% CST8177 Assignment 10 - Quotas, Services, Logging, Process Accounting % Todd Kelley Richard Donnelly Ian! D. Allen - idallen@idallen.ca - www.idallen.com % Winter 2013 - January to April 2013 - Updated Wed Apr 17 09:28:17 EDT 2013 Due Date and Deliverables ========================= - **Due Date**: `23h59 (11:59pm) Saturday April 20, 2013 (end of Week 14)` - This is the LAST assignment. - Late assignments or wrong file names may not be marked. Be punctual. - **Available online**: - Version 1: 03:00 Mon Apr 8, 2013 (preliminary) - Version 2: 08:00 Mon Apr 8, 2013 (preliminary) - Version 3: 09:15 Mon Apr 8, 2013 (may be revised slightly to fix errors; no checking program yet) - Version 4: 12:30 Mon Apr 15, 2013 (removed mention of grace period; may be revised slightly for clarity; checking program started) - **Prerequisites**: - [CST8207 GNU/Linux Operating Systems I] - Linux CentOS 5.8 installed in a virtual machine via [CentOS 5.8 VM] - an ability to **READ ALL THE WORDS** to work effectively - **Deliverables**: 1. This assignment builds on both [Assignment #07] and [Assignment #09]. It assumes you have successfully completed both. 2. Modifications to your [CentOS 5.8 VM], as given in this assignment. - **Do not delete any assignment work from your [CentOS 5.8 VM] until after the term is over!** 3. Directory structure and files created and left for marking on the [Course Linux Server] (**CLS**). - **Do not delete any assignment work from the CLS until after the term is over!** 4. One text file uploaded to Blackboard according to the steps in the [Checking Program] section below. Purpose of this Assignment ========================== 1. Practise working with Quota mechanism 2. Practise working with System Services 3. Explore SysVinit system of system initialization 4. Practise working with `syslog` logging mechanism 5. Explore other forms of logging and log rotation Remember to **READ ALL THE WORDS** to work effectively and not waste time. Introduction and Overview ========================= This is an overview of how you are expected to complete this assignment. Read all the words before you start working. 1. Complete the [Tasks] listed below. 2. Verify your own work before running the [Checking Program]. 3. Run the [Checking Program] to help you find errors. 4. Submit the output of the [Checking Program] to Blackboard before the due date. 5. **READ ALL THE WORDS** to work effectively and not waste time. > Since we also do manual marking of student assignments, your final mark may > not be the same as the mark submitted using the current version of the > [Checking Program]. We do not guarantee that any version of the [Checking > Program] will find all the errors in your work. Complete your assignments > according to the specifications, not according to the incomplete set of the > mistakes detected by the [Checking Program]. When you are finished the tasks, leave the files and directories in place as part of your deliverables. **Do not delete any assignment work until after the term is over!** Assignments may be re-marked at any time; you must have your term work available right until term end. Searching the course notes -------------------------- The previous term’s course notes are always available on the Internet here: [CST8207 GNU/Linux Operating Systems I]. All the current and previous terms notes files are also stored on the CLS. You can learn about how to read and search these notes files using the command line on the CLS under the heading *Copies of the CST8207 course notes* near the bottom of the page [Course Linux Server]. The current CST8177 term notes are searchable there, too! The Source Directory -------------------- All references to the “Source Directory” below are to the CLS directory `~idallen/cst8177/13w/assignment10/` and that name starts with a *tilde* character followed by a userid with no intervening slash. Tasks ===== - Do the following tasks in order, from top to bottom. - Pay attention as to which tasks must be done in your own [CentOS 5.8 VM] and which must be done in your account on the [Course Linux Server]. - Many of the commands you will use in this assignment require `root` privileges, and in those cases you may need to use `sudo` to run the privileged command without explicitly being told to do so. - **READ ALL THE WORDS!** and do not skip steps. Set Up ------ 1. Complete your [CentOS 5.8 VM] Installation and Verification. - Make sure it passes the checks for disk sizes and package counts. 