490 likes | 631 Views
Week Twelve Agenda. Announcements If proctor changes need to be made, do it soon. The final exam will be True/False, Multiple Choice, and Essay. Review link April 27. Open Source Presentation dates April 4 and 11. Final Exam date April 11 through 16. Link of the week
E N D
Week Twelve Agenda • Announcements • If proctor changes need to be made, do it soon. • The final exam will be True/False, Multiple Choice, and Essay. Review link April 27. • Open Source Presentation dates April 4 and 11. • Final Exam date April 11 through 16. • Link of the week • Review week eleven lab assignment • Week eleven expected outcomes • Next lab assignment • Break-out problems • Upcoming deadlines • Lab assistance
Link of the week • Domain name registration Web site https://www.pairnic.com/services.html?gclid=COXiuLv6mI0CFSCTWAod81M57A • Determine if a domain is currently in use. http://www.pair.com/ • What is a domain name? • What is the function of the Domain Name System? • BIND (Berkley Internet Name Domain) • What is meant by top level domain?
Link of the week Top Level Domain (TLD) • gov – Government • edu – Educational • org – Other organizations ( often nonprofit) • mil – Military • com – Commercial business • net – Network organizations • ca – Canada • th – Thailand
Link of the week http://www.iana.org/cctld/cctld.htm Define: Iana- Internet Assigned Numbers Authority. IANA is responsible for management of the DNS root zone. This role means assigning the operators of top-level domains, such as .UK and .COM, and maintaining their technical and administrative details.
Link of the week Observe the Root Zone Database at the above Web site. It represents the list of top-level domains. Each country has an ISO (International Organization for Standardization) country code designated as its domain name.
Link of the week Unlike the file system hierarchy (read from left to right) , the top-level domain name appears at the end. /var/mail/dandrear The URL (Uniform Resource Locator) is also a hierarchy. Its top-level domain name appears at the end, but is read from right to left). alpha.einstein.edu beta.ca.mail2web.com
Review week eleven lab assignment User Initialization The /etc/inittabrunlevel field format: id:runlevels:action:process /etc/inittab file 1:2345:respawn:/sbin/mingettytty 1 /etc/profile file Basic setup for all users $HOME/.profile User preferred environmental set up Use the ls –a command to display the .profile file under your $HOME directory.
Review week eleven lab assignment Define: Metadata Metadata is data about data. It may describe a single piece of data or multiple content items and hierarchical levels. Metadata can be the name of a US corporation, or a registered trademark. Metadata is structured information that describes and allows us to find, manage, control and understand other information.
Review week eleven lab assignment Metadata There are many different types of metadata. Business Intelligence metadata General IT metadata IT metadata management products File system metadata Image metadata
Review week eleven lab assignment Linux runlevels: 0 - halt (Do NOT set initdefault to this) 1 - Single user mode 2 - Multiuser, without NFS (The same as 3, if you do not have networking) 3 - Full multiuser mode 4 - unused 5 - X11 6 - reboot (Do NOT set initdefault to this)
Review week eleven lab assignment The runlevel may contain multiple characters for different runlevels. 1:23:respawn:/sbin/mingetty tty1 2:23:respawn:/sbin/mingetty tty2 3:23:respawn:/sbin/mingetty tty3 4:23:respawn:/sbin/mingetty tty4
Review week eleven lab assignment /etc/inittab actions respawn – The process will be restarted whenever it terminates. wait – The process will be started once when the specific runlevel is entered. once – The process will be executed once when the specific runlevel is entered. boot – The process will be executed during system initialization. initdefault – This entry specifies the runlevel which should be entered after system boot. sysinit – The process will be executed during system boot. It will be executed before any boot or bootwait entries.
Review week eleven lab assignment /etc/inittab actions powerwait – The process will be executed when the power goes down. powerokwait – This process will be executed as soon as init process is informed that the power has been restored. powerfailnow – This process will be executed when the init process is informed that the battery of the external UPS power is failing. ctraltdel – The process is executed when the init process receives the SIGINT signal. This means that someone on the system console has pressed the Ctrl-Alt-Del key combination.
Review week eleven lab assignment UNIX-like commands: ps –s (view zombie processes) ps –aux (view status of all processes) ps –x (view only active processes) ls –a (view “.” processes) ps -aux | grep crond (view crond executing) nice (execute with modified scheduling priority) umask (displays umask numeric values) umask –S (displays umask symbolic values) fg (Continues a stopped job by running it in the foreground, some shells are not able to run this command ). bg (Continues a stopped job in the background)
Review week eleven lab assignment UNIX-like commands: cat /etc/shells (Display available shells on system). echo $SHELL (Display current shell being utilized). chsh –s /bin/ksh (Change to a different shell) . printenv or env(commands to display environment variables).
Review week eleven lab assignment Unix/Linux ProcessesLinux defines a unit of work as a task or process. UNIXdefines a unit of work as a process. Each process is identified by a unique PID (Process ID). Each user is identified by a unique UID (User ID). Each group is identified by a unique GID (Group ID).
