Week_Twelve_12x - Computing Sciences and Mathematics ...

richnessokahumpkaΔιακομιστές

9 Δεκ 2013 (πριν από 3 χρόνια και 8 μήνες)

64 εμφανίσεις












Week Twelve Agenda


Announcements


If proctor changes need to be made, do it soon.


The final exam will be True/False, Multiple

Choice, and Essay


Presentation dates April 6 and 13.


Link of the week


Review week eleven lab assignment


Week eleven expected outcomes


Next lab assignment


Break
-
out problems


Upcoming deadlines


Lab assistance

Link of the week


Domain name registration Web site


https://www.pairnic.com/services.html?gclid=COXiuLv6mI0
CFSCTWAod81M57A



Determine if a domain is currently in use.


http://www.pair.com/



What is a domain name?



What is the function of the Domain Name System?



BIND (Berkley Internet Name Domain)



What is meant by top level domain?


Link of the week




Top Level Domain (TLD)


gov


Government


edu


Educational


org


Other organizations ( often nonprofit)


mil


Military


com


Commercial business


net


Network organizations


ca


Canada


th


Thailand

Link of the week

http://www.iana.org/cctld/cctld.htm

Iana
-

Internet Assigned Numbers Authority

Observe the
Root Zone Database
at the
above Web site. It represents the list of
top
-
level domains.

Each country has an ISO (International
Organization for Standardization) country
code designated as its domain name.


Link of the week

Unlike the file system hierarchy (read from
left to right) , the top
-
level domain name
appears at the end.




/var/mail/dandrear

The URL (Uniform Resource Locator) is also
a hierarchy. Its top
-
level domain name
appears at the end, but is read from left to
right).



alpha.einstein.edu



beta.ca.mail2web.com


Link of the week

Review week eleven lab assignment

User Initialization



The /etc/
inittab

runlevel

field format:



id:runlevels:action:process


/etc/
inittab

file

1:2345:respawn:/
sbin
/
mingetty

tty

1



/etc/profile file

Basic setup for all users




$HOME/.profile

User preferred environmental set up



Use the
ls


a command to display the .profile file under your
$HOME directory.





Review week eleven lab assignment

Metadata



Metadata is data about data. It may describe a
single piece of data or multiple content items
and hierarchical levels.

Metadata can be the name of a US corporation, or
a registered trademark.

Metadata is structured information that describes
and allows us to find, manage, control and
understand other information.



Review week eleven lab assignment

Metadata




There are many different types of metadata.



Business Intelligence metadata



General IT metadata



IT metadata management products



File system metadata



Image metadata

Review week eleven lab assignment

Linux runlevels:


0
-

halt (Do NOT set initdefault to this)


1
-

Single user mode


2
-

Multiuser, without NFS (The same as 3, if you do not have

networking)


3
-

Full multiuser mode


4
-

unused


5
-

X11


6
-

reboot (Do NOT set initdefault to this)


The runlevel may contain multiple characters for different
runlevels.



1:23:respawn:/sbin/mingetty tty1


2:23:respawn:/sbin/mingetty tty2



3:23:respawn:/sbin/mingetty tty3


4:23:respawn:/sbin/mingetty tty4



Review week eleven lab assignment

/etc/inittab actions

respawn



The process will be restarted whenever it

terminates.

wait



The process will be started once when the
specific runlevel is entered.

once


The process will be executed once when the

specific runlevel is entered.

boot


The process will be executed during system

initialization.

initdefault



This entry specifies the runlevel which


should be entered after system boot.

sysinit



The process will be executed during system


boot. It will be executed before any boot or


bootwait entries.


Review week eleven lab assignment

/etc/inittab actions

powerwait



The process will be executed when the
power goes down.

powerokwait



This process will be executed as soon as
init process is informed that the power has been
restored.

powerfailnow



This process will be executed when the
init process is informed that the battery of the external
UPS power is failing.

ctraltdel



The process is executed when the init process
receives the SIGINT signal. This means that someone
on the system console has pressed the Ctrl
-
Alt
-
Del
key combination.


