Updated: 2013-04-17 09:28 EDT
23h59 (11:59pm) Saturday April 20, 2013 (end of Week 14)
syslog
logging mechanismRemember to READ ALL THE WORDS to work effectively and not waste time.
This is an overview of how you are expected to complete this assignment. Read all the words before you start working.
Since we also do manual marking of student assignments, your final mark may not be the same as the mark submitted using the current version of the Checking Program. We do not guarantee that any version of the Checking Program will find all the errors in your work. Complete your assignments according to the specifications, not according to the incomplete set of the mistakes detected by the Checking Program.
When you are finished the tasks, leave the files and directories in place as part of your deliverables. Do not delete any assignment work until after the term is over! Assignments may be re-marked at any time; you must have your term work available right until term end.
The previous term’s course notes are always available on the Internet here: CST8207 GNU/Linux Operating Systems I.
All the current and previous terms notes files are also stored on the CLS. You can learn about how to read and search these notes files using the command line on the CLS under the heading Copies of the CST8207 course notes near the bottom of the page Course Linux Server. The current CST8177 term notes are searchable there, too!
All references to the “Source Directory” below are to the CLS directory ~idallen/cst8177/13w/assignment10/
and that name starts with a tilde character followed by a userid with no intervening slash.
root
privileges, and in those cases you may need to use sudo
to run the privileged command without explicitly being told to do so.sudoers
groupPATH
for sysadmin work/home
directory to its own file system with mounted with quota optionsOn the Course Linux Server, make the directory ~/Assignments/assignment10
, in which some information will be stored related to this assignment, and also Create the check
symbolic link needed to run the Checking Program.
In your own account in your CentOS 5.8 VM, also make the directory ~/Assignments/assignment10
In Assignment #07 Bulk User Management, you deleted
user010
anduser011
but their corresponding groups may have been left behind.
user010
and user011
groups, if they are still present on your machine.
newusers
command did not create shadow group entries. Ignore the error – the groups don’t exist in the group shadow file.You must have
/home
mounted on its own file system to do this section. You did that in Assignment #09.Refer to Red Hat Quotas
Take your CentOS VM into single user mode.
Make sure your /home
file system is mounted with quotas enabled. (You added quota options in Assignment #09.)
Use the quotacheck
command with options appropriate to initialize the group quota file and user quota file for the /home
filesystem.
/home
filesystem.
quota
command as User 100
and ensure you see no quotas.quota: Can't open quotafile /home/aquota.user: Permission denied
then you forgot to turn quotas on.User 100
, set the following (unrealistic) test quota values:
500
)700
)5
6
Generate an overall /home
file system quota report for all users and verify that User 100
has the correct limits. This is a full quota report, so it should have over 100 lines. Generate it again, redirecting the output to assignment10/repquota.txt
Change the ownership and group of this quota report file to yourself and your group. (Always change files stored in your own account to your own sysadmin userid.)
sudo
to run su - user100
to simulate a full login as User 100
. Do all the following section as user100
in the user100
home directory:
Exceed the soft block limit by creating a 600KB file with this command:
$ whoami
user100
$ pwd
/home/user100
$ dd if=/dev/zero of=bigfile1 bs=1K count=600
Creating this file will generate a quota exceeded message on the system console, because you are now over the soft limit on the number of files you can create. (If you are logged in via a terminal program, not on the VMware console, you may not see the quota exceeded warning message.)
Note that even though you got a quota exceeded
warning message on the console, all 600KB were actually copied into the output file. You only exceeded the soft quota, not the hard quota.
files
). You should see that the number of blocks used exceeds the soft quota but not the hard quota.Run the same quota information command again and redirect the output to a file named user100_quota.txt
in the user100
home directory. This is just the user100
quota information, so it should be only three lines:
$ whoami
user100
$ pwd
/home/user100
$ wc user100_quota.txt
3 24 201 user100_quota.txt
You did read the words above about running all the commands in this section as user100
, right?
user100_quota.txt
files
) increased in the file. Why did the number increase before the quota command ran?Run ls
to display a long listing of all the pathnames in the user100
home directory, including hidden names. The number of pathnames listed as being owned by user100
should be exactly the same as the number of files given in the user100_quota.txt
file you created.
