linux_course_doc/certificates/essentials/lpi_essentials_lesson_05.md

11 KiB
Raw Permalink Blame History

Lesson 5.1

Guided Exercises

  1. Consider the following output of the id command:

    $ id emma
    uid=1000(emma) gid=1000(emma) groups=1000(emma),4(adm),5(tty),10(uucp),20(dialout),27(sudo),46(plugdev)
    
    • In which files are the following attributes stored?
      • UID and GID
      • Groups
    • Additionally, in which file is the user password stored?
  2. Which of the following types of cryptography is used by default to store passwords locally on a Linux system?

    • Asymmetric
    • One-way Hash
    • Symmetric
    • ROT13
  3. If an account has a User ID (UID) enumerated under 1000, what type of account is this?

  4. How can you get a list of the active logins in your system, and a count of them as well?

  5. Using the grep command, we got the result below with information about the user emma.

    $ grep emma /etc/passwd
    emma:x:1000:1000:Emma Smith,42 Douglas St,555.555.5555,:/home/emma:/bin/ksh
    
    • Fill in the blanks of the chart with the appropriate information using the output of the previous command.
      • Username
      • Password
      • UID
      • Primary GID
      • GECOS
      • Home Directory
      • Shell

Explorational Exercises

  1. Compare the results of last to w and who. What details are missing from each of the commands compared to one another?
  2. Try issuing the commands who and w -his.
    • What information has been removed from the output of the w command with the “no header” (-h) and “short” (-s) options?
    • What information has been added in the output the w command with the “ip address” (-i) option?
  3. Which file is the file that stores a user accounts one-way password hash?
  4. Which file contains the list of groups a user account is a member of? What logic could be used to compile a list of a groups a user account is a member of?
  5. One or more (1+) of the following files are not readable by regular, unprivileged users, by default. Which ones?
    • /etc/group
    • /etc/passwd
    • /etc/shadow
    • /etc/sudoers
  6. How would you change the current users login shell to the Korn Shell (/usr/bin/ksh) in non-interactive mode?
  7. Why is the home directory of the root user not placed within /home directory?

Lesson 5.2

Guided Exercises

  1. For each of the following entries, indicate the file to which it refers:

    • developer1010:frank,grace,dave
    • root0:0:root:/root:/bin/bash
    • henry:$1$.AbCdEfGh123456789A1b2C3d4.:18015:20:90:5:30::
    • henry1000:1000:User Henry:/home/henry:/bin/bash
    • staff:!:dave:carol,emma
  2. Observe the following output to answer the next seven questions:

    # cat /etc/passwd | tail -3
    dave:x:1050:1050:User Dave:/home/dave:/bin/bash
    carol:x:1051:1015:User Carol:/home/carol:/bin/sh
    henry:x:1052:1005:User Henry:/home/henry:/bin/tcsh
    # cat /etc/group | tail -3
    web_admin:x:1005:frank,emma
    web_developer:x:1010:grace,kevin,christian
    dave:x:1050:
    # cat /etc/shadow | tail -3
    dave:$6$AbCdEfGh123456789A1b2C3D4e5F6G7h8i9:0:20:90:7:30::
    carol:$6$q1w2e3r4t5y6u7i8AbcDeFgHiLmNoPqRsTu:18015:0:60:7:::
    henry:!$6$123456789aBcDeFgHa1B2c3d4E5f6g7H8I9:18015:0:20:5:::
    # cat /etc/gshadow | tail -3
    web_admin:!:frank:frank,emma
    web_developer:!:kevin:grace,kevin,christian
    dave:!::
    
    • What is the User ID (UID) and Group ID (GID) of carol?
    • What shell is set for dave and henry?
    • What is the name of the primary group of henry?
    • What are the members of the web_developer group? Which of these are group administrators?
    • Which user cannot log into the system?
    • Which user should change the password the next time he will log into the system?
    • How many days must pass before a password change is required for carol?

Explorational Exercises

  1. Working as root, run the useradd -m dave command to add a new user account. What operations does this command perform? Assume that CREATE_HOME and USERGROUPS_ENAB in /etc/login.defs are set to yes.
  2. Now that you have created the dave account, can this user login to the system?
  3. Identify the User ID (UID) and Group ID (GID) of dave and all members of the dave group.
  4. Create the sys_admin, web_admin and db_admin groups and identify their Group IDs (GIDs).
  5. Add a new user account named carol with UID 1035 and set sys_admin as its primary group and web_admin and db_admin as its secondary groups.
  6. Delete the dave and carol user accounts and the sys_admin, web_admin and db_admin groups that you have previously created.
  7. Run the ls -l /etc/passwd /etc/group /etc/shadow /etc/gshadow command and describe the output that it gives you in terms of file permissions. Which of these four files are shadowed for security reasons? Assume your system uses shadow passwords.
  8. Run the ls -l /usr/bin/passwd command. Which special bit is set and what is its meaning?

Lesson 5.3

Guided Exercises

  1. Create a directory named emptydir using the command mkdir emptydir. Now, using ls, list the permissions for the directory emptydir.

  2. Create an empty file named emptyfile with the command touch emptyfile. Now, using chmod with symbolic notation, add execute permissions for the owner of the file emptyfile, and remove write and execute permissions for everyone else. Do this using only one chmod command.

