----------------------- Lab #09 for NET2003 due April 3, 2008 (Week 12) ----------------------- -Ian! D. Allen - idallen@idallen.ca Remember - knowing how to find out an answer is more important than memorizing the answer. Learn to fish! RTFM! (Read The Fine Manual) Global weight: 5% of your total mark this term. Interim submission: Submit what you have done so far in lab on March 27. Due date: before 14h00 Thursday April 3. This is your final and last lab this term. The deliverables for this lab exercise are to be submitted online on the Course Linux Server using the "netsubmit" method described in the lab exercise description, below. No paper; no email; no FTP. Late-submission date: I will accept without penalty lab exercises that are submitted late but before 14h00 (2pm) on Friday, April 4. After that late-submission date, the lab exercise is worth zero marks. Lab exercises submitted by the *due date* will be marked online and your marks will be sent to you by email after the late-submission date. You will submit whatever progress you have made in-lab on March 27. Submit a progress report about whatever you have done. I am available in the lab to check your answers and assist getting things to work. * Abbreviation "ALN" = your "Advanced Linux Networking" text by R.W.Smith Lab Synopsis: I. Read the whole lab, first. II. Update your Ubuntu system. Install and configure the POP3 MRA/MAA server "dovecot". Install and configure the SMTP MTA server "postfix". III. Send email using SMTP (MTA) via netcat. Fetch email using POP3 (MRA/MAA) via netcat. IV. Install and configure the SMB server "samba". V. Answer some questions. VI. Submit. Where to work: your Ubuntu caddy (you need root permissions) Easy access to Course Notes: See previous labs. Easy access to the Course Linux Server [CLS] via sshfs : - you can mount a remote directory on a local directory and access the remote files as if they were stored in your local file system - see the new heading "Using SSHFS (remote file system)" in the Class Notes file: file_transfer.txt Part I - Reading ---------------- 1. You only have to hand in the answers to the questions in Part V. The answers in Part V depend on the work in Parts I through IV. 2. You will save yourself some time answering the questions at the end of this lab if you record what you do during the start of the lab. 3. The Debian package tools are mentioned in Class Notes files installing_linux.txt and week07notes.txt. You will need the command that will search the package cache for a package name pattern. The command "netstat -natp" is useful for showing numerically (-n) all (-a) the open TCP (-t) ports and associated process names (-p) on the current system. (Only root will see the process names of all processes.) The "ss -natp" command can do similar things. Part II - Ubuntu maintenance (on your caddy) -------------------------------------------- 4. Make sure you have run the Update Manager and installed all current updates to your Ubuntu 7.10 (Gutsy) system. Earlier labs tell you how to make sure you have *all* the updates. Note: Ubuntu has released a beta of Ubuntu 8.04 (Hardy Heron). You do not need to upgrade to that new version. (I haven't tried it myself, either. I don't know how stable it is yet. The official release date is end of April.) 5. Install the POPmail "dovecot-pop3d" package. POPmail is so simple, it shouldn't ask you for any configuration details. This server gives you POP3 access to your Ubuntu account mailbox. 6. Install the SMTP "postfix" package. You will be asked some or all of the following installation questions. Here are suggested answers: * General type of mail configuration: - if your system has direct SMTP access to the Internet, select "Internet Site" - if you are locked behind a network that requires you to use a smart relay host, choose the "Internet with smarthost" option * System mail name: - you can use a domain of yours, if you have one - use the default "localdomain" if you don't have a domain * SMTP relay host (blank for none): - specify the name or IP of the smart host that relays email - Smart host "outmail.algonquincollege.com" must be selected at Algonquin College - you can not use SMTP directly. * Root and postmaster mail recipient: - enter your Ubuntu login userid to receive this email * Other destinations to accept mail for (blank for none): - leave the default suggestions (which must include localhost) * Force synchronous updates on mail queue? - no * Local networks: - leave the default 127.0.0.0/8 * Mailbox size limit: - leave the default or pick a size you prefer * Local address extension character: - leave the default + * Internet protocols to use: - choose ipv4 After the installation, make a note of the files and commands needed to edit and change your new installation. Note how to reload postifx. You can re-run this configuration using "dpkg-reconfigure postfix". You can try to relay via "outmail.algonquincollege.com" while on campus; that might let your machine actually relay and send email to your own Algonquin address. Or maybe not. At home, you could try using your ISP's SMTP server as a "smart" relay host. 7. In the postfix main.cf file, make sure the "mydestination" parameter includes "localhost" as one of the listed domains. Add it if it is missing and reload postfix. 