Review week eleven lab assignment UNIX/Linux Processes Each file is created with a unique inode number. 5260315 -rwx------ 1 dandrear faculty 628 Jun 11 2009 tail.sh Each process is started from a previous process using the fork and exec command. The init process is created by the kernel using a non-traditional procedure called hand-crafted or spontaneous. The init process has a PID of one.
Review week eleven lab assignment Unix/Linux Processes A background processes runs with a relatively low priority, require little or no input, and generate a minimum of output. Background process is unlike with a foreground process, the shell does not have to wait for a background process to end before it can run more processes. Background jobs are run at a lower priority to the foreground jobs. Demonstrate: background.sh A foreground process is one that canshow the user an interface, throughwhich the user can interact with the program.The user must wait for one foreground process to complete before runninganother one.
Review week eleven lab assignment Non-Inherited Process Attributes File locks (semaphores) Child resource utilization is set to zero Pending signals (kill –l signals) Daemon processes offer services like web pages serving, email transferring, time synchronization, and similar. They usually consume little CPU and memory, and run quietly without user interaction. They mainly communicate with other computer programs, or with other computers via network.
Review week eleven lab assignment Crontab Utilization: cron is the periodic event scheduler of your system. The following examples give you an idea of its usefulness and necessity. • regular daily backups • periodic mail checking • polling a device(s) for input • sending regular reports • sending user email every time a cron function is performed cron file locations /etc/crontab /etc/cron.deny /etc/cron.allow
Review week eleven lab assignment Crontab Utilization: Typical directory configuration /etc/cron.d/hourly /etc/cron.d/daily /etc/cron.d/weekly /etc/cron.d/monthly
Review week eleven lab assignment How frequent does crond execute on Unix-like systems? Disable email To prevent email messages from being sent to your mail account, create a record that contains the following syntax: * * * * * echo dandrear@franklin.edu > .trash_bin To cancel the email redirection, enter the following: rm trash_bin If the output is not needed, the following syntax can be included: * * * * * echo “Hello Administrator” > /dev/null 2>&1The /dev/null device is a special file that disregards all data written to it.
Review week eleven lab assignment crontabformat: * * * * * command to be executed crontab values: Field Value minute 00-59 hour 00-23 (military time) day 1-31 month 1-12 weekday 0-6 (0=Sunday) Example records: There are a total of 6 fields in the crontab file 30 5 11 12 * echo “Welcome to Franklin University” 30 * * * * echo “Unix Administration”
Review week eleven lab assignment Demonstrate: Display crontab entries and /var/mail/dandrear file and introduce the tail –f command. Who can use the crontab commands (create, list, edit or remove)? What does the “*” character represent in the first five fields of a crontab record? Match all values A single integer will match that exact time value. A comma separated list of integers can invoke multiple matches like 1,2,3. Example: 5,10,45 * * * * echo “Unix Administration”
Review week eleven lab assignment crontab restrictions If your name appears in the cron.allow file. If that files doesn’t exist, you can use crontab. If your name does not appear in the cron.deny file. If cron.deny exists and is empty, all users can use crontab. If neither file exists, only the root user can use crontab. crontab command without options Read standard input Exit using “Control C” so that the existing crontab is unmodified. Exit using “Control D” will cause the current users’ crontab to be replaced with no information.
Review week eleven lab assignment crontab commands crontab -e Edit crontab file crontab –l Display your crontab file crontab –r Remove your crontab file crontab –v Display last time crontab was edited.
Review week eleven lab assignment Linux Security SELinux developed by the U.S. National Security Agency (NSA), implements Mandatory Access Control (MAC) in the Linux kernel. MAC enforces security policies that limit what a user or program can do. It defines a security policy that controls some or all objects, such as files, devices, sockets, and ports, and some subjects like processes. Utilizing SELinux, you can grant a process only those permissions it needs to be functional.
Review week eleven lab assignment Linux Security TCP Wrapper is part of the client/server model, and can be used with any daemon that is linked against libwrap.a, and relies on the /etc/hosts.allow and /etc/hosts.deny files as the basis of a simple access control language. This access control language defines rules that selectively allow clients to access server daemons on a local system based on the client’s address and the daemon the client tries to access.
Review week eleven lab assignment Linux Security chroot jail On early UNIX systems, the root directory was a fixed point in the file system. Chroot jail allows users on UNIX-like system to define the root directory on a process bases. The chroot jail utility allows you to run a process with a root directory other than /. By creating an artificial root directory, frequently called (chroot) jail, you can make it harder for the other system files to be accessed.
Review week eleven lab assignment What is the functionality of Network File System (NFS)? • It is a remote file system designed by Sun Microsystems, available on computers from most UNIX system vendors. • It allows the server to share selected local directory hierarchies with client systems on a heterogeneous network. Files on the remote computer (fileserver) appear as if they are present on the local system. The physical location of a file is irrelevant to an NFS user.
