszka [53283A1B] | ||
- | * q3k [110BC55B] | ||
- | * tomek [AFE0D697] | ||
- | * d3llf [FAB5B43D] | ||
- | * BOFH [49913261] | ||
- | i podpisany kluczem BOFH [59E36422]. | ||
- | Jeśli uważasz, | ||
- | |||
- | === ACL Wiki === | ||
- | Info: https:// | ||
- | Nasz plik z ACL to / | ||
- | |||
- | === Aliasy mailowe === | ||
- | / | ||
- | |||
- | === Dodawanie nowych członków === | ||
- | < | ||
- | ldap-admin | ||
- | add-user | ||
- | commit | ||
- | |||
- | # Set user password... | ||
- | sudo kadmin.local | ||
- | add_principal $USERNAME | ||
- | # ...interactive dialog | ||
- | exit | ||
- | </ | ||
- | |||
- | === Logowanie na boxeny via LDAP/ | ||
- | |||
- | < | ||
- | shelldap --server localhost --binddn uid=$(whoami), | ||
- | cd ou=Boxen | ||
- | create top device simpleSecurityObject | ||
- | cn: $HOSTNAME | ||
- | userPassword: | ||
- | |||
- | kadmin.local | ||
- | add_principal -randkey host/$FQDN | ||
- | ktadd -k / | ||
- | | ||
- | scp / | ||
- | |||
- | ssh root@$FQDN | ||
- | apt-get install sssd libpam-sss libnss-sss sssd-tools krb5-user | ||
- | wget https:// | ||
- | chmod 600 / | ||
- | echo " | ||
- | GSSAPICleanupCredentials yes | ||
- | GSSAPIStrictAcceptorCheck no" >> / | ||
- | </ | ||
services/mgmt.1538231565.txt.gz · Last modified: 2018/09/29 14:32 by informatic