2. Complete these critical system administration tasks required in [Assignment #07]: a. create the `sudoers` group b. create your own account c. install and configure the NTP package d. copy your start-up files 3. Complete these critical system administration tasks required in [Assignment #09]: a. adjust your `PATH` for sysadmin work b. add a disk c. migrate `/home` directory to its own file system with mounted with quota options d. grow the root file system e. install VMware Tools 4. On the [Course Linux Server], make the directory `~/Assignments/assignment10`, in which some information will be stored related to this assignment, and also Create the `check` symbolic link needed to run the [Checking Program]. 5. In your own account in your [CentOS 5.8 VM], also make the directory `~/Assignments/assignment10` 6. Create a snapshot of your [CentOS 5.8 VM]. - Enter a comment explaining where and when you took this snapshot. - You can restore back to this snapshot if anything goes wrong. Clean up groups from Assignment 09 ---------------------------------- > In [Assignment #07 Bulk User Management], you deleted `user010` and > `user011` but their corresponding groups may have been left behind. 1. Delete the `user010` and `user011` groups, if they are still present on your machine. - You may see an error about removing the shadow group entry, because the `newusers` command did not create shadow group entries. Ignore the error – the groups don’t exist in the group shadow file. Managing user quotas -------------------- > You must have `/home` mounted on its own file system to do this section. > You did that in [Assignment #09]. > > Refer to [Red Hat Quotas] 1. Take your CentOS VM into single user mode. 2. Make sure your `/home` file system is mounted with quotas enabled. (You added quota options in [Assignment #09].) 3. Use the `quotacheck` command with options appropriate to initialize the group quota file and user quota file for the `/home` filesystem. 4. Enable quotas (turn quotas on) for the `/home` filesystem. - Run the `quota` command as `User 100` and ensure you see no quotas. - If you see the error `quota: Can't open quotafile /home/aquota.user: Permission denied` then you forgot to turn quotas on. 5. For `User 100`, set the following (unrealistic) test quota values: - **soft block limit**: 500KB worth of 1K blocks (`500`) - **hard block limit**: 700KB worth of 1K blocks (`700`) - **soft inode limit**: `5` - **hard inode limit**: `6` 6. Generate an overall `/home` file system quota report for all users and verify that `User 100` has the correct limits. This is a full quota report, so it should have over 100 lines. Generate it again, redirecting the output to `assignment10/repquota.txt` 7. Change the ownership and group of this quota report file to yourself and your group. (Always change files stored in your own account to your own sysadmin userid.) 8. Take your CentOS VM back to runlevel 3 and log in as your sysadmin account. - Verify you are in runlevel 3 with the appropriate command. 9. Use `sudo` to run `su - user100` to simulate a full login as `User 100`. **Do *all* the following section as `user100` in the `user100` home directory**: a. Exceed the soft block limit by creating a 600KB file with this command: $ whoami user100 $ pwd /home/user100 $ dd if=/dev/zero of=bigfile1 bs=1K count=600 Creating this file will generate a quota exceeded message on the system console, because you are now over the soft limit on the number of files you can create. (If you are logged in via a terminal program, not on the VMware console, you may not see the quota exceeded warning message.) Note that even though you got a `quota exceeded` warning message on the console, all 600KB were actually copied into the output file. You only exceeded the *soft* quota, not the *hard* quota. b. Display the quota information and note the number of blocks used and the number of pathnames (`files`). You should see that the number of blocks used exceeds the soft quota but not the hard quota. c. Run the same quota information command again and redirect the output to a file named `user100_quota.txt` in the `user100` home directory. This is just the `user100` quota information, so it should be only three lines: $ whoami user100 $ pwd /home/user100 $ wc user100_quota.txt 3 24 201 user100_quota.txt You did read the words above about running all the commands in this section as `user100`, right? d. View the contents of `user100_quota.txt` - Note how the number of pathnames (`files`) increased in the file. Why did the number increase *before* the quota command ran? - Note how the number of blocks did *not* increase in the file. - Display the quota again (without redirection) and note that the number of blocks has now gone up. - Why did the increased number of blocks not go into the redirection output file? *[Answers are Here]* e. Run `ls` to display a long listing of all the pathnames in the `user100` home directory, including hidden names. The number of pathnames listed as being owned by `user100` should be exactly the same as the number of files given in the `user100_quota.txt` file you created. 