Review week eleven lab assignment


UNIX
-
like commands:


ps


s



(view zombie processes)


ps


aux



(view status of all processes)


ps


x



(view only active processes)


ls


a



(view “.” processes)


ps

-
aux |
grep

crond


(view
crond

executing)


nice



(execute with modified scheduling




priority)


umask


(displays
umask

numeric values)


umask


S


(displays
umask

symbolic values)


fg

(
Continues a stopped job by running it in the foreground, some

shells are not able to run this command

).


bg

(Continues a stopped job in the background)



Review week eleven lab assignment


UNIX
-
like commands:


cat /etc/shells


(Display available shells on system).

echo $SHELL


(Display current shell being utilized).

chsh

s /bin/ksh

(Change to a different shell) .

printenv or env (commands to display environment




variables).

Review week eleven lab assignment



Unix/Linux Processes


Linux defines a unit of work as a
task

or
process
.



UNIXdefines a unit of work as a
process
.

Each
process

is identified by a unique PID
(Process ID).

Each
user

is identified by a unique UID (User
ID).

Each process is started from a previous process
using the
fork and exec

command.

The init process is created by the kernel using a
non
-
traditional procedure called
hand
-
crafted

or
spontaneous
.



Review week eleven lab assignment


Unix/Linux Processes




A b
ackground processes

runs with a relatively low
priority, require little or no input, and generate a
minimum of output. Background process is unlike
with a foreground process, the shell does not have to
wait for a background process to end before it can run
more processes. Background jobs are run at a lower
priority to the foreground jobs.



A f
oreground process

is one that can

show the user an
interface
,
through

which the user can interact with the
program.

The user must wait for one foreground
process to complete before running

another one.




Review week eleven lab assignment

Non
-
Inherited Process Attributes



File locks (semaphores)



Child resource utilization is set to zero



Pending signals (kill

l signals)


Daemon processes

offer services like web pages
serving, email transferring, time synchronization, and
similar. They usually consume little CPU and
memory, and run quietly without user interaction.
They mainly communicate with other computer
programs, or with other computers via network.


Review week eleven lab assignment


Crontab

Utilization:

cron

is the periodic event scheduler of your system. The
following examples give you an idea of its usefulness
and necessity.


regular daily backups


periodic mail checking


polling a device(s) for input


sending regular reports


sending user email every time a
cron

function is
performed

cron

file locations



/etc/
crontab



/etc/
cron.deny




/etc/
cron.allow

Review week eleven lab assignment


Crontab

Utilization:


Typical directory configuration

/etc/
cron.d
/hourly

/etc/
cron.d
/daily

/etc/
cron.d
/weekly

/etc/
cron.d
/monthly

Review week eleven lab assignment


How frequent does crond execute on Unix
-
like systems?




Disable email


To prevent email messages from being sent to your mail
account, create a record that contains the following syntax:



* * * * * echo
dandrear@franklin.edu

> .trash_bin


To cancel the email redirection, enter the following:



rm trash_bin


If the output is not needed, the following syntax can be
included:



* * * * * echo “Hello Administrator” > /dev/null 2>&1

The /dev/null device is a special file that disregards all data written
to it.



Review week eleven lab assignment

crontab
format:



* * * * * command to be executed

crontab values:




Field



Value




minute



00
-
59




hour



00
-
23 (military time)




day



1
-
31




month



1
-
12




weekday



0
-
6 (0=Sunday)

Example records:

There are a total of 6 fields in the crontab file


30 5 11 12 * echo “Welcome to Franklin University”



30 * * * * echo “Unix Administration”


Review week eleven lab assignment


Demonstrate: Display crontab entries and /var/mail/dandrear file


and introduce the tail

f command.


