Open main menu

CDOT Wiki β

Changes

OPS235 Lab 1 - CentOS7 - VMware

15,739 bytes removed, 08:59, 23 May 2016
no edit summary
* '''Get Acquainted Using the Installed Virtual Machine'''
* '''Issue commands and custom Bash shell scriptsDisable Linux Kernel security enhancements''' to obtain installed Linux OS information.
* '''Disable Linux Kernel security enhancementsProperly backup Centos VM image to your USB Key'''.
=INVESTIGATION 2: GETTING ACQUAINTED WITH YOUR VM & CREATING SHELL SCRIPTS=
For the remainder of this lab, we will be using the '''centos1''' virtual machine that we installed in Investigation 1.
 ==Part 2: Common Post-Install Tasks &amp; Automating Routine Tasks with Shell Scripts== {|width="40%" align="right" cellpadding="10"|- valign="top"|{{Admon/note|Accessing the Administration Account (root)| Many administrative tasks require the root administrative account. There are many ways to access this administration account:<ul><li>Login: '''root''' (enter root password)</li><li>Switch User to root (without login):<ul><li>'''su''': Remains in regular user's directory, does not run root's startup script(s).</li><li>'''su -''' : Changes to root's home directory (/root) and runs root's start script(s).</li></ul></li></ul>}}|} ===Accessing Administrative Priviledges=== Navigate through your Graphical CentOS system, '''locate and run a terminal program (in order to issue Linux commands). Issue and record the commands used and the output generated in each of the following steps:''' #With older (ancient) versions of Linux, a user once may have been allowed to login to their graphical Linux system using '''root''' as their user-name and their root password. This has been determined to be a security risk and that option has been removed with many or all Linux operating systems.#Therefore, from this point onwards, you will be logging into your regular user account instead and issuing a command to login as the ''root'' user. #Refer to the Information box regarding how to access the admin account from the command line.#Issue the command <b><code><span style="color:#3366CC;font-size:1.3em;">su </span></code></b> Issue the '''pwd''' and '''whoami''' commands to confirm your directory pathname. When finished logout of this account.#Issue the command <b><code><span style="color:#3366CC;font-size:1.3em;">su - </span></code></b> Issue the '''pwd''' and '''whoami''' commands to confirm your directory pathname. What do you notice are the main differences between using '''su''' versus using '''su -''' ?# An installation log file called <b><code><span style="color:#3366CC;font-size:1.2em;">/var/log/anaconda/packaging.log</span></code></b> has been created to record the installation of your centos1 machine. This file is an ASCII file which can be viewed with the <b><code><span style="color:#3366CC;font-size:1.2em;">more</span></code></b> command. # You can make use of this file to determine how many packages have been installed: complete the following command to count the number of packages that are labelled "Installing" in the installation log file::: <b><code><span style="color:#3366CC;font-size:1.2em;">grep -i packaging /var/log/anaconda/packaging.log | wc -l'''</span></code></b> ===Creating &amp; Using Bash Shell Scripts==={|width="40%" align="right" cellpadding="10"|- valign="top"|{{Admon/note|Bash Shell Scripting Reference Guide:|<br>'''<u>She-bang Line</u>'''<ul><li>Forces shell script to run in a specific Shell</li><li>Some shell syntax not backward compatible</li><li>'''#!''' must be at beginning of first line of shell script</li><li>Example: '''#!/bin/bash'''<br><br></li></ul>'''<u>Variables</u>'''<br><blockquote>'''Environment'''<ul><li>System-wide or "global" variable</li><li>Usually appear in UPPERCASE letters</li><li>Can view with command: '''set &#124; more'''</li><li>'''$''' in front to expand variable to value<li>Examples: '''USER''', '''PATH''', '''HOME''', '''SHELL'''<br></li></ul></blockquote><blockquote>'''User-defined''' <ul><li>Variable created by user (command line, scripting)</li><li>Examples:<br>''myVar&#61;"my value"; readonly myVar; export myVar''<br>''read -p "enter value: " myVar''<br></li></ul></blockquote><blockquote>'''Positional parameters'''<ul><li>Assign values with set command or shell script arguments</li><li>These variables are numbered (eg. $1, $2 ... $10}</li><li>Special parameters: $*, $@, $#, $$, $?