Type exit
to revert back to your sysadmin self.
Use sudo
to generate another overall /home
file system quota report for all users, redirecting the output into the file assignment10/repquota_grace.txt
View assignment10/repquota_grace.txt
and verify that it is consistent with the numbers in the user100_quota.txt
file.
User 100
again and do the following in the home directory:
Try to create another file, as follows. The command will give a “quota exceeded” message when the hard quota limit is reached:
$ whoami
user100
$ pwd
/home/user100
$ dd if=/dev/zero of=bigfile2 bs=1K count=200
You will see a quota error message from the dd
command part-way through the file creation. Note that this time the output file does not contain the expected 200KB of data. The file is truncated because the hard quota limit was reached. You are not allowed to use any more disk blocks.
5
if there is a .bash_history
file (there should be), and 4
if not.smallfile
and note:
5
).5
files (the soft limit) in it.6
). Programs trying to create new files or directories will fail and return error messages.Type exit
to revert back to your sysadmin self.
assignment10/repquota_hard.txt
assignment10/repquota_{grace,hard}.txt
into assignment10/repquota_diff.txt
and view the file to verify that the changes in usage look right:
root
user. No changes.root
user, or no changes for your own userid, you did not create the repquota_hard.txt
file correctly using sudo
from your own sysadmin account. Delete the file and review all the words on the previous step.Copy the user100
file named user100_quota.txt
into your own assignment10
directory. (Needs privilege; you know what to do.)
Change the ownership and group of all files in your own assignment10
directory to your own sysadmin account.
Do the following tasks on the console (in the VMware window) of your VM.
inittab
file to configure your system so that it boots by default into runlevel 2. (This changes one character in the file.) The changed inittab
should have these wc
and sum
numbers:
53 229 1666
and 64040 2
53 229 1666
and 59929 2
Reboot your system, and after it comes back up, log in and display the runlevel to verify that it is in runlevel 2.
Take a listing of all the processes running on your system using ps -e
and redirect the output to assignment10/pse_rc_2_normal.txt
(approximately 63 lines).
inittab
file. Disable by commenting out the one line that begins with the identifier l2
#
at the beginning of the line so that it becomes a comment line.inittab
should have these wc
and sum
numbers:
53 229 1666
and 59929 2
53 229 1667
and 60289 2
inittab
man page calls the rightmost colon-delimited field on a line (the fourth field) the process
field. (RTFM) Notice the name of the script (the process) that your l2
edit has disabled.Reboot your system, and after it comes back up, log in and display the runlevel to verify that it is still in runlevel 2.
l2
line that you disabled above.
ps -e
and redirect the output to assignment10/pse_rc_2_gone.txt
(approximately 42 lines).Count the number of lines (number of processes) in each of assignment10/pse_rc_2_{normal,gone}.txt
; one file should be about 20 lines bigger than the other file, since about 20 processes were not started by the missing l2
script.
Consider the SSH service provided by a process called sshd
. Do a grep
for sshd
in pse*
, and notice that it is present in the normal file but not in the gone file.
rc
script file that’s specified as the process to carry out in the l2
entry in the inittab
file that you had commented out earlier.for
loops in that script, and read the comment line above each for
loop.for
loops may be a bit daunting, so let’s do a few grep
commands on that rc
script file:
grep
for the word for
and read the output carefully. Note the loop variable name for each loop, and what it is iterating over.grep
for the word stop
and read the output carefully. Note that you have found that the word stop
is being used as an argument (to what? consider the for
loops).grep
for the word start
and read the output carefully. Note that you have found that the word start
is being used as an argument. (to what? consider the for
loops).Recall the script (process) line that you disabled in the inittab
file, above. Use sudo
to manually run this script and its number 2 argument. Running this process (script) should start all the missing runlevel 2 processes that were not started at boot time.
ps -e
).
pse_rc_2_normal.txt
file.sshd
).Restore the l2
entry in your system’s inittab
file. (Remove the comment character from the start of the line.)