Who can use the crontab commands (create, list, edit or remove)?



What does the “*” character represent in the first five fields of a
crontab record? Match all values


A single integer will match that exact time value.


A comma separated list of integers can invoke multiple matches
like 1,2,3.



Example: 5,10,45 * * * * echo “Unix Administration”

Review week eleven lab assignment

crontab restrictions

If your name appears in the cron.allow file. If that files doesn’t
exist, you can use crontab.


If your name does not appear in the cron.deny file. If cron.deny
exists and is empty, all users can use crontab. If neither file
exists, only the root user can use crontab.


crontab command without options



Read standard input



Exit using “
Control C
” so that the existing crontab is

unmodified.



Exit using “
Control D
” will cause the current users’

crontab to be

replaced with no information.

Review week eleven lab assignment

crontab commands


crontab
-
e

Edit crontab file


crontab

l

Display your crontab file


crontab

r

Remove your crontab file


crontab

v

Display last time crontab was



edited.




Review week eleven lab assignment

Linux Security

SELinux developed by the U.S. National
Security Agency (NSA), implements
Mandatory Access Control (MAC) in the
Linux kernel. MAC enforces security policies
that limit what a user or program can do. It
defines a security policy that controls some or
all objects, such as files, devices, sockets, and
ports, and some subjects like processes.
Utilizing SELinux, you can grant a process
only those permissions it needs to be
functional.

Review week eleven lab assignment

Linux Security

TCP Wrapper is part of the client/server model,
and can be used with any daemon that is linked
against libwrap.a, and relies on the
/etc/hosts.allow and /etc/hosts.deny files as the
basis of a simple access control language. This
access control language defines rules that
selectively allow clients to access server
daemons on a local system based on the
client’s address and the daemon the client tries
to access.

Review week eleven lab assignment

Linux Security

chroot jail

On early UNIX systems, the root directory was a
fixed point in the file system. Chroot jail
allows users on UNIX
-
like system to define
the root directory on a
process bases
. The
chroot jail utility allows you to run a process
with a root directory other than /.

By creating an artificial root directory,
frequently called (chroot) jail, you can make it
harder for the other system files to be
accessed.
Review week eleven lab assignment

What is the functionality of Network File System
(NFS)?



It is a remote file system designed by Sun
Microsystems, available on computers from
most UNIX system vendors.



It allows the server to share selected local
directory hierarchies with client systems on a
heterogeneous network. Files on the remote
computer (fileserver) appear as if they are
present on the local system. The physical
location of a file is irrelevant to an NFS user.


Week ten, eleven, and twelve expected
outcomes

Upon successful completion of this module, the student will be
able to:



Manipulate user accounts.


Describe how cron is used to invoke repetitive processes.


Manipulate process structure including:



a. fork and exec,



b. Initialization process,



c. Background/foreground,



d. PS tool.


Explain basic UNIX security issues
.



Describe disk and file system structure.


Use backup and restore archival operations on a system.


Establish network services
.


Investigate the structure of the LDAP directory using LDAP
commands.






Next lab assignment


Copy
-
on
-
Write



It is an optimization strategy for multiple users

can give the same pointer for a resource. The

primary advantage is that if a caller never makes

any modifications, no private copy is needed.



This strategy is used in virtual memory operating

systems pages in memory that might be modified

by either the process or its copy are marked copy
-

on
-
write.







Next lab assignment

Network Services


A variety of services available across a network



NFS



Remote login



Utilize a Web browser


All network services rely on the ability to convert a host or
domain name to an IP address.



DNS are complex. The number of host names and IP

addresses in the Internet is very large.




DNS Local contains actual translations for the machines

in its local network




DNS Global contains more information about translations.




A single translation could involve several DNS before

resolving the IP address.



Next Lab Assignment


UNIX/Linux
file system
is contained under the
root directory denoted by a slash “/”.


Users don’t have to worry about the physical
locations of files.