<br></li></ul></blockquote>'''<u>Command Substitution</u>'''<ul><li>Useful method to expand output from a command to be used as an argument for another command.</li><li>Examples:<br>''file $(ls)''<br>''set $(ls);echo $#;echo $*''<br>''echo "hostname: $(hostname)"''<br><br></li></ul>'''<u>Logic Control Flow Statements</u>'''<ul><li>'''$?''' variable true (0) if command runs; otherwise is false (non-zero)</li>Example:<br>''if echo $myVar &#124; grep "match"''<br>''then''<br>''echo "Match"''<br>''fi''<br></li><li>The '''test''' command is used to test conditions. Square brackets '''[ ]''' is short-cut for test command (args contained inside with spaces). The '''exit''' command can be used to terminate the shell script with a false value.<br>Example:<br>''if [ $USER &#61; "root" ]''<br>''then''<br>&nbsp;''echo "You must be root" ''<br>&nbsp;''exit1''<br>''fi''<br></li><li>For numberic comparison, use the following '''test options''':<br> '''-gt''','''-ge''', '''-lt''', '''-le''', '''-eq''', '''-ne'''<br>Examples:<br>''if test $age -gt 65 ''<br>''then''<br>&nbsp;''echo "retire"''<br>''else''<br>&nbsp;''echo "don't retire"''<br>''fi''<br><br>''if [ $grade -gt 79 ]''<br>''then''<br>&nbsp;''echo "You get Good Mark"''<br>''elif [ $grade -gt 49 ]''<br>''then''<br>&nbsp;''echo "You pass"''<br>''else''<br>&nbsp;''echo "You fail"''<br>''fi''<br></li><li>For testing for file information, you can use '''-d''' to test if directory pathname exists, and '''-f''' if the file pathname exists. You can use '''!''' for negation.<br><br>Examples:<br>''if [ -d directory-pathname ]''<br>''then''<br> ''echo "directory exists"''<br>''fi''<br><br>''if [ ! - f file-pathname ]''<br>''then''<br> ''echo "File does not exist"''<br>''fi''</ul>}}|}  It is very common for System Administrators to keep records regarding their installed computer systems. For example, it is necessary to have a record of all the hardware information for each machine in order to help fix computer hardware problems, and to assist when purchasing additional consistent computer hardware. Therefore, it makes sense to also have a record of the installed computer software as well. This can contain information regarding the Linux operating system, installed software, and network connectivity information.  '''Perform the Following Steps:''' # Study the Linux commands and their purpose to note computer software information for your installed centos1 VM. You should take time to issue each of these commands to view the output, and record this chart in your lab1 logbook.<br><br># Login to your centos1 VM, open a Bash Shell terminal, and login as root by issuing the command:<br><b><code><span style="color:#3366CC;font-size:1.2em;">su -</span></code></b><br><br># Make certain to record output from these commands (except for the '''ps -ef''' output) in your lab1 logbook.  <table cellspacing="0" cellpadding="5" width="50%" style="border-top: thin solid black;margin-left:60px;"> <tr valign="top>  <td style="border-bottom: thin solid black;font-weight:bold;background-color:#ffffff;">Command(s)</td> <td style="border-bottom: thin solid black;font-weight:bold;background-color:#ffffff;">Purpose</td> </tr> <tr valign="top"> <td width="20%" style="border-bottom: thin solid black;"><b><code><span style="color:#3366CC;font-size:1.2em;">uname -rv</span></code></b><br><b><code><span style="color:#3366CC;font-size:1.2em;">hostname</span></code></b><br><b><code><span style="color:#3366CC;font-size:1.2em;">ps -ef</span></code></b></td> <td width="20%" style="border-bottom: thin solid black;">Basic Linux OS information such as '''kernel''' version, '''host-name''' of Linux server, and all '''processes''' that are running on the system after installation.