Your system will continue to boot into runlevel 2 for the rest of this lab. Do not change the runlevel back to its previous value.
chkconfig
We’ll consider the
ntpd
service and runlevel 3. We’ll look at the contents of therc3.d
directory whilentpd
is seton
for runlevel 3. Then we’ll turnntpd
off
for runlevel 3, and look at the contents of therc3.d
directory again to see how it changed.
View the top of the script /etc/init.d/ntpd
and note the lines for chkconfig
control. Put the line that indicates the chkconfig
default runlevels and start and stop priority numbers into assignment10/ntpd_chkconfig.txt
$ wc ntpd_chkconfig.txt
1 5 21 ntpd_chkconfig.txt
$ sum ntpd_chkconfig.txt
09004 1
Run the command to display the runlevels for which the ntpd
service is on or off. Redirect the output of this command into assignment10/ntpd_before.txt
$ wc ntpd_before.txt
1 8 54 ntpd_before.txt
$ sum ntpd_before.txt
42633 1
Take a long ls
listing of /etc/rc.d/rc3.d/
and put this listing into assignment10/rc3d_before.txt
Run a grep
command for ntpd
in the rc3d_before.txt
file, and put the output into assignment10/rc3d_ntpd_before.txt
(should be one line). Verify the name of the symbolic link for ntpd
in rc3d_ntpd_before.txt
against the start priority number in ntpd_chkconfig.txt
$ wc -lw rc3d_ntpd_before.txt
1 11 rc3d_ntpd_before.txt
Use chkconfig
to turn ntpd
off in runlevel 3.
Run the command to display the runlevels for which the ntpd
service is on or off, and check to be sure it’s off in runlevel 3, but the other runlevels are unchanged. Redirect the output of this command into assignment10/ntpd_after.txt
$ wc ntpd_after.txt
1 8 55 ntpd_after.txt
$ sum ntpd_after.txt
65203 1
Now that you’ve used chkconfig
to turn ntpd
off in runlevel 3, take another long listing of /etc/rc.d/rc3.d
and put the output into assignment10/rc3d_after.txt
Run a grep
command for ntpd
in the rc3d_after.txt
file, and put the output into assignment10/rc3d_ntpd_after.txt
(should be one line). Verify the name of the script in rc3d_ntpd_after.txt
against the start or stop priority number in ntpd_chkconfig.txt
$ wc -lw rc3d_ntpd_after.txt
1 11 rc3d_ntpd_after.txt
Run the diff
command on rc3d_{before,after}.txt
to see what the chkconfig
command did. You should see one symbolic link has been removed, and one symbolic link has been created.
We’ll look at the logging of
ssh
activity. Then, we’ll change the file thatssh
logging goes to, and change it back.
View the configuration file for syslog
, and find the line dealing with the authpriv
facility (the line that starts with the word authpriv
). Put this line into assignment10/syslog_authpriv.txt
$ wc syslog_authpriv.txt
1 2 32 syslog_authpriv.txt
$ sum syslog_authpriv.txt
35835 1
View the configuration file for the SSH service daemon sshd
named /etc/ssh/sshd_config
and find the Logging
section. Copy the active Logging
configuration line (it starts with the word SyslogFacility
) into the file assignment10/sshd_logging.txt
$ wc sshd_logging.txt
1 2 24 sshd_logging.txt
$ sum sshd_logging.txt
50989 1
Remember the name of this sshd
configuration file and the location of this syslog
line. You will need to edit it, below.
Notice the correspondence between the contents of syslog_authpriv.txt
and sshd_logging.txt
and determine the file that sshd
log entries are added to.
In one window (console, or putty
, or ssh
), use the tail -f
command with sudo
to watch the file that sshd
log entries go to.
In another window, log in with ssh
or putty
, and observe the output of your tail -f
command.