10. Type `exit` to revert back to your sysadmin self. 11. Use `sudo` to generate another overall `/home` file system quota report for all users, redirecting the output into the file `assignment10/repquota_grace.txt` 12. View `assignment10/repquota_grace.txt` and verify that it is consistent with the numbers in the `user100_quota.txt` file. 13. Become `User 100` again and do the following in the home directory: a. Try to create another file, as follows. The command will give a “quota exceeded” message when the hard quota limit is reached: $ whoami user100 $ pwd /home/user100 $ dd if=/dev/zero of=bigfile2 bs=1K count=200 You will see a quota error message from the `dd` command part-way through the file creation. Note that this time the output file does *not* contain the expected 200KB of data. The file is truncated because the hard quota limit was reached. You are not allowed to use any more disk blocks. b. Display the quota information as you did before and note that the hard block limit has been reached. - The number of files should be listed as `5` if there is a `.bash_history` file (there should be), and `4` if not. c. Create an empty file named `smallfile` and note: - Creating even an empty file will generate a quota exceeded message on the system console, because you are now over the soft limit on the number of files you can create (only `5`). - If you are logged in via a terminal program, not on the VMware console, you may not see the file limit quota warning message. - You will see the quota exceeded message when the account has more than `5` files (the soft limit) in it. - After creating one or two more empty files, you will find that you get error messages and can’t create any more, because you hit the hard limit on the number of files you can create (max `6`). Programs trying to create new files or directories will fail and return error messages. - Note that you *can* create **hard links** to existing files, since hard links only create new names, not new disk space. - You *cannot* create symbolic links, since symbolic links require disk space to store the link pathname. - You cannot create directories either, since a directory is considered a *file* for the purpose of quotas. (Anything that requires a new inode is considered a *file* here.) d. Display the quota information and verify that both the block and files quotas have hit their hard limits for this user. e. Type `exit` to revert back to your sysadmin self. 14. As your sysadmin user, generate another quota report, redirecting the output into your own file `assignment10/repquota_hard.txt` - Make sure you do this as your sysadmin user so that the owner of the redirection output file is your sysadmin user, so that the updated quota information includes this new file. 15. Put the difference between `assignment10/repquota_{grace,hard}.txt` into `assignment10/repquota_diff.txt` and view the file to verify that the changes in usage look right: - Exactly two users’ usage should have changed. If you do not see exactly two users, review all the words on the previous step. - Nothing should be shown for the `root` user. No changes. - If you see any changes for the `root` user, or no changes for your own userid, you did not create the `repquota_hard.txt` file correctly using `sudo` from your own sysadmin account. Delete the file and review all the words on the previous step. 16. Copy the `user100` file named `user100_quota.txt` into your own `assignment10` directory. (Needs privilege; you know what to do.) 17. Change the ownership and group of all files in your own `assignment10` directory to your own sysadmin account. Exploring SysVinit ------------------ 1. Do the following tasks on the console (in the VMware window) of your VM. 2. Edit your `inittab` file to configure your system so that it boots by default into runlevel 2. (This changes one character in the file.) The changed `inittab` should have these `wc` and `sum` numbers: - Before: `53 229 1666` and `64040 2` - After: `53 229 1666` and `59929 2` 3. Reboot your system, and after it comes back up, log in and display the runlevel to verify that it is in runlevel 2. 4. Take a listing of all the processes running on your system using `ps -e` and redirect the output to `assignment10/pse_rc_2_normal.txt` (approximately 63 lines). 5. Edit your system’s `inittab` file. Disable by **commenting out** the one line that begins with the identifier `l2` - To **comment out** a line, insert a `#` at the beginning of the line so that it becomes a comment line. - The changed `inittab` should have these `wc` and `sum` numbers: - Before: `53 229 1666` and `59929 2` - After: `53 229 1667` and `60289 2` - The `inittab` man page calls the rightmost colon-delimited field on a line (the fourth field) the `process`field. (RTFM) Notice the name of the script (the *process*) that your `l2` edit has disabled. - When you next reboot the system, the services in runlevel 2 will *not* be started, because this runlevel 2 script will *not* run to start them. 6. Reboot your system, and after it comes back up, log in and display the runlevel to verify that it is still in runlevel 2. 