Week Eleven Agenda Link of the week Review week ten lab assignment Week ten expected outcomes Next...
-
Upload
jessie-cunningham -
Category
Documents
-
view
222 -
download
2
Transcript of Week Eleven Agenda Link of the week Review week ten lab assignment Week ten expected outcomes Next...
Week Eleven Agenda
•Link of the week•Review week ten lab assignment•Week ten expected outcomes•Next lab assignment•Break-out problems•Upcoming deadlines•Questions and answers
Link of the weekFile System
http://cbbrowne.com/info/fs.html
• Define: File system
• Linux File System
ext3 includes journalling capabilities to allow faster recovery after unexpected reboots.
Review week ten lab assignmentDefinition: Network Protocol is a standard
procedure and format that two data communication devices must understand, accept and use in order to be able to communicate with each other.
A network protocol determines the following:- Type of error checking to be performed- Data compression method- How the sending device will indicate that it has
finished sending a message- How the receiving device will indicate that it has received a message
Review week ten lab assignment
Password FileLocation: /etc/passwd
Field separators: Colon (:)
File format:Username:Password:UID:GID:UserID:Home directory:Command/shell
Example:dandrear:x:1020:1021:dandrear user:/export/home/dandrear:/bin/bash
Permissions on Einstein:-rw-r--r-- 1 root root 1636 Aug 16 10:37 /etc/passwd
Review week ten lab assignmentPassword File• Username: It is used when user logs in. It should be between 1 and
32 characters in length. • Password: An x character indicates that encrypted password is
stored in /etc/shadow file. • User ID (UID): Each user must be assigned a user ID (UID). UID 0
(zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups.
• Group ID (GID): The primary group ID (stored in /etc/group file) • User ID Info: The comment field. It allow you to add extra
information about the users such as user’s full name, phone number etc. This field use by finger command.
• Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /
• Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell. Please not it does not have to be a shell.
Review week ten lab assignment/etc/passwd file
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
Review week ten lab assignment
Shadow FileLocation: /etc/shadow
Field separators: Colon (:)
File format:username:passwd:lastpasswdch:min:max:warn:inactive:expire:unused
Example:dandrear:$1$dhBysgdhfteM9gd00:13064:0:99999:7:::
Permissions on Einstein:-r-------- 1 root root 1107 Sep 5 15:24 /etc/shadow
(Permission denied)
Review week ten lab assignmentShadow File • User name : It is your login name • Password: It your encrypted password. The password should be minimum
6-8 characters long including special characters/digits • Last password change (last changed): Days since Jan 1, 1970 that
password was last changed • Minimum: The minimum number of days required between password
changes i.e. the number of days left before the user is allowed to change his/her password
• Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password)
• Warn : The number of days before password is to expire that user is warned that his/her password must be changed
• Inactive : The number of days after password expires that account is disabled
• Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used
• Unused field:
Review week ten lab assignment
• The “X” in the /etc/passwd file password field indicates that the shadow file contains the encrypted password.
• Red Hat Linux uses MD5 by default.• Most Linux systems utilize MD5 as their
encrypted form.• MD5 requires 34 characters in encryption form.• MD5 always begins with $1$• The shadow file is only readable by root.
Review week ten lab assignment
Group FileLocation: /etc/groupField separators: Colon (:) File format:Group name:Password:GID:User_list
Example:faculty:x:410:staff:x:430:
Permissions on Einstein:-rw-r--r-- 1 root root 833 Aug 16 10:37 group
Review week ten lab assignmentGroup File• Group name: Name of the group. • Password: The group password would be encrypted.
If this field is empty, no password is needed. • GID: The numerical group ID and/or unique group
identifier. • User_list: All the group member's user names,
separated by commas.
Most Unix-like systems impose a limit of 16 to 32 group memberships per user.