Review week eleven lab assignment Orphan Process dandrear 7160 7158 0 17:12 pts/4 00:00:00 -ksh dandrear 7189 7160 0 17:13 pts/4 00:00:00 /bin/ksh ./pid_ppid.sh dandrear dandrear 7190 7189 0 17:13 pts/4 00:00:00 ps -ef dandrear 7191 7189 0 17:13 pts/4 00:00:00 grepdandrear dandrear 7192 7189 0 17:13 pts/4 00:00:00 sort dandrear 7001 7113 0 8:13 pts/3 00:00:00 sort root 7158 938 0 17:12 ? 00:00:00 sshd: dandrear@pts/4
Week ten, eleven, and twelve expected outcomes Upon successful completion of this module, the student will be able to: Manipulate user accounts. Describe how cron is used to invoke repetitive processes. Manipulate process structure including: a. fork and exec, b. Initialization process, c. Background/foreground, d. PS tool. Explain basic UNIX security issues. Describe disk and file system structure. Use backup and restore archival operations on a system. Establish network services. Investigate the structure of the LDAP directory using LDAP commands.
Next lab assignment Copy-on-Write It is an optimization strategy for multiple users can give the same pointer for a resource. The primary advantage is that if a caller never makes any modifications, no private copy is needed. This strategy is used in virtual memory operating systems pages in memory that might be modified by either the process or its copy are marked copy- on-write.
Next lab assignment Network Services A variety of services available across a network NFS Remote login Utilize a Web browser • All network services rely on the ability to convert a host or domain name to an IP address. DNS are complex. The number of host names and IP addresses in the Internet is very large. DNS Local contains actual translations for the machines in its local network DNS Global contains more information about translations. A single translation could involve several DNS before resolving the IP address.
Next Lab Assignment • UNIX/Linux file system is contained under the root directory denoted by a slash “/”. • Users don’t have to worry about the physical locations of files. • The system administrator must be familiar with mounting and un-mounting storage space (/mnt). • NIS+ (Network Information Service) is a directory service.
Next Lab Assignment File System • It is an organization of data and metadata on a storage device. • It is the methods and data structure that an operating system uses to keep track of files on a disk or partition; that is the way the files are organized on the disk. • Think of a file system as a protocol. File systems give meaning to the data on a particular storage device. What is a block device? It is a device in which the data that moves to and from occurs in blocks (like a disk sector) and supports attributes such as buffering and random access behavior. Block devices include hard drives, CD-ROMs, and RAM disks.
Next Lab Assignment File System What is a character device? It is a device that does not have a physical addressable media. Character devices include serial ports and tape devices, where data is streamed character by character.
Next Lab Assignment File System
Next Lab Assignment Super Block Contains information about each mounted file system. The actual data structure in Linux is called structvfsmount. Information held is mount flags, mount time, device name, pointer to super block and device block size. The Linux 2.0 kernel keeps a static array of such structures to store up to 64 mounted file systems. Data Block Data blocks are used to store the data for a file. There is space only for a few data block numbers in the inode, however if more are needed, more space for pointers to the data blocks is allocated dynamically. These dynamically allocated blocks are indirect blocks. The name indicates that in order to find the data block, one has to find its number in the indirect block first.
Next lab assignment UNIX base root file system tree structure /bin (commands) /dev (devices) /etc (system configuration/executables) /sbin (boot commands) /usr/sbin (administrative commands) /home (users home directories) /lib (shared libraries) /mnt (temporary mount directory) /opt (optional software) /proc (processes) /stand (boot-related files) /var (spooling)
Next lab assignment lost+found directory Fsck is generally able to repair most system damage and the frequency with which you will find anything at all in your lost+found directories has slowed significantly If you have a system crash and the Linux file system checker (fsck) recovers corrupt files they are placed here.
Next lab assignment Unix-like System Security • Security on UNIX-like systems has focused on the following areas: Files and directories PATH variable password authentication UNIX to UNIX commands One-way function
Break-out problems 1. How often do the following two commands execute? # 1.1. This is a comment. * * * * * c:\tools\CheckForNewFiles.exe # 1.2. This is a comment. * * 3 * * c:\tests\backup.bat 2. Define: File System Super block 3. Define: Domain Name Server 4. Define: Domain name 4. Define: RFC 6. What application is BIND associated 7. What is the “lost+found” area considered on a Unix-like system? 8. Linux Virtual File System 9. One-Way Encryption or One-Way Function 10. Compare a block device to a character device
Upcoming deadlines Lab Assignment 11-1, Knoppix File System Exercise is due March 27, 2011. Lab Assignment 12-1, Programming Assignment 2 is due April 3, 2011. Final exam outline will be available on April 11 through 16, 2011. Module 6, contains study information for weeks 10, 11, and 12. Final Exam Outline will be posted on the Bulletin Board March 27, two weeks prior to the final exam date. This outline will be considered a “living” document. I will add additional information to it up to one week prior to the exam. Any additional information posted after the initial posting will be highlighted/indicated. I will email all students a copy of this outline also.
Lab assistance • Questions • Comments • Concerns • I will be available after this Franklin Live session to discuss any problems and/or concerns regarding lab assignments.