7. Even though the system has booted into runlevel 2, the usual set of processes that run in runlevel 2 have not been started, because of the missing `l2` line that you disabled above. - Take another listing of all the processes running on your system using `ps -e` and redirect the output to `assignment10/pse_rc_2_gone.txt` (approximately 42 lines). 8. Count the number of lines (number of processes) in each of `assignment10/pse_rc_2_{normal,gone}.txt`; one file should be about 20 lines bigger than the other file, since about 20 processes were not started by the missing `l2` script. 9. Consider the SSH service provided by a process called `sshd`. Do a `grep` for `sshd` in `pse*`, and notice that it is present in the *normal* file but not in the *gone* file. 10. **OPTIONAL:** You have enough scripting knowledge to understand how the system actually finds and starts all the processes in a runlevel. Skip this section and come back to it later if you are curious. a. This numbered section is **OPTIONAL**. You do not have to do it. b. Display the `rc` script file that’s specified as the process to carry out in the `l2` entry in the `inittab` file that you had commented out earlier. c. Find the two `for` loops in that script, and read the comment line above each `for` loop. d. The script code in those `for` loops may be a bit daunting, so let’s do a few `grep` commands on that `rc` script file: 1. `grep` for the word `for` and read the output carefully. Note the loop variable name for each loop, and what it is iterating over. 2. `grep` for the word `stop` and read the output carefully. Note that you have found that the word `stop` is being used as an argument (to what? consider the `for` loops). 3. `grep` for the word `start` and read the output carefully. Note that you have found that the word `start` is being used as an argument. (to what? consider the `for` loops). 11. Recall the script (process) line that you disabled in the `inittab` file, above. Use `sudo` to manually run this script and its number 2 argument. Running this process (script) should start all the missing runlevel 2 processes that were not started at boot time. 12. Count the number of processes running (`ps -e`). - The list of processes running now should almost match the list of processes you saved in the `pse_rc_2_normal.txt` file. - The system is now fully in runlevel 2, with the correct set of runlevel 2 processes started (including the missing `sshd`). 13. Restore the `l2` entry in your system’s `inittab` file. (Remove the comment character from the start of the line.) Your system will continue to boot into runlevel 2 for the rest of this lab. Do not change the runlevel back to its previous value. Exploring `chkconfig` --------------------- > We’ll consider the `ntpd` service and runlevel 3. We’ll look at the > contents of the `rc3.d` directory while `ntpd` is set `on` for runlevel 3. > Then we’ll turn `ntpd` `off` for runlevel 3, and look at the contents of > the `rc3.d` directory again to see how it changed. 1. View the top of the script `/etc/init.d/ntpd` and note the lines for `chkconfig` control. Put the line that indicates the `chkconfig` default runlevels and start and stop priority numbers into `assignment10/ntpd_chkconfig.txt` $ wc ntpd_chkconfig.txt 1 5 21 ntpd_chkconfig.txt $ sum ntpd_chkconfig.txt 09004 1 2. Run the command to display the runlevels for which the `ntpd` service is on or off. Redirect the output of this command into `assignment10/ntpd_before.txt` $ wc ntpd_before.txt 1 8 54 ntpd_before.txt $ sum ntpd_before.txt 42633 1 3. Take a long `ls` listing of `/etc/rc.d/rc3.d/` and put this listing into `assignment10/rc3d_before.txt` 4. Run a `grep` command for `ntpd` in the `rc3d_before.txt` file, and put the output into `assignment10/rc3d_ntpd_before.txt` (should be one line). Verify the name of the symbolic link for `ntpd` in `rc3d_ntpd_before.txt` against the start priority number in `ntpd_chkconfig.txt` $ wc -lw rc3d_ntpd_before.txt 1 11 rc3d_ntpd_before.txt 5. Use `chkconfig` to turn `ntpd` off in runlevel 3. 