Tuesday, February 15, 2011

Yeah... That pretty well describes it...

Came across this little post from an IT blogger: Nine traits of the veteran Unix admin

Now, I've been paid to administer UNIX systems for nearly 20 years (my wife says that it makes me seem old when I say "almost 20" years, instead of the 17 years it actually is. Irritates the heck out of her).

Though it isn't my primary work function anymore, I still admin a couple boxes at home, and a couple out there in the cloud.

My primary work function now is to architect large scale, high performance, business critical systems (along with applications, processes, and procedures); that other people admin. As part of that, I need to make them easy to admin, easy to fix when they break, easy to develop on etc... and to do that, I need to have been a good admin, and know how good admins work.

I'd also wager a fair portion of my readership are either UNIX admins (full or part time), or were at some point in their careers.

So... I think the list might sound somewhat familiar.

Veteran Unix admin trait:
  • No. 1: We don't use sudo
  • No. 2: We use vi, not emacs, and definitely not pico or nano
  • No. 3: We wield regular expressions like weapons
  • No. 4: We're inherently lazy
  • No. 5: We prefer elegant solutions
  • No. 6: We generally assume the problem is with whomever is asking the question
  • No. 7: We have more in common with medical examiners than doctors
  • No. 8: We know more about Windows than we'll ever let on
  • No. 9: Rebooting is almost never an option

I'll just put my comments in numeric order here, but you should definitely read the full answers in the guys post:
1. Oh lord yes I LOATHE sudo... I mean yes, it can be a useful tool when you have no other choice; but it's a major security risk (I'd rather have a properly audited system with a good su policy, than a system with sudo), and it encourages bad admin practices.   
Go read "SUDO, considered harmful", if you don't know what I mean. 
Unfortunately, people who "grew up" with Linux love using it, and even make things dependent on it. 
2. I use VI for all my general admin editing; though I actually will use nano for a lot of things, because a non modal screen oriented editor is also useful. I use VI because it's a lot easier to make quick line edits with it, and do big regex edits with it, than with other editors. It's also on every system, and is the best editor to use "with great force" so to speak. 
3. See answer above... and below for that matter. If you can't work with complex regular expressions, you can't work with unix administration, development, or security.  
4. I always say a good admin, is a lazy admin. In fact it's part of my hiring test for admins.
The ideal combination is someone who is deeply and profoundly lazy, clever, obsessively detail oriented, obsessively critical of everything including themselves, and has an absolute drive to get the right answer no mater what it takes.  
Note: That is not a recipe for a nice guy to hang out with on a Saturday night. 
5. See above, again. 
6. Hmmm... well, as an admin, and as tech support, that is often the first assumption; and it should be. In a system with a solid stable baseline, you assume that whatever changed or broke, is the cause of the problem. But as an architect, I'm also thinking about total systemic interactions and issues. Sometimes, it really is zebras.  
7. In some ways it's true, in some ways it's not... Hell, we often call our post incident analyses "post mortems". In security especially, this is can be very true.
But.. I don't like the doctor metaphor.  
I personally believe in the concept of building very strong foundations, and strong walls on top of them; then recording EVERYTHING that comes through them or happens inside them, rather than trying to shoot down mosquitos with machine guns.  
When you start with as solid a foundation as humanly possible, and you know everything that happens, you can always roll back to known good, and then fix the holes you missed, highlighted by your tracking data. 
Plus, you know, the lazy thing, and the elegant thing... 
8. Oh boy yes... Having been stuck as the guy who had to fix the exchange box, or the primary domain controller, because I was the only one they could find at 3am on a Sunday who knew how...  
I need to know windows as well as UNIX for my job, but I'm never telling someone I know exchange admin ever again. 
9. Most of the boxes I've ever admined are remote, in a rack in some datacenter somewhere; dozens, hundreds, or thousands of miles away...  
Never mind being business critical, theres just a damn good chance the thing isn't going to come back up, or it will come back up just enough that it screws things up even worse, while making sure you can't get back into it. 
So... how well does the list describe you?