8. Use the postfix configuration utility (see week10notes.txt) to dump the value of the "mydestination" parameter, to be sure that "localhost" appears in the list. Use an option to output the default or (no option) current values of the parameter. (RTFM) 9. Use netcat to verify that you have servers listening on the ports used by the two mail services you just installed. The command "QUIT" will exit both mail protocol connections; or, type CTRL-C. For example, you can confirm that you can access the SSH port and get the SSH protocol string using netcat. We respond by typing the invalid protocol ".". Lines you type are prefixed with "*": * $ nc -v localhost 22 localhost [127.0.0.1] 22 (ssh) open SSH-2.0-OpenSSH_4.6p1 Debian-5ubuntu0.1 * . Protocol mismatch. Confirm that you can open ports for the two packages you installed. Use "QUIT", not ".", to exit the mail protocols. Part III - using netcat to send and receive email ------------------------------------------------- Class Notes: week10notes.txt Internet protocols are text-based. You can debug them using a simple text client in a terminal window. Network administrators should know enough SMTP and POP to send and receive a single test email message. 10. Make sure the SMTP port is open on your machine (if you skipped the earlier step that told you to do this). 11. Use a model SMTP session (week10notes.txt) with netcat (not telnet) to send an email message via SMTP to your Ubuntu login userid via the localhost interface: Notes: - the domain name after "HELO" doesn't matter (make one up) - the colon ':' and <> around all email addresses must be present - the SMTP envelope MAIL FROM address doesn't matter (use yours) - the SMTP envelope RCPT TO address should be: abcd0001@localhost where "abcd0001" is replaced by your real Ubuntu login userid - the message body headers and text don't matter (anything will do) - SMTP commands may be entered in lower-case, if you prefer - if things are working, you will get a "250" response after each line Your session will look something like the session below, though you have to use the correct SMTP command lines in the correct order: $ nc -v localhost smtp localhost [127.0.0.1] 25 (smtp) open 220 localhost.localdomain ESMTP Postfix (Ubuntu) ... say hello to the SMTP server ... 250 localhost.localdomain ... give the mail from address (anything) ... 250 2.1.0 Ok ... give the mail recipient address at localhost ... 250 2.1.5 Ok ... indicate you're about to send the message body ... 354 End data with . ... type in a mail message body ... 250 2.0.0 Ok: queued as I7AFNC0A9D ... exit the SMTP session ... 221 2.0.0 Bye If you store your SMTP commands in a text file, you can use shell input redirection to pass the entire text file into the SMTP port via netcat: $ nc -v localhost 25 . 250 2.0.0 Ok: queued as I7AFNC0A9D 221 2.0.0 Bye 12. See if the email was correctly delivered to your Ubuntu login account local mailbox by looking for it in the Ubuntu file system: Find the value of the postfix "mail_spool_directory" parameter. The value of this parameter is the name of the system mail spool directory where all local email is delivered and stored. To find the directory name, you will need to execute a postfix configuration dumping command and select parameter "mail_spool_directory" as the desired output. (week10notes.txt) In the system mail spool directory, you will find a text file with your name on it. Look at the contents of the text file to find your incoming email, stored in "mbox" format. The above message(s) that you sent via SMTP will be waiting for you. Next, you will have to read the mail using the Internet POP protocol: 13. Make sure the POP3 port is open on your machine (if you skipped the earlier step that told you to do this). 