# $Id: 10commandments.txt 8959 2005-10-24 12:01:46Z joostvb $
# $URL: https://infix.uvt.nl/its-id/trunk/sources/uvt-unix-doc/10commandments.txt $

                10 Commandments for Unix Sysadmins

                      by Roland van Hout


This document lists best practices for Unix and GNU/Linux system
administrators.  It's written for sysadmins working for the National University
Rwanda.  However, it very likely is useful for other sysadmins too.


Thou shalt regularly install security fixes from your Operating System vendor.

Thou shalt not edit config files on live production server.
	Alway use a revision contol system (Subversion, e.g.) and install them
	from your workstation or use your workstation or a test server to test
	it first.

Thou shalt not create a Single Point of Failure (SPOF); neither a machine nor a
human.

Thou shalt not edit datafiles.
	Datafiles are generated and maintained by applicationmanagers;
	NOT by systemadministrators. Systemadministrators
	make the scripts to generate the data but do not change the data.

Thou shalt standardize your systems.

Thou shalt not ever communicate access-tokens and sensitive data through
unsecure channels.
	Use telephone, papermail, encrypted emails or encrypted files.

Thou shalt make procedures for everyday routine jobs.

Thou shallt make backups.

Thou shalt keep your systems clean.
	A systemadmin cleans the garbage he/she creates.

Thou shalt not change the same configs in more than 1 place.
	Changing identical configurations in 2 different places will create
	errors. Use computers to copy that stuff: they are better than
	humans in that field.

Thou shalt not change configs or systems without knowing what you are doing.
	First read docs, try to find out how things work and NOT EVER
	MAKE A CHANGE WITHOUT KNOWING THE CONSEQUENCES

Thou shalt make documentation and make it widely available.
	Your colleagues also want to know how you made things work.