</td> </tr><tr valign="top"> <td width="20%" style="border-bottom: thin solid black;"><b><code><span style="color:#3366CC;font-size:1.2em;">rpm -q -a | wc -l'''</span></code></b><br><b><code><span style="color:#3366CC;font-size:1.2em;">rpm -q -a -l | wc -l'''</span></code></b><br><b><code><span style=" pointer-events:none;cursor:default;color:#3366CC;font-size:1.2em;">rpm -q -l gedit | wc -l</span></code></b></td> <td width="20%" style="border-bottom: thin solid black;">Obtain number of installed packages in the rpm database. Option '''-q''' is to "query" informationo, option '''-a''' means for all installed packages, option '''-l''' means all files installed as opposed to just the application.</td> </tr>  <tr valign="top"> <td width="20%" style="border-bottom: thin solid black;"><b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em;">ifconfig</span></code></b><br><b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em;">route -n</span></code></b><br><b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em;">nslookup</span></code></b></td> <td width="20%" style="border-bottom: thin solid black;">Obtain network connectivity confirmation including: '''IP ADDRESS''', '''Netmask''', '''routing''' (default gateway), and the default '''Domain Name Server'''.</td> </tr></table>  :You may have learned about creating and running Bash Shell Scripts in your ULI101 course. Shell scripts help Linux users and system administrators to automate repetitive tasks to become more efficient and to help them save time. You will be reviewing and building a basic Bash Shell script to generate information reports for your newly-installed Linux host machine.  <ol><li value="4">Refer to the Bash Shell Scripting Guide prior to proceeding with this section. As you continue, you are required to make Bash Shell scripting notes in your lab1 logbook.</li><li>Create a directory called bin in your root home directory to store your shell scripts by issuing the command:<br><b><code><span style="color:#3366CC;font-size:1.2em;">mkdir ~/bin</span></code></b></li><li>Change to that newly-created '''bin''' directory</li></ol>  :'''NOTE:''' Although it is possible to copy and paste, is it highly recommended to manually enter the following Bash Shell scripting content to become familiar with writing Bash Shell scripting code. Remember: you will be required to create a Bash Shell script on your final exam, so you need the practice!  <ol><li value="7">Launch a text editor (such as <b><code><span style="color:#3366CC;font-size:1.2em;">vi</span></code></b> or <b><code><span style="color:#3366CC;font-size:1.2em;">nano</span></code></b>) to create a Bash Shell script called: <b><code><span style="color:#3366CC;font-size:1.2em;">myreport.bash</span></code></b> in your current directory.</li><li>Copy and paste the text below into your vi editing session for your file report.bash<br> (how do you copy and paste efficiently in Linux?)<br></li></ol> <code style="color:#3366CC;font-family:courier;font-size:.9em;margin-left:20px;"><br>&#35;!/bin/bash<br><br>&#35; Author: *** INSERT YOUR NAME ***<br>&#35; Date: *** CURRENT DATE ***<br>&#35;<br>&#35; Purpose: Creates system info report<br>&#35;<br>&#35; USAGE: ./myreport.bash<br><br>if [ $USER != "root" ] # only runs if logged in as root<br>then<br>&nbsp;echo "You must be logged in as root." >&2<br>&nbsp;exit 1<br>fi<br></code><br><ol><li value="9">Save your editing session, assign the '''myreport.bash''' file read and execute permissions (at least for the owner) and run by typing:<br><b><code><span style="color:#3366CC;font-size:1.2em;">./myreport.bash</span></code></b></li><li>Did it run? If not what do you think you need to do in order to run the Bash Shell Script?</li><li>Issue the command <b><code><span style="color:#3366CC;font-size:1.2em;">su -</span></code></b> and run the script from the regular user's home directory (not root's home directory):<br><b><code><span style="color:#3366CC;font-size:1.2em;">~regularuserid/myreport.bash</span></code></b></li><li> Did it work?