6. Run the command to display the runlevels for which the `ntpd` service is on or off, and check to be sure it’s off in runlevel 3, but the other runlevels are unchanged. Redirect the output of this command into `assignment10/ntpd_after.txt` $ wc ntpd_after.txt 1 8 55 ntpd_after.txt $ sum ntpd_after.txt 65203 1 7. Now that you’ve used `chkconfig` to turn `ntpd` off in runlevel 3, take another long listing of `/etc/rc.d/rc3.d` and put the output into `assignment10/rc3d_after.txt` 8. Run a `grep` command for `ntpd` in the `rc3d_after.txt` file, and put the output into `assignment10/rc3d_ntpd_after.txt` (should be one line). Verify the name of the script in `rc3d_ntpd_after.txt` against the start or stop priority number in `ntpd_chkconfig.txt` $ wc -lw rc3d_ntpd_after.txt 1 11 rc3d_ntpd_after.txt 9. Run the `diff` command on `rc3d_{before,after}.txt` to see what the `chkconfig` command did. You should see one symbolic link has been removed, and one symbolic link has been created. Logging ------- > We’ll look at the logging of `ssh` activity. Then, we’ll change the file > that `ssh` logging goes to, and change it back. 1. View the configuration file for `syslog`, and find the line dealing with the `authpriv` facility (the line that starts with the word `authpriv`). Put this line into `assignment10/syslog_authpriv.txt` $ wc syslog_authpriv.txt 1 2 32 syslog_authpriv.txt $ sum syslog_authpriv.txt 35835 1 2. View the configuration file for the SSH service daemon `sshd` named `/etc/ssh/sshd_config` and find the `Logging` section. Copy the active `Logging` configuration line (it starts with the word `SyslogFacility`) into the file `assignment10/sshd_logging.txt` $ wc sshd_logging.txt 1 2 24 sshd_logging.txt $ sum sshd_logging.txt 50989 1 Remember the name of this `sshd` configuration file and the location of this `syslog` line. You will need to edit it, below. 3. Notice the correspondence between the contents of `syslog_authpriv.txt` and `sshd_logging.txt` and determine the file that `sshd` log entries are added to. 4. In one window (console, or `putty`, or `ssh`), use the `tail -f` command with `sudo` to watch the file that `sshd` log entries go to. 5. In another window, log in with `ssh` or `putty`, and observe the output of your `tail -f` command. 6. Still in the same `ssh` / `putty` window from the last step, use the `sudo` command to run `head` on the `/etc/shadow` file, and observe additions to to the log file on which you’re running the `tail -f` command. (where do `sudo` invocations get logged?) 7. Stop the `tail -f` with `^C` and then put the last 20 lines of that log file into `assignment10/ssh_sudo_log.txt` a. View this file to be sure it includes the output you saw in the previous steps. b. If the file doesn’t contain those lines, then redirect a `tail -f` of the log file to `ssh_sudo_log.txt`, and repeat the `ssh` and `sudo` steps to be sure the logging output goes into `ssh_sudo_log.txt` 8. Recall the name of the `sshd` configuration file viewed earlier. Edit that file to make the SSH service daemon switch from using the `AUTHPRIV` to the `AUTH` logging facility by uncommenting one line and commenting out another. - When you’re done the `wc` on the file will be the same (`119 397 3332`) and the `sum` will change from `59355 4` to `47916 4`. 9. Restart the `sshd` service. 10. View the `syslog` config file and put the line that controls the `auth` facility (hint: look for a “catch-all”) into `assignment10/syslog_auth.txt` $ wc syslog_auth.txt 1 2 60 syslog_auth.txt $ sum syslog_auth.txt 30346 1 11. Similarly to how you monitored `sshd` activity before, run `tail -f` on the log file corresponding to the `auth` facility, which is now used for `sshd` logging. 12. Similarly to before, generate some `sshd` activity to appear in the log by using `ssh` or `putty`, and confirm that you see a log entry on the correct log file that you’re monitoring due to the previous step. 13. Change `/etc/ssh/sshd_config` back, and restart the `sshd` service. Writing to the logs from a script --------------------------------- > At [Managing Quotas], Red Hat recommends a daily cron job to > `touch /forcequotacheck` so that `quotacheck` will be run during the next > reboot. We will follow Red Hat’s advice because it exercises many of the > concepts we’ve been studying: booting and init scripts, quotas, shell > scripting, regularly run sysadmin jobs, and logging. 1. Let’s verify that the system init script actually does pay attention to the file `/forcequotacheck`. a. Determine what the system init script is: `grep` the `/etc/inittab` file for the `sysinit` action. b. Now, `grep` for `forcequotacheck` in that script. You should see two lines mentioning the `forcequotacheck` file. Run the command again, redirecting the output to `assignment10/force_grep.txt` $ wc force_grep.txt 2 20 147 force_grep.txt 2. Try out the `logger` command: a. Use `user.info` as the “facility.level” pair b. Use `testing` as the tag c. Use `I made this log entry` as the message 3. Tail `/var/log/messages` to see your message from the previous step. 4. Write a script named `assignment10/forcequotacheck.sh` that takes no arguments and creates an empty `/forcequotacheck` file, as follows: a. Put our standard International script header at the top. b. Add argument checking. Print the standard error and usage messages and exit with a non-zero status if any arguments are supplied to the script. c. Write to the system log file using a `logger` command as follows: 1. Use `user.info` as the “facility.level” pair for all logging messages in this script. 