Review week ten lab assignment/etc/group file
ntp:x:38: student:x:101:
itadmin:x:400:faculty:x:410:csfac:x:420:mccannp,sieberth,hochstew,whittakt,morganr,hartungstaff:x:430:hpsmh:x:501:kellya:x:502:kumarp:x:503:morgensd:x:504:caldwelr:x:505:apache:x:48:oinstall:x:600:
Demonstrate the use of the vigr command on the /etc/group file.
Review week ten lab assignment• Managing Users
Adding a user account involves several steps before a user can log into the account.
UID – Really defines a user ID to the system Duplicating the UID causes the accounts to share an
identity in the systemGID – group IDHome directorypasswordshell to interact with the system
Initialization – Every user has initialization files in their home directory, users use initialization scripts during the login process. Normally, your .profile is run automatically when you log in to the system.
Demonstrate ~dandrear/.profile
Review week ten lab assignmentFile Summary
/etc/passwd - user account information /etc/shadow - secure user account information
/etc/group - group information
/etc/gshadow - secure group information
Demonstrate adding a user
Linux/Knoppix -useradd
Demonstrate removing a user
Knoppix – deluser
Linux - userdel
Review week ten lab assignment• & symbol represents the background process.• Once a background process is launched by a
terminal session, the process becomes unattached from the terminal that launched it.
simple_script &• Once a foreground process is started, it remains
in the foreground until it completes, because it is attached to the terminal.
cat /etc/passwd• The /etc/passwd file is considered the user
database for the system.• The information contained in the /etc/passwd file
is useful for applications that run on the system.
Review week ten lab assignment• An autonomous process is one that is not started by the kernel.• The daemon processes are started as part of the boot process and
run until the system is shut down.• The inetd daemon may start the telnetd to handle a telnet
connection.• The inetd daemon may start the ftpd to handle an ftp connection.
One daemon may start another; the inetd daemon will accept a network connection and then start another daemon to handle the connection, based on the type of connection. There are various processes in UNIX that are not owned by a user, but exist to provide services. These processes are often called "daemons.“
• Single threaded process is when a process only performs one task.• Multi-threaded process is when a process can perform multiple
tasks concurrently without extra overhead needed to create a new process. Word processor is a multi-threaded process.
Review week ten lab assignment
• The kernel is responsible for creating the init process. This creation is referred to as spontaneous and/or hand-crafted.
• Processes go through various process states during their existence. These are transitory states managed by the operating system (OS). The specifics of these process states vary from one OS to another, as well as the state names.
• Linux Process states:- waiting (process scheduler - load from secondary storage to main memory)- running (after a process is assigned a processor by a short –term scheduler, context switch is performed)- stopped (The process has been stopped, usually by receiving a signal. A process that is being debugged can be in a stopped state)- Zombie (This is a halted process for some reason. Still has a task_struct data structure)
Review week ten lab assignment
Zombie process is a process that has completed execution but still has an entry in the process table, allowing the process that started it to read its exit status.
Demonstrate how to identify a zombie process
Orphan process is a process whose parent process has terminated or finished.
Week ten, eleven, & twelve expected outcomes
• Upon successful completion of this module, the student will be able to:
• Manipulate user accounts. • Describe how cron is used to invoke repetitive processes. • Manipulate process structure including:
a) fork and execute b) Initialization processc) Background/foreground d) PS tool
• Explain basic UNIX security issues. • Describe disk and file system structure. • Use backup and restore archival operations on a system. • Establish network services. • Investigate the structure of the LDAP directory using LDAP commands.
Next Lab AssignmentHTML (Hyper Text Markup Language) is a language used to create documents and the World Wide Web.
HTML defines the structure and layout of a Web document by using a variety of tags and attributes.
The correct structure for an HTML document starts with <HTML><HEAD>(enter here what document is about)<BODY> and ends with </BODY></HTML>. All the information you'd like to include in your Web page fits in between the <BODY> and </BODY> tags. Define: Common Gateway Interface (CGI)It is a standard used for interfacing between applications with information servers (Web server). Application: CGI scripts execute in real-time and their output is dynamic in content.Scripts are designed to be executed from a Web daemon that will transmit information to another software facilitator (database engine), and receive the results back again and display them to the client.
