Sysadmins - What's in Your MOTD?

permaculture asks: "This is a 'knowledge management' issue, on a University network. For many years we've had a network 'Message of the Day' that appears when any network user logs in. MOTD lists planned service outages for maintenance, progress on current issues, upcoming holidays, and other items that affect network users. Recently, this has been replaced by a page that announces general University business such as Open weeks, upcoming awards etc. There's a link on the page to the network MOTD that used to greet every user immediately after login. Does your network have a 'Message of the Day' that appears at login? Is it a Corporate business page, entirely related to network services, or something else entirely?"

Funny you should ask.

[grub]

I was just thinking of upgrading mine. It currently reads:

[grub@shrubbery grub]$ cat /etc/motd

"Ask Slashdot" has reached a new low!

[grub@shrubbery grub]$

Re:Funny you should ask.

[duplicate-nickname]

/me is confused

C:\>cat /etc/motd
'cat' is not recognized as an internal or external command,
operable program or batch file.
 
C:\>

Re:Funny you should ask.

[Richard+Steiner]

Wow... I get a completely different response:

>cat /etc/motd
DATA IGNORED - IN CONTROL MODE

Re:Funny you should ask.

[scragz]

Slighty modified for lameness circumvention. (Lameness circumvention for proper posts is considered fair use and is allowed under the LMCA).