</li><li>Reopen your text-editing session for '''~regularuserid/myreport.bash''' and add the following lines of code to the bottom of the shell script file:</ol><br><code style="color:#3366CC;font-family:courier;font-size:.9em;">&#35; Create report title<br><br>echo "SYSTEM REPORT" > /root/report.txt<br>echo "Date: $(date +'%A %B %d, %Y (%H:%M:%p)')" >> /root/report.txt<br>echo >> /root/report.txt<br></code><br><ol><li value="8">Save and run the bash shell script. View the contents of the file called '''report.txt''' that was generated (I hope you are using the up arrow key to issue previously issued commands in order to save time!). Notice how the redirection symbol &gt; is used at the beginning of the report, and then the other redirection symbol &gt;&gt; is used to help "grow" the report with the other content.</li><li>The only remaining content of the report would be the system information. We can use a shell scripting trick called "command substitution" $( .. ) in order place results from an command to be used by another command (like echo). Re-edit the shell script and add the following code at the bottom of the shell script file:</li></ol><br><code style="color:#3366CC;font-family:courier;font-size:.9em;">echo >> /root/report.txt<br>echo "Hostname: $(hostname)" >> /root/report.txt<br>echo >> /root/report.txt<br>echo "Kernel Version: $(uname -rv)" >> /root/report.txt<br>echo >> /root/report.txt<br></code><br><ol><li value="10">Save, run the script, and view the ''report.txt'' contents (are you using tip that was given to save time?).</li><li>Edit the shell script and include output from the <b><code><span style="color:#3366CC;font-size:1.2em;">ps aux</span></code></b> and <b><code><span style="color:#3366CC;font-size:1.2em;">ifconfig</span></code></b> commands (with appropriate titles). Remember to redirect that output to add to the bottom of the file!</li><li>Save, run and confirm that the shell script is working correctly.</li><li>What would be the use of keeping this shell script as a Linux system administrator?</li></ol><ol><li value="14">Here are some more "complex" Bash Shell scripts, that perform the same task. Although you are not require to understand some of these other tricks, it is recommended that you view the contents of the scripts and save them for future consideration or exmaples.</li><li>The <b><code>wget</code></b> command can be used to quickly download files from the Internet. Issue the following command:<br><b><code><span style="pointer-events: none;cursor: default;color:#3366CC;font-size:1.2em;">wget https://scs.senecac.on.ca/~murray.saul/text-report.bash</span></code></b></li><li>Verify that the file '''text-report.bash''' was downloaded to your current directory.</li><li>Assign read and execute permissions for this file by issuing the command: <b><code><span style="color:#3366CC;font-size:1.2em;">chmod u+rx text-report.bash</span></code></b></li><li>Run this Bash Shell script by issuing the command: <b><code><span style="color:#3366CC;font-size:1.2em;">./text-report.bash</span></code></b></li><li>Check to see if it created a report in your current directory. What is the purpose of the report?</li><li>Use the <b>vi</b> text editor to view the contents of the file <b>text-report.bash</b>. Can you understand how this script works?<br><br></li><li>Use the <b><code>wget</code></b> command to download, study, and run the following shell scripts on-line:<blockquote><b><code><span style=" pointer-events:none;cursor:default;color:#3366CC;font-size:1.2em;">https://scs.senecac.on.ca/~murray.saul/report.bash<br>https://scs.senecac.on.ca/~murray.saul/report3.bash</span></code></b></blockquote></li><li>Try to understand what these Bash Shell scripts do.</li><li>You have completed lab1. Proceed to Completing The Lab, and follow the instructions for "lab sign-off".</li></ol>   ==Part 3: Final Steps==
===Disable SELinux and Perform Software Updates===
13,420
edits