2. Use the current script name as the tag for all logging messages in this script. - What variable should you use to get the script’s current name? 3. Log the message: `Attempting to force quota check upon next reboot` d. Create the empty `/forcequotacheck` file using an `if` statement with the following structure: IF the creation of empty file /forcequotacheck is successful log a message "Successfully forced quota check upon next reboot" ELSE log a message "Failed to force quota check upon next reboot" e. Test your script with arguments to be sure the error messages work correctly. f. Test your script by running it as your sysadmin user without `sudo` - It should fail. (Why?) - Check the logs for the messages appropriate for this failure. g. Test your script with `sudo` so that it succeeds. - Check the logs for the messages appropriate for success. 5. Allow the system `cron` to run your script daily by copying your script file into the `/etc/cron.daily` directory. Logrotate operations -------------------- 1. Change your `logrotate` configuration file (in the `/etc` directory) to keep 5 weeks worth of backlogs by default. You will change exactly one character on each of two lines. Your `wc` and `sum` should be `33 99 619` and `62121 1`. 2. Change your `logrotate` configuration file for the `yum` package (look for a `logrotate`-related directory under `/etc` for a `yum`-specific file) to rotate the `yum` logs monthy rather than yearly. Your `wc` and `sum` should be `7 12 101` and `38265 1`. Logwatch -------- 1. Change the user that receives `logwatch` emails from `root` to your own sysadmin userid. 2. Change the detail of `logwatch` summaries from `Low` to `Med` (medium). 3. Use `sudo -i` to simulate a `root` login, and run the script `/etc/cron.daily/0logwatch` (`cron` does this daily, but you can do it too whenever you want). 4. Revert back to your sysadmin user, and if you successfully changed the user that receives `logwatch` emails, you should have an email from `logwatch` a. Run the `mail` command to view your email. (When you quit `mail` and you have looked at a message, it gets saved in `~/mbox` which you can read with `mail -f` More details in `man mail` ) b. At the `&`-prompt, type the number of an email message (probably `1`) c. Use `more` commands (spacebar to advance a screen, `/something` to search for `something`, etc) d. Search for `sshd` to see mentions of `sshd` activity e. Type `q` to quit viewing a message f. Type `q` to quit the mail program and have the messages you viewed stored in `~/mbox` Process Accounting and Login History ------------------------------------ 1. Use `chkconfig` to find out what for which runlevels the `psacct` service is on. Put the output from the command you used into `assignment10/psacct_levels.txt` $ wc psacct_levels.txt 1 8 58 psacct_levels.txt $ sum psacct_levels.txt 60721 1 2. Turn on `psacct` for runlevels `2`,`3`,`4`,and `5` 3. Check the status of the `psacct` service, and start it if it’s not enabled. 4. Use the `last` command to view a listing of last logged in users - Create some login records for `user100` by using `ssh` to login a few times: `ssh user100@localhost` - Once logged in, type a few commands such as `date` or `who` and then `exit` to log out again. Repeat once or twice. 5. Use the `last` command to select and view the last logins of only `User 100`, then run the command again, redirecting the output into `assignment10/last_user100.txt` - Do not use `grep` or any pipeline for this. One command. RTFM. $ tail -2 last_user100.txt | wc 2 7 38 6. Use the `lastlog` to display a report of the most recent logins of all users 7. Use the `lastlog` command to select and view a two-line report of the logins for `User 100` and then run the command again, redirecting the two lines into `assignment10/lastlog_user100.txt` - Do not use `grep` or any pipeline for this. One command. RTFM. $ head -1 lastlog_user100.txt | wc 1 4 50 8. Run the `ac` command with the option to also print the individual totals (time totals) of the hours your users have been logged in. Run the command again, redirecting the output to `assignment10/ac_individuals.txt` 9. Run the `lastcomm` command to see all of the commands that have been run on your system since you enabled `psacct` and run the command again, redirecting the output to `assigment10/lastcomm.txt` When you are done ----------------- When you are finished, run the [Checking Program] to create an overall mark. Submit the output to Blackboard in the correct location. > Since we also do manual marking of student assignments, your final mark may > not be the same as the mark submitted using the current version of the > [Checking Program]. We do not guarantee that any version of the [Checking > Program] will find all the errors in your work. Complete your assignments > according to the specifications, not according to the incomplete set of the > mistakes detected by the [Checking Program]. 