The system administrator must be familiar
with mounting and un
-
mounting storage space
(/mnt).


NIS+ (Network Information Service) is a
directory service.


Next Lab Assignment

File System

1.
It is an organization of data and metadata on a storage device.

2.
It is the methods and data structure that an operating system
uses to keep track of files on a disk or partition; that is the way
the files are organized on the disk.

3.

Think of a file system as a protocol. File systems give
meaning to the data on a particular storage device.

What is a block device?

It is a device in which the data that moves to and from occurs in
blocks (like a disk sector) and supports attributes such as
buffering and random access behavior. Block devices include
hard drives, CD
-
ROMs, and RAM disks.

What is a character device?

It is a device that does not have a physical addressable media.
Character devices include serial ports and tape devices, where
data is streamed character by character.

Next Lab Assignment

File System


Next Lab Assignment

Super Block



Contains information about each mounted file system.



The actual
data structure

in Linux is called struct

vfsmount.



Information held is mount flags, mount time, device

name, pointer to super block and device block size.



The Linux 2.0 kernel keeps a static array of such

structures to store up to 64 mounted file systems.

Data Block

Data blocks are used to store the data for a file. There is space
only for a few data block numbers in the inode, however if
more are needed, more space for pointers to the data blocks is
allocated dynamically. These dynamically allocated blocks are
indirect blocks. The name indicates that in order to find the
data block, one has to find its number in the indirect block
first.


Next lab assignment

usr
bin
tmp
dev
tty
03
null
date
wc
ksh
dandrear
jones
.
profile
bin
foo
Directory tree
/
Next Lab Assignment

Super Block
File Manager
ext
3
File System
Linux Virtual File System
Kernel
Next lab assignment

UNIX base root file system tree structure


/bin (commands)


/dev (devices)


/etc (system configuration/executables)


/sbin (boot commands)


/usr/sbin (administrative commands)


/home (users home directories)


/lib (shared libraries)


/mnt (temporary mount directory)


/opt (optional software)


/proc (processes)


/stand (boot
-
related files)


/var (spooling)


Next lab assignment

lost+found directo
ry


Fsck is generally able to repair most system
damage and the frequency with which you will
find anything at all in your lost+found directories
has slowed significantly


If you have a system crash and the Linux file
system checker (fsck) recovers corrupt files they
are placed here.


Next lab assignment

Unix
-
like System Security


Security on UNIX
-
like systems has focused on
the following areas:




Files and directories




PATH variable



password authentication



UNIX to UNIX commands



One
-
way function



Break
-
out problems

1. How often do the following two commands execute?


# 1.1. This is a comment.


* * * * * c:
\
tools
\
CheckForNewFiles.exe


# 1.2. This is a comment.


* * 3 * * c:
\
tests
\
backup.bat

2. Define: File System Super block

3. Define: Domain Name Server

4. Define: Domain name

4. Define: RFC

6. What application is BIND associated

7. What is the “lost+found” area considered on a Unix
-
like
system?

8. Linux Virtual File System

9. One
-
Way Encryption or One
-
Way Function

10. Compare a block device to a character device




Upcoming deadlines

Lab Assignment 11
-
1,
Knoppix

File System Exercise is due July
18, 2010.

Lab Assignment 12
-
1, Programming Assignment 2 is due July
25, 2010.

Final exam outline will be available on August 2
-

7, 2010.

Module 6, contains study information for weeks 10, 11, and 12.



Final Exam Outline will be posted on the Bulletin Board July
18, two weeks prior to the final exam date. This outline will be
considered a “living” document. I will add additional
information to it up to one week prior to the exam. Any
additional information posted after the initial posting will be
highlighted/indicated. I will email all students a copy of this
outline also.


Lab assistance


Questions


Comments


Concerns



I will be available after this Franklin Live
session to discuss any problems and/or
concerns regarding lab assignments.