$ cat /etc/motd

~~~~~~~~~~~~~ UNAUTHORIZED USERS WILL BE KILLED AND EATEN ~~~~~~~~~~~~~~

Unauthorized access prohibited; all access and activities not explicitly
authorized by [ i ] motion design are unauthorized. All activities are
monitored and logged. There is no privacy on this system. Unauthorized
access and activities or any criminal activity will be reported to
appropriate authorities.

Re:Funny you should ask.

[dshaw858]

The system that I use simply gave me a wonderful little notice saying that unauthorized users are, well, unauthorized, and that they reserve the right to monitor activities.

A special significance of this might be that it's from a university system, like the one in question by the... er, Asker. It's a research ssh account from a University of California system. So, there's at least one response from another university :)

- dshaw

Re:Funny you should ask.

[LordNightwalker]

FOAD

Heh, nice one, but I think I trump you... At my job I was asked, together with my colleague, to set new root passwords on all our boxes a while ago. We decided to come up with some pretty tough ones to crack, but just for fucks sake leave the password hints in plain sight.

Enter the MOTD... Right now, anyone logging in at one of our servers is greeted with a tongue-in-cheek taunt to try and figure out the root password. The taunt sentence is the basis from which the password is derived. But the process of deriving the password from the taunt sentence alone is pretty hard... For example, "computer" may be represented in the password string as [1+1] (to denote a box that does computations) or 1+1=>[]=>2 to denote a box that accepts computational jobs and outputs results. Or it can just be represented as "c". ;)

The only problem with this scheme: even though I was the one coming up with the taunts and the corresponding passwords, I sometimes have to ring up my colleague when I try to get root on one of the boxes where I rarely use the root account. I made the passwords so hard to derive that the password hint kind of loses its purpose...

Message of the *day*

[PayPaI]

[ben@bees ~]$ ls -l /etc/motd
-rw-r--r-- 1 root root 138 Jul 28 2000 /etc/motd

Wow.

This is definitely a topic that merits serious discussion.
I use fortune.

From Mail/Calendaring server

[apenzott]

Events on calendar are closer than they appear.

We have a new MOTD

[Bromskloss]

It's a bit scary, but just this day our MOTD got changed to "We are the Borg. Resistance is futile.". :-/

Re:We have a new MOTD

[r3jjs]

We are the electrons.

Resistance is voltage / current.

A quote

[daveewart]

Our network announcements and other notices are elsewhere, so I put a Quote Of The Day in our MOTD.

Message of the eon

[ZiZ]

DoublePlusBSD 0.0.0 (BIGBROTHER) #1: Wed Feb 29 04:20:00 GMT 1984

      not entirely working in your best interests
                            -- since 1984 --

Access to and use of this server is restricted to those
activities expressly permitted by the system administion
staff.  If you're not sure if it's allowed, DON'T DO IT.

why bother, people don't read

[Gothmolly]

And if they do read, they don't care. If you tell them that Friday at 3pm, the a server is going down, they'll ignore it, and call you at 3:01 screaming that they are kicked off.

People don't care about your silly technical problems, they've learned that screaming loudly works, as it does. They don't care that you had to reboot the mail server because Exchange died again, goddammit, they have important email to send, what are you, incompetent?

And, your boss will kiss their ass and make excuses for your failures, and discuss grand schemes to Make Sure It Doesn't Happen Again.

Yes, I work at $LARGE_US_BANK, and this sort of thing does happen. Technologists are only ever the reason that people can't get work done, we're never seen as enablers.

Why do you think the BastardOperatorFromHell is such a powerful meme?

Notice

[eht]

Notice

This is a Department of Defense computer system.
This computer system, including all related equipment, networks, and network devices (specifically Internet access), are provided only for authorized U.S. government use.

DoD Computer systems may be monitored for all lawful purposes, including to ensure that their use is authorized, for management of the system, to facilitate protection against unauthorized access, and to verify security procedures, servivability, and operational security. Monitoring includes active attacks by authorized DoD entities to test or verify the security of this system. During monitoring, information may be examined, recorded, copied, and used for authorized purposes. All information, including personal information, placed on or sent over this system may be monitored. There is no expectation of privacy in any information transmitted in or through this system.

Use of this DoD computer system, authorized or unauthorized, constitutes consent to monitoring of this system. Unauthorized use may be subject to criminal prosecution. Evidence collected during monitoring may be used for administrative, criminal, or other adverse action. Use of this system constitutes consent to monitoring for these purposes.

Re:Notice

[Tsunayoshi]

Dude, I am reporting your Slashdot ID to DISA since you obviously hacked my server and stole my MOTD.

<disclaimer>I am a DOD sysadmin</disclaimer>

Re:Notice

[Kesch]

Heh, I have something similar on this comp:

(There is a line of stars here, but the Lameness Filter won't accept it)
                                                    NOTICE TO USERS

This is a Federal computer system and is the property of the United
States Government. It is for authorized use only. Users (authorized or
unauthorized) have no explicit or implicit expectation of privacy.

Any or all uses of this system and all files on this system may be
intercepted, monitored, recorded, copied, audited, inspected, and disclosed
to authorized site, Department of Energy, and law enforcement personnel,
as well as authorized officials of other agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring,
recording, copying, auditing, inspection, and disclosure at the discretion of
authorized site or Department of Energy personnel.

Unauthorized or improper use of this system may result in administrative
disciplinary action and civil and criminal penalties. By continuing to use
this system you indicate your awareness of and consent to these terms and
conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions
stated in this warning.

(There is also a line of *'s here.)

Sarbox Bites

[Goyuix]