1. Optional: Keeping your base [CentOS 5.8 VM] snapshot, remove any intermediate snapshots you no longer require, to free up disk space. - Be careful not to remove your current work! Checking, Marking, and Submitting your Work =========================================== The checking program resides on the [Course Linux Server], but your work is on your CentOS Virtual Machine. There is a new **Fetch** program that you must download and use on your CentOS machine to copy information from your CentOS Virtual Machine to your account on the CLS so that the checking program can check it on the CLS. Once the **Fetch** program has fetched these files from your Virtual Machine to the CLS, you can run the checking program on the CLS to check what is saved in the files. When you make changes on your CentOS Virtual Machine, you need to run the **Fetch** program again to update the saved files on the CLS. Simply running the checking program on the CLS will *not* update the saved files on the CLS. You must run the **Fetch** program when you make changes on your CentOS Virtual Machine. Part I - Fetch and Check ------------------------ Do all the following steps on your [CentOS 5.8 VM]. Read through the whole list before you start typing anything. 1. Log in to CentOS as your sysadmin non-`root` account (same userid as Blackboard). 2. Create a directory in your sysadmin account named `Assignments/assignment10` (exactly the same directory hierarchy as you already have on the CLS), unless you already have this directory. 3. Change to your above `assignment10` directory. 4. As shown below, use `wget` to get a copy of the **Fetch** program from this URL into a file named `do.sh`: CentOS$ wget -O do.sh http://teaching.idallen.com/cst8177/13w/notes/data/assignment10wget.sh Saving to: `do.sh' Make sure you have a file named `do.sh` in your directory. You only need to download this once per assignment. 5. As shown below, use `sudo` and `sh` to run the `do.sh` script you just downloaded to CentOS with the `USER` environment variable set to your own CLS account userid (as stored in the `USER` variable). CentOS$ sudo USER=$USER sh do.sh 6. This **Fetch** program will connect from CentOS to the CLS using your account name. It will copy files from CentOS to your `assignment10` directory on the CLS. It will then run the checking program on the CLS to check your work. You will need to answer one question about your IP address, and then wait and type in your CLS password. It will look something like this: CentOS$ whoami abcd0001 CentOS$ hostname abcd0001 CentOS$ pwd /home/abcd0001/Assignments/assignment10 CentOS$ wget -O do.sh http://teaching.idallen.com/cst8177/13w/notes/data/assignment10wget.sh Saving to: `do.sh' CentOS$ sudo USER=$USER sh do.sh --------------------------------------------------------------------------- abcd0001: FETCH version 1. Connecting to CLS as USER='abcd0001' using ssh --------------------------------------------------------------------------- abcd0001: Use local Algonquin IP cst8177-alg.idallen.ca [y/N]? n abcd0001: Please wait; using ssh to connect to user 'abcd0001' on cst8177.idallen.ca ... *** COURSE LINUX SERVER *** abcd0001@cst8177.idallen.ca's password: # enter your CLS password --------------------------------------------------------------------------- idallen-ubuntu assignment10fetch_server.sh version 0 run by abcd0001. Please wait; collecting info from abcd0001 Virtual Machine --------------------------------------------------------------------------- VM files collected into Assignments/assignment10/abcd0001.tar.bz on CLS. Now running check program for abcd0001 on CLS: ---------------------------------------------------------------------------- idallen-ubuntu check: Assignments/assignment10 check program version 00 *** Checking account for abcd0001 on idallen-ubuntu *** [... checking program output appears here ...] ### Notes on the Fetch program - This **Fetch** program updates your saved files on the CLS and then runs the checking program on the CLS. If you only run the checking program on the CLS, it won’t update the files from your CentOS VM and will check the exiting files saved under `assignment10` on the CLS. - The checking program is running on the CLS, not on your CentOS VM. At the start, the checking program will issue messages relevant to your account on the CLS (e.g. errors in your CLS `.bashrc` file or world-writable files on the CLS). These errors are on the CLS, not on your CentOS machine. Part II - Check and Submit -------------------------- When you are done with your assignment, you need to run the checking program one last time on the CLS and submit the output file, as follows: Do all this on the [Course Linux Server]: 1. There is a [Checking Program] named `assignment10check` in the [Source Directory] on the CLS. Create a [Symbolic Link] to this program named `check` under your new `assignment10` directory so that you can easily run the program to check your work and assign your work a mark. Note: You can create a symbolic link to this executable program but you do not have permission to read or copy the program file. 2. Execute the above “check” program on the CLS using its symbolic link. (Review the [CST8207 Search Path] notes if you forget how to run a program by pathname from the command line.) This program will check your work, assign you a mark, and display the output on your screen. (You may want to paginate the long output so you can read all of it.) You may run the “check” program as many times as you wish, to correct mistakes and get the best mark. Some tasks sections require you to finish the whole section before running the checking program at the end; you may not always be able to run the checking program successfully after every single task step. 3. When you are done with checking this assignment, and you like what you see on your screen, redirect the output of the [Checking Program] into the text file `assignment10.txt` under your `assignment10` directory on the CLS. Use the *exact* name `assignment10.txt` in your `assignment10` directory. You only get *one* chance to get the name correct. Case (upper/lower case letters) matters. Be absolutely accurate, as if your marks depended on it. Do not edit the file. 4. Transfer the above `assignment10.txt` file from the CLS to your local computer and verify its contents. Do not edit this file! No empty files, please! Edited or damaged files will not be marked. You may want to refer to this term’s updated [File Transfer] notes. 5. Submit the `assignment10.txt` file under the correct Assignment area on Blackboard (with the exact name) before the due date. Upload the file via the **assignment10** “Upload Assignment” facility in Blackboard: click on the underlined **assignment10** link in Blackboard. Use “**Attach File**” and “**Submit**” to upload your plain text file. No word-processor documents. Do not send email. Use only “Attach File”. Do not enter any text into the **Submission** or **Comments** boxes on Blackboard; I do not read them. Use only the “**Attach File**” section followed by the **Submit** button. (If you want to send me comments about your assignment, use email.) 6. Your instructor may also mark the `assignment10` directory in your CLS account after the due date. Leave everything there on the CLS. **Do not delete any assignment work from the CLS until after the term is over!** Use the *exact* file name given above. Upload only one single file of plain text, not HTML, not MSWord. No fonts, no word-processing. Plain text only. Did I mention that the format is plain text (suitable for VIM/Nano/Pico/Gedit or Notepad)? **NO EMAIL, WORD PROCESSOR, PDF, RTF, or HTML DOCUMENTS ACCEPTED.** No marks are awarded for submitting under the wrong assignment number or for using the wrong file name. Use the exact name given above. WARNING: Some inattentive students don’t read all these words. Don’t make that mistake! Be exact. **READ ALL THE WORDS. OH PLEASE, PLEASE, PLEASE READ ALL THE WORDS!** -- | Todd Kelley / Richard Donnelly and | Ian! D. Allen - idallen@idallen.ca - Ottawa, Ontario, Canada | Home Page: http://idallen.com/ Contact Improv: http://contactimprov.ca/ | College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/ | Defend digital freedom: http://eff.org/ and have fun: http://fools.ca/ [Plain Text] - plain text version of this page in [Pandoc Markdown] format [CST8207 GNU/Linux Operating Systems I]: ../../../cst8207/12f [CentOS 5.8 VM]: 000_centos_install.html [Assignment #07]: assignment07.html [Assignment #09]: assignment09.html [Course Linux Server]: 000_course_linux_server.html [Checking Program]: #checking-marking-and-submitting-your-work [Tasks]: #tasks [Assignment #07 Bulk User Management]: assignment07.html#management-of-the-bulk-users [Red Hat Quotas]: https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/ch-disk-quotas.html [Answers are Here]: ../../../cst8207/13w/notes/200_redirection.html [Managing Quotas]: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s2-disk-quotas-managing-accurate.html [Source Directory]: #the-source-directory [Symbolic Link]: ../../../cst8207/13w/notes/460_symbolic_links.html [CST8207 Search Path]: ../../../cst8207/13w/notes/400_search_path.html [File Transfer]: 220_file_transfer.html [Plain Text]: assignment10.txt [Pandoc Markdown]: http://johnmacfarlane.net/pandoc/