Still in the same ssh
/ putty
window from the last step, use the sudo
command to run head
on the /etc/shadow
file, and observe additions to to the log file on which you’re running the tail -f
command. (where do sudo
invocations get logged?)
tail -f
with ^C
and then put the last 20 lines of that log file into assignment10/ssh_sudo_log.txt
tail -f
of the log file to ssh_sudo_log.txt
, and repeat the ssh
and sudo
steps to be sure the logging output goes into ssh_sudo_log.txt
sshd
configuration file viewed earlier. Edit that file to make the SSH service daemon switch from using the AUTHPRIV
to the AUTH
logging facility by uncommenting one line and commenting out another.
wc
on the file will be the same (119 397 3332
) and the sum
will change from 59355 4
to 47916 4
.Restart the sshd
service.
View the syslog
config file and put the line that controls the auth
facility (hint: look for a “catch-all”) into assignment10/syslog_auth.txt
$ wc syslog_auth.txt
1 2 60 syslog_auth.txt
$ sum syslog_auth.txt
30346 1
Similarly to how you monitored sshd
activity before, run tail -f
on the log file corresponding to the auth
facility, which is now used for sshd
logging.
Similarly to before, generate some sshd
activity to appear in the log by using ssh
or putty
, and confirm that you see a log entry on the correct log file that you’re monitoring due to the previous step.
Change /etc/ssh/sshd_config
back, and restart the sshd
service.
At Managing Quotas, Red Hat recommends a daily cron job to
touch /forcequotacheck
so thatquotacheck
will be run during the next reboot. We will follow Red Hat’s advice because it exercises many of the concepts we’ve been studying: booting and init scripts, quotas, shell scripting, regularly run sysadmin jobs, and logging.
/forcequotacheck
.
grep
the /etc/inittab
file for the sysinit
action.Now, grep
for forcequotacheck
in that script. You should see two lines mentioning the forcequotacheck
file. Run the command again, redirecting the output to assignment10/force_grep.txt
$ wc force_grep.txt
2 20 147 force_grep.txt
logger
command:
user.info
as the “facility.level” pairtesting
as the tagI made this log entry
as the messageTail /var/log/messages
to see your message from the previous step.
assignment10/forcequotacheck.sh
that takes no arguments and creates an empty /forcequotacheck
file, as follows:
logger
command as follows:
user.info
as the “facility.level” pair for all logging messages in this script.Attempting to force quota check upon next reboot
Create the empty /forcequotacheck
file using an if
statement with the following structure:
IF the creation of empty file /forcequotacheck is successful
log a message "Successfully forced quota check upon next reboot"
ELSE
log a message "Failed to force quota check upon next reboot"
sudo
sudo
so that it succeeds.
Allow the system cron
to run your script daily by copying your script file into the /etc/cron.daily
directory.
Change your logrotate
configuration file (in the /etc
directory) to keep 5 weeks worth of backlogs by default. You will change exactly one character on each of two lines. Your wc
and sum
should be 33 99 619
and 62121 1
.
Change your logrotate
configuration file for the yum
package (look for a logrotate
-related directory under /etc
for a yum
-specific file) to rotate the yum
logs monthy rather than yearly. Your wc
and sum
should be 7 12 101
and 38265 1
.
Change the user that receives logwatch
emails from root
to your own sysadmin userid.
Change the detail of logwatch
summaries from Low
to Med
(medium).
Use sudo -i
to simulate a root
login, and run the script /etc/cron.daily/0logwatch
(cron
does this daily, but you can do it too whenever you want).
logwatch
emails, you should have an email from logwatch
mail
command to view your email. (When you quit mail
and you have looked at a message, it gets saved in ~/mbox
which you can read with mail -f
More details in man mail
)&
-prompt, type the number of an email message (probably 1
)more
commands (spacebar to advance a screen, /something
to search for something
, etc)sshd
to see mentions of sshd
activityq
to quit viewing a messageq
to quit the mail program and have the messages you viewed stored in ~/mbox
Use chkconfig
to find out what for which runlevels the psacct
service is on. Put the output from the command you used into assignment10/psacct_levels.txt
$ wc psacct_levels.txt
1 8 58 psacct_levels.txt
$ sum psacct_levels.txt
60721 1
Turn on psacct
for runlevels 2
,3
,4
,and 5
Check the status of the psacct
service, and start it if it’s not enabled.
last
command to view a listing of last logged in users
user100
by using ssh
to login a few times: ssh user100@localhost
date
or who
and then exit
to log out again. Repeat once or twice.last
command to select and view the last logins of only User 100
, then run the command again, redirecting the output into assignment10/last_user100.txt
Do not use grep
or any pipeline for this. One command. RTFM.