14. Use a model POP3 session (week10notes.txt) with netcat (not telnet) to login, retrieve, and delete your local email on your Ubuntu system: Notes: - you have to have at least one message waiting in your Ubuntu mailbox - you have to connect netcat to "localhost" on Ubuntu - you may use port "pop3" instead of "110" on Ubuntu; the port will be translated to 110 using the pop3 entry in the /etc/services file - yes, your password is typed in cleartext for POPmail - once logged in, you can use the "list" command to list waiting messages - you can use the "top" command to see just the headers of any message Your session will look something like the session below, though you have to use the correct POP3 command lines in the correct order: $ nc -v localhost pop3 localhost [127.0.0.1] 110 (pop3) open +OK Dovecot ready. ... give your Ubuntu login account name ... +OK ... enter your Ubuntu account password in clear text ... +OK Logged in. ... ask for a list of messages ... +OK 1 messages: 1 509 . ... ask to show the headers of the first message ... +OK ... first message headers print here ... ... ask to retrieve the first message ... +OK 509 octets ... first message header and body prints here ... ... ask to delete the first message ... +OK Marked to be deleted. ... ask to exit the POP3 session ... +OK Logging out, messages deleted. You can also configure Thunderbird or some other POPmail reader (perhaps even Outlook) to read your email from your Ubuntu system; though, if you read POPmail from off-machine (not localhost) you will have to make sure you use the secure/encrypted version of POPmail (port pop3s). The dovecot POP server will not allow plain text (unencrypted) POP authentication from a remote (non-localhost) machine. Part IV - enabling and configuring basic SMB/CIFS (Samba) shares ---------------------------------------------------------------- Class Notes: week11notes.txt Note that Windows CIFS shares are case-insensitive. Be careful if you transfer Unix/Linux case-sensitive files to a Windows system. 15. Make sure the Samba client package is installed on your machine. The client is described in the Debian package lists as a "LanManager-like simple client"; but, the man page describes it as "ftp-like client to access SMB/CIFS resources on servers". (See also the Note in ALN p.14) 16. If you are at Algonquin College, confirm that your client program is working by looking at what services are available on the Algonquin server "algshare". You can login anonymously (don't give any password); or, you can specify client options to set your Algonquin network "username" and a "workgroup" of "WOODROFFE" and then login with your Algonquin network password. If you aren't at Algonquin College, pick a nearby Windows machine and look at what services are available anonymously (give no password). 17. Search for the package pattern "samba" in the Debian list of packages. In that list, the base Samba package is described as a "LanManager-like" file and printer server for Unix. That package name has a corresponding documentation package. 18. Install the basic Samba package and its documentation. The total install for both packages should say "Need to get 10.8MB of archives." 19. Confirm that you can now use the client program to look at what services are available on your Ubuntu "localhost" anonymously (give no password), as shown in class (week11notes.txt). 20. As root, create a Samba password for your Ubuntu account userid. 21. Save a backup copy of the Samba config file. Edit the file (as root). Under "Share Definitions", enable the sharing of user home directories. Make the home directories browsable, so that they will show up in a list of services on this machine. Also ensure that only the owner of a home directory can connect to it. Also ensure that the share is exported with write permission. (That is three separate sets of changes in the file.) Write out the file and reload Samba. 22. Confirm that you can use the client program to look at what services are available on your Ubuntu "localhost" anonymously (give no password), and that the new share "homes Disk Home Directories" is now visible in the list. 23. Confirm that you can use the client program to look at what services are available on your Ubuntu "localhost", this time using an option to specify your username and logging in with your SMB password. Confirm that your own Ubuntu userid sharename is now visible in the list: "abcd0001 Disk Home Directories" (where abcd0001 is yours). 24. Use the Samba client program to connect to your localhost Ubuntu account's home directory share using either "//localhost/abcd0001" (use your userid) or the equivalent "//localhost/homes". Log in using your SMB password, not your Unix password. Verify that you can login and use the client "ls" command to see the files in your Ubuntu home directory, as demonstrated in the Class Notes. You can also use the "put" and "get" commands to transfer files. Part V - questions and answers to hand in for marking ----------------------------------------------------- Below are the only questions and answers that you must submit for marking. Cut these questions below out of the lab into a new lab09answers.txt file. Remove everything except these Part V questions from the answer file. Place the answer to each question underneath the question, in the answer file. Use blank lines to separate all the questions and answers. You do not need to fold lines that are longer than 80 columns if they come from command output. Long command output lines are allowed. Do not use mouse cut-and-paste for any output that is over two lines long. Lines wrapped or damaged by cut-and-paste are worth zero. Use proper file copy operations and editor technique. (Reference: VIM tutorial Lesson 5.4: RETRIEVING AND MERGING FILES.) Where script sessions are requested, the script sessions must not contain any other commands other than those needed to answer the question. You may need to practice getting the right answer before you run a script session to record it. You can edit the script session afterward to delete minor mistakes in command use. SMTP and POP questions: 25. What did you answer for the postfix "General type of mail configuration"? 