Next lab assignment/etc/inittab describes which processes are started at bootup and during normal operation./etc/inittab format:
id:runlevels:action:process
# System initialization.10:0:wait:/etc/rc.d/rc 011:1:wait:/etc/rc.d/rc 112:2:wait:/etc/rc.d/rc 213:3:wait:/etc/rc.d/rc 314:4:wait:/etc/rc.d/rc 415:5:wait:/etc/rc.d/rc 516:6:wait:/etc/rc.d/rc 6
# Run mingetty in standard runlevels1:2345:respawn:/sbin/mingetty tty12:2345:respawn:/sbin/mingetty tty23:2345:respawn:/sbin/mingetty tty3
Next lab assignment
• The runlevel field may contain multiple characters for different runlevels.
# Runlevel 0,6 is halt and reboot, 1 is maintenance mode. l:0:wait:/etc/rc.d/rc.halt 2:1:wait:/etc/rc.d/rc.single 3:2345:wait:/etc/rc.d/rc.multi 4:6:wait:/etc/rc.d/rc.reboot
Next lab assignment• cron is started automatically from /etc/init.d on
entering multi-user runlevel. cron is a daemon that executes scheduled commands.
• /etc/crontab file is a file which contains the schedule of cron entries to be run and at specified times.
# Einstein /etc/crontab entries01 * * * * root run-parts /etc/cron.hourly02 4 * * * root run-parts /etc/cron.daily22 4 * * 0 root run-parts /etc/cron.weekly42 4 1 * * root run-parts /etc/cron.monthly
Next lab assignment
crontab syntax* * * * * command to be executed
1 2 3 4 5First *: min (0-59)Second *: hour (0-23)Third *: day of month (1-31)Fourth *: month (1-12)Fifth *: day of week (0-6) (Sunday=0) Example: 40 18 * * * rm /export/home/someuser/*
Next lab assignment
/usr/lib/cron/cron.allow
/usr/lib/cron/cron.deny
crontab commands
crontab -e Edit crontab file
crontab –l Display your crontab file
crontab –r Remove your crontab file
crontab –v Display last time crontab was edited.
Break-out problems1) What is an incremental back up?2) What is a full back up?3) List the different process states used on a Linux system.4) Explain the relationship between the /etc/passwd file and the /etc/shadow
file.5) What functionality does journaling provide a file system?6) Describe how a background process works with respect to the terminal.7) Describe how a foreground process works with respect to the terminal.8) Syntax used in the /etc/inittab file
respawnwaitctrlaltdelondemend
9) Unix commands:uptime uname –n uname –auname –r
Reading Assignments
• Essential System Administration, pages 222-233. Chapter 6, Unix Users and Groups, The Password File, /etc/passwd, The Shadow Password File, /etc/shadow,
The Group File, /etc/group, Dynamic Group Membership.
Processes, pages 53, 55, 58, 785, 130, 962, and 963.
Upcoming deadlines• Account/LDAP Script, 11-1 is due 7/13/08.• Process, 11-2 is due 7/13/08.• Knoppix File System Exercise, 12-1 is due 7/20/08.• Programming Assignment 2, 12-2 is due 7/27.• Final Exam, 15-2 will be administered 8/4 - 9/08.• Final Exam Outline will be posted on the Bulletin Board
(7/21), two weeks prior to the final exam date. This outline will be considered a “living” document. I will add additional information to it up to one week prior to the exam. All additional information posted after the initial posting will be highlighted/indicated.
• Public Domain/Open Source Lab Assignment 14-1 due 8/3. In-class presentations will be 7/28 and 8/4.
Questions and answers
• Questions
• Comments
• Concerns
• I will be available after this Franklin Live session to discuss any problems and/or concerns regarding lab assignments.