$ tail -2 last_user100.txt | wc
2 7 38
Use the lastlog
to display a report of the most recent logins of all users
lastlog
command to select and view a two-line report of the logins for User 100
and then run the command again, redirecting the two lines into assignment10/lastlog_user100.txt
Do not use grep
or any pipeline for this. One command. RTFM.
$ head -1 lastlog_user100.txt | wc
1 4 50
Run the ac
command with the option to also print the individual totals (time totals) of the hours your users have been logged in. Run the command again, redirecting the output to assignment10/ac_individuals.txt
Run the lastcomm
command to see all of the commands that have been run on your system since you enabled psacct
and run the command again, redirecting the output to assigment10/lastcomm.txt
When you are finished, run the Checking Program to create an overall mark. Submit the output to Blackboard in the correct location.
Since we also do manual marking of student assignments, your final mark may not be the same as the mark submitted using the current version of the Checking Program. We do not guarantee that any version of the Checking Program will find all the errors in your work. Complete your assignments according to the specifications, not according to the incomplete set of the mistakes detected by the Checking Program.
The checking program resides on the Course Linux Server, but your work is on your CentOS Virtual Machine. There is a new Fetch program that you must download and use on your CentOS machine to copy information from your CentOS Virtual Machine to your account on the CLS so that the checking program can check it on the CLS.
Once the Fetch program has fetched these files from your Virtual Machine to the CLS, you can run the checking program on the CLS to check what is saved in the files. When you make changes on your CentOS Virtual Machine, you need to run the Fetch program again to update the saved files on the CLS.
Simply running the checking program on the CLS will not update the saved files on the CLS. You must run the Fetch program when you make changes on your CentOS Virtual Machine.
Do all the following steps on your CentOS 5.8 VM. Read through the whole list before you start typing anything.
root
account (same userid as Blackboard).Assignments/assignment10
(exactly the same directory hierarchy as you already have on the CLS), unless you already have this directory.assignment10
directory.As shown below, use wget
to get a copy of the Fetch program from this URL into a file named do.sh
: http://teaching.idallen.com/cst8177/13w/notes/data/assignment10wget.sh
CentOS$ wget -O do.sh http://teaching.idallen.com/cst8177/13w/notes/data/assignment10wget.sh
Saving to: `do.sh'
Make sure you have a file named do.sh
in your directory. You only need to download this once per assignment.
As shown below, use sudo
and sh
to run the do.sh
script you just downloaded to CentOS with the USER
environment variable set to your own CLS account userid (as stored in the USER
variable).
CentOS$ sudo USER=$USER sh do.sh
This Fetch program will connect from CentOS to the CLS using your account name. It will copy files from CentOS to your assignment10
directory on the CLS. It will then run the checking program on the CLS to check your work. You will need to answer one question about your IP address, and then wait and type in your CLS password.
It will look something like this:
CentOS$ whoami
abcd0001
CentOS$ hostname
abcd0001
CentOS$ pwd
/home/abcd0001/Assignments/assignment10
CentOS$ wget -O do.sh http://teaching.idallen.com/cst8177/13w/notes/data/assignment10wget.sh
Saving to: `do.sh'
CentOS$ sudo USER=$USER sh do.sh
---------------------------------------------------------------------------
abcd0001: FETCH version 1. Connecting to CLS as USER='abcd0001' using ssh
---------------------------------------------------------------------------
abcd0001: Use local Algonquin IP cst8177-alg.idallen.ca [y/N]? n
abcd0001: Please wait; using ssh to connect to user 'abcd0001' on cst8177.idallen.ca ...