26. How can you re-run the postfix installation configuration dialog? Give the full command line you would use. 27. What is the absolute pathname to the postfix main configuration file? (This file contains the "mydestination" parameter, among others.) 28. Is the "procmail" MDA mentioned or used in any Postfix config file? Give a single command that would recursively find the name "procmail" if it appeared inside any Postfix configuration file. (Use an absolute pathname to the postfix configuration directory in the command line.) Hint: Lab 5. 29. Give a postfix command line that would dump the default value of the postfix "mydestination" parameter (not the current value). 30. Give a postfix command line that would dump the current value of the postfix "mydestination" parameter (not the default value). 31. Read the Notes file screendumps.txt. Copy the "ianscript" program to your Ubuntu system and use it to capture the entire SMTP netcat session from #11 into a script session output file. Copy that script session output file here. (Do not use mouse cut-and-paste.) 32. After #12, copy just one of the email messages from your Ubuntu system mailbox to here. Make sure you get the whole message, including all the header lines. (Do not use mouse cut-and-paste.) 33. Locate and copy here the multiple system log entries made by postfix when it received and delivered the above email. (The last system log entry should read something like "postfix/qmgr[41523]: I7AFNC0A9D: removed".) 34. Read the Notes file screendumps.txt. Copy the "ianscript" program to your Ubuntu system and use it to capture the POP3 netcat session from #14 into a script session output file. Copy that script session output file here. (Do not use mouse cut-and-paste.) Edit and replace your password with XXXXX here and in the script file. Don't submit or keep a file with your password in it. 35. True/False: In the POP protocol, when you delete message one, the other messages shift down and renumber from one again, so you can again delete the (new) message one and repeat deleting message one until all your email is deleted. 36. If your machine must use an external SMTP relay (e.g. via your ISP or via a "smart" host), what postfix config parameter would you set to do this relaying? (ALN p.512) Port diagnostic questions: 37. Find and record here the one-line system log entry made by the sshd process in response to your typing "." into netcat when checking the SSH protocol (see the netcat SSH example above). The sshd log entry will have the words "protocol version" in it. 38. Give the netcat command lines you used to test for port access to the two servers installed by the dovecot and postfix packages: 39. As root, send the output of "ss -natpe" into a file and then copy the file here. (Do not use mouse cut-and-paste.) Make sure that the listing shows the open ports for the servers installed by the dovecot and postfix packages. The options to use are "-natpe". 40. As root, send the output of "netstat -natpe" into a file and then copy the file here. (Do not use mouse cut-and-paste.) Make sure that the listing shows the open ports for the servers installed by the dovecot and postfix packages. The options to use are "-natpe". Samba SMB/CIFS questions: 41. In which system directory does samba keep its system log files? Give the absolute pathname to the directory of log files. 42. Read the Notes file screendumps.txt. Copy the "ianscript" program to your Ubuntu system and use it to capture a terminal session of #24 into a script session output file. Copy that script session output file here. (Do not use mouse cut-and-paste.) Part VI - Submission -------------------- Submission Standards: See Lab #1 for details. A. Make sure all submitted files contain an Exterior Assignment Submission label. B. Submit your files for marking as Lab 09 using the following *single* netsubmit command line exactly as given here: $ netsubmit 09 lab09answers.txt Always submit *all* files at the same time for every submission. Files submitted under the wrong names are worth zero marks. P.S. Did you spell all the assignment label fields and file names correctly?