Many of us can't screw with the MOTD because of the Sarbanes-Oxley Act, and are stuck with some legal notice that is it is a private system, you need access, blah blah...

I do plan to watch this thread, hoping for some gems to pop-out though for my private systems :)

Re:Sarbox Bites

[Fallen+Kell]

You do know that is what the /etc/issue and /etc/issue.net files are for don't you? You can even have them referenced in ssh connections as well if you modify your pam config files.

Re:Sarbox Bites

[grudgelord]

I've seen SOX blamed for some amazing things (in my last CEO's quarterly analyst call, he blamed SOX for poor profit despite strong revenue) -- but never yet restrictions on what to put in the MOTD!!!!

This is poo.

Most likely this particular complaint stems from the costs associated of external auditors in the auditor independance clause, redesign in compliance with the PCAOB internal controls proceedures, and overall cost of implementation under 404. However, if all this is done correctly, after initial compliance cost, the only significant cost should be the recurring cost of an external auditing team, which should be a drop in the bucket when weighed against a publicly traded company's revenue and can be justified as nothing more than an operations cost. Now this is dejour versus defacto of couse. In a perfect world...

No, it's not cheap, but to blame a poor revenue to profit margin on SOX is a load. Besides, if the CEOs weren't lying, cheating, and stealing to begin with then they'd never have gotten SarbOxed in the head to begin with. They made their bed...

Back to the topic, SOX shouldn't have any direct effect on the ability to update a MOTD but various security restrictions can make it difficult for some "Administrators" to do their job due to limited rights and its possible that the MOTD (and more vital functions) to one of these. This of couse indicates piss-poor design in need of reevaluation, which of course spells additional cost of reimplementation. Thus your CEOs whining.

But that's just my take in it. Far be it from me to actually understand anything that emerges from the minds of executive management.

Our motd is user editable

[chiapet]

It's a lively file. We get tons of flames and trolls. Randomly, we get a genuine question and, more often than not, the question gets answered. Most of the users try to play nice and not overwrite each other. I'm not sure what the record is, but we got our motd to get over 1000+ lines. It gives me a warm fuzzy to see all that scrolling text.

I hate stupid users.

[__aaxwdb6741]

Rule #1: Do not speak about dienub
Rule #2: Do not speak about dienub
Rule #3: Whatever it was in that cool movie
Rule #4: If I dislike your behaviour on this server, I will purge your
                account, and publish your entire home directory in a public IRC
                channel.
                This includes, nonexclusively, sending global messages, using retarded
                exploits (Both against this and other servers), ban evasion, etc.

Too many faulty login attempts will get you banned by DenyHosts. Generate a
fucking keypair and use it for authentication. Passwords are insecure.

Sincerely,
Your friendly BOFH.

inappropriate motds

Boss's work Credit Card info -- Doubles as an IDS
Company gossip
Ascii porn
random line from salaries.xls
latest /. headline
grep $bossip /var/log/squid/access.log | tail -n 5

Re:Mine is ...

[plover]

One day one of the guys left his terminal logged in as root. I edited it from a call to fortune to instead be:

echo He who forgets the past is doomed to repeat it.

Of course, once he found out who did it, he changed my the folder on my user account from /usr/~john to /dev/floppy until I went begging his forgiveness. I didn't do it again.

Re:Mine is ...

[dknj]

at my last job, i allowed consultants to fuck with each other if they left their machines open for abuse (i.e. leave a root window open or an administrator account unlocked on their computer). one consultant set his root password to abc123, another consultant found out and started abusing his machine. the hacked consultant came crying to me for justice and i threatened to fire him if he didn't find and fix his security flaws. since then he has become a bit more security-minded.

MOTD

[Ryan+Amos]

All your bash are belong to us.

Moore's Law "Disk is 99% full - CleanUp" motd gone

[billstewart]

Sorry for the clunky title, but that's what I could fit in a Subject Line box.

Historically there were two common contents for motd - fortune, and a note from the administrator saying that the file system was almost full so please clean up your files, and this applied to just about any multi-user server with just about any operating system. Moore's Law has changed this for most systems I've dealt with - disk capacities have been growing rapidly and prices dropping rapidly, and disk drives really are no longer running 99% full except for individuals' PCs that are full of MP3s or videos. Sometimes you'll see messages like that from MS Exchange Mail Server operators who are running shared mailbox servers on expensive fast disks, but otherwise the disk capacity most places finally outpaces user demand.

Unfortunately, bureaucrats acting as amateur lawyers have typically replaced that message with some badly written threatening legalese drivel that has no clue about what the laws actually say; they'd be just as well off with a message that said "The Wizard says: Go away and come back tomorrow!"

who are the diskhogs

[Aaton]

If you don't already have quotas you might run into some users eating more then there fair share of disk space. Run something like this nightly from cron job and place the output in /etc/motd. Your biggest diskhogs will be known to everyone that logs in.

#!/bin/bash
# Usage: diskhog [dir] [count]
# If nothing given defaults to /home and 10

HOMES=${1:-/home}
COUNT=${2:-10}
SMALLDIV= "-----"
IGNORELIST="proc"

if [ ! -d $HOMES ] ; then
echo "$HOMES needs to be a directory. Use the full path"
exit
fi

cd $HOMES

echo "`date +%D` Disk Hogs: $HOMES"
echo "$SMALLDIV";
du -ks `ls -l | egrep -ie "^d" |egrep -iv $IGNORELIST | awk '{print $9}'` | sort -rn | head -$COUNT;
echo "$SMALLDIV";

May not be the best method but works under Linux. You might need to change the awk number if your ls doesn't output like mine.

Re:Warning Mac user

[AFCArchvile]

I tweaked mine a bit:

Somebody spilled Macintosh in my BSD!

A nice simple one

[Trogre]

It is pitch black. You are likely to be eaten by a grue.

My previous one...

[Kronovohr]

This was what mine was before I upgraded:

Dis beez my box.
It don' be real fast.
But if you fuck wit it,
I be kickin' yo ass.
        -- Management