*** COURSE LINUX SERVER ***
abcd0001@cst8177.idallen.ca's password: # enter your CLS password
---------------------------------------------------------------------------
idallen-ubuntu assignment10fetch_server.sh version 0 run by abcd0001.
Please wait; collecting info from abcd0001 Virtual Machine
---------------------------------------------------------------------------
VM files collected into Assignments/assignment10/abcd0001.tar.bz on CLS.
Now running check program for abcd0001 on CLS:
----------------------------------------------------------------------------
idallen-ubuntu check: Assignments/assignment10 check program version 00
*** Checking account for abcd0001 on idallen-ubuntu ***
[... checking program output appears here ...]
assignment10
on the CLS..bashrc
file or world-writable files on the CLS). These errors are on the CLS, not on your CentOS machine.When you are done with your assignment, you need to run the checking program one last time on the CLS and submit the output file, as follows:
Do all this on the Course Linux Server:
There is a Checking Program named assignment10check
in the Source Directory on the CLS. Create a Symbolic Link to this program named check
under your new assignment10
directory so that you can easily run the program to check your work and assign your work a mark. Note: You can create a symbolic link to this executable program but you do not have permission to read or copy the program file.
Execute the above “check” program on the CLS using its symbolic link. (Review the CST8207 Search Path notes if you forget how to run a program by pathname from the command line.) This program will check your work, assign you a mark, and display the output on your screen. (You may want to paginate the long output so you can read all of it.)
You may run the “check” program as many times as you wish, to correct mistakes and get the best mark. Some tasks sections require you to finish the whole section before running the checking program at the end; you may not always be able to run the checking program successfully after every single task step.
When you are done with checking this assignment, and you like what you see on your screen, redirect the output of the Checking Program into the text file assignment10.txt
under your assignment10
directory on the CLS. Use the exact name assignment10.txt
in your assignment10
directory. You only get one chance to get the name correct. Case (upper/lower case letters) matters. Be absolutely accurate, as if your marks depended on it. Do not edit the file.
Transfer the above assignment10.txt
file from the CLS to your local computer and verify its contents. Do not edit this file! No empty files, please! Edited or damaged files will not be marked. You may want to refer to this term’s updated File Transfer notes.
Submit the assignment10.txt
file under the correct Assignment area on Blackboard (with the exact name) before the due date. Upload the file via the assignment10 “Upload Assignment” facility in Blackboard: click on the underlined assignment10 link in Blackboard. Use “Attach File” and “Submit” to upload your plain text file.
No word-processor documents. Do not send email. Use only “Attach File”. Do not enter any text into the Submission or Comments boxes on Blackboard; I do not read them. Use only the “Attach File” section followed by the Submit button. (If you want to send me comments about your assignment, use email.)
Your instructor may also mark the assignment10
directory in your CLS account after the due date. Leave everything there on the CLS. Do not delete any assignment work from the CLS until after the term is over!
Use the exact file name given above. Upload only one single file of plain text, not HTML, not MSWord. No fonts, no word-processing. Plain text only.
Did I mention that the format is plain text (suitable for VIM/Nano/Pico/Gedit or Notepad)?
NO EMAIL, WORD PROCESSOR, PDF, RTF, or HTML DOCUMENTS ACCEPTED.
No marks are awarded for submitting under the wrong assignment number or for using the wrong file name. Use the exact name given above.
WARNING: Some inattentive students don’t read all these words. Don’t make that mistake! Be exact.
READ ALL THE WORDS. OH PLEASE, PLEASE, PLEASE READ ALL THE WORDS!
Author:
| Todd Kelley / Richard Donnelly and
| Ian! D. Allen - idallen@idallen.ca - Ottawa, Ontario, Canada
| Home Page: http://idallen.com/ Contact Improv: http://contactimprov.ca/
| College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/
| Defend digital freedom: http://eff.org/ and have fun: http://fools.ca/
Plain Text - plain text version of this page in Pandoc Markdown format
Author Ian! D. Allen