  3. What will be the permissions for a file called text.txt after you use the command chmod 754 text.txt?

  4. Lets assume a file named test.sh is a shell script with the following permissions and ownership:

    • -rwxr-sr-x 1 carol root 33 Dec 11 10:36 test.sh
    • What are the permissions for the owner of the file?
    • If the user john runs this script, under which users privileges will it be run?
    • Using the numeric notation, which should be the syntax of chmod to “unset” the special permission granted to this file?
  5. Consider this file:

    $ ls -l /dev/sdb1
    brw-rw---- 1 root disk 8, 17 Dec 21 18:51 /dev/sdb1
    
    • Which kind of file is sdb1? And who can write to it?
  6. Consider the following 4 files:

    drwxr-xr-t 2 carol carol 4,0K Dec 20 18:46 Another_Directory
    ----r--r-- 1 carol carol    0 Dec 11 10:55 foo.bar
    -rw-rw-r-- 1 carol carol 1,2G Dec 20 18:22 HugeFile.zip
    drwxr-sr-x 2 carol users 4,0K Jan 18 17:26 Sample_Directory
    
    
    • Write down the corresponding permissions for each file and directory using numeric 4-digit notation.
      • Another_Directory
      • foo.bar
      • HugeFile.zip
      • Sample_Directory

Explorational Exercises

  1. Try this on a terminal: create an empty file called emptyfile with the command touch emptyfile. Now “zero out” the permissions for the file with chmod 000 emptyfile. What will happen if you change the permissions for emptyfile by passing only one value for chmod in numeric mode, such as chmod 4 emptyfile? What if we use two, such as chmod 44 emptyfile? What can we learn about the way chmod reads the numerical value?

  2. Can you execute a file for which you have execute, but not read permissions (--x)? Why or why not?

  3. Consider the permissions for the temporary directory on a Linux system, /tmp:

    $ ls -l /tmp
    drwxrwxrwt  19 root root  16K Dec 21 18:58 tmp
    
    
    • User, group and others have full permissions. But can a regular user delete any files inside this directory? Why is this?
  4. A file called test.sh has the following permissions: -rwsr-xr-x, meaning the SUID bit is set. Now, run the following commands:

    $ chmod u-x test.sh
    $ ls -l test.sh
    -rwSr-xr-x 1 carol carol 33 Dec 11 10:36 test.sh
    
    
    • What did we do? What does the uppercase S mean?
  5. How would you create a directory named Box where all the files are automatically owned by the group users, and can only be deleted by the user who created them?

Lesson 5.4

Guided Exercises

  1. Imagine a program needs to create a one-use temporary file that will never be needed again after the program is closed. What would be the correct directory in which to to create this file?
  2. Which is the temporary directory that must be cleared during the boot process?
  3. What is the parameter for chmod in symbolic mode to enable the sticky bit on a directory?
  4. Imagine there is a file named document.txt on the directory /home/carol/Documents. What is the command to create a symbolic link to it named text.txt on the current directory?
  5. Explain the difference between a hard link to a file and a copy of this file.

Explorational Exercises

  1. Imagine that inside a directory you create a file called recipes.txt. Inside this directory, you will also create a hard link to this file, called receitas.txt, and a symbolic (or soft) link to this called rezepte.txt.

    $ touch recipes.txt
    $ ln recipes.txt receitas.txt
    $ ln -s recipes.txt rezepte.txt
    

    The contents of the directory should appear like so:

    $ ls -lhi
    total 160K
    5388833 -rw-r--r-- 4 carol carol 77K jun 17 17:25 receitas.txt
    5388833 -rw-r--r-- 4 carol carol 77K jun 17 17:25 recipes.txt
    5388837 lrwxrwxrwx 1 carol carol  12 jun 24 10:12 rezepte.txt -> receitas.txt
    

    Remember that, as a hard link, receitas.txt points to the same inode that recipes.txt. What would happen to the soft link rezepte.txt if the name receitas.txt is deleted? Why?

  2. Imagine you have a flash drive plugged into your system, and mounted on /media/youruser/FlashA. You want to create in your home directory a link called schematics.pdf, pointing to the file esquema.pdf in the root directory of the flash drive. So, you type the command:

    • $ ln /media/youruser/FlashA/esquema.pdf ~/schematics.pdf
    • What would happen? Why?
  3. Consider the following output of ls -lah:

    $ ls -lah
    total 3,1M
    drwxr-xr-x 2 carol carol 4,0K jun 17 17:27 .
    drwxr-xr-x 5 carol carol 4,0K jun 17 17:29 ..
    -rw-rw-r-- 1 carol carol 2,8M jun 17 15:45 compressed.zip
    -rw-r--r-- 4 carol carol  77K jun 17 17:25 document.txt
    -rw-rw-r-- 1 carol carol 216K jun 17 17:25 image.png
    -rw-r--r-- 4 carol carol  77K jun 17 17:25 text.txt
    
    • How many links point to the file document.txt?
    • Are they soft or hard links?
    • Which parameter should you pass to ls to see which inode each file occupies?
  4. Imagine you have in your ~/Documents directory a file named clients.txt containing some client names, and a directory named somedir. Inside this there is a different file also named clients.txt with different names. To replicate this structure, use the following commands.

    $ cd ~/Documents
    $ echo "John, Michael, Bob" > clients.txt
    $ mkdir somedir
    $ echo "Bill, Luke, Karl" > somedir/clients.txt
    

    You then create a link inside somedir named partners.txt pointing to this file, with the commands:

    $ cd somedir/
    $ ln -s clients.txt partners.txt
    

    So, the directory structure is:

    Documents
    |-- clients.txt
    `-- somedir
        |-- clients.txt
        `-- partners.txt -> clients.txt
    

    Now, you move partners.txt from somedir to ~/Documents, and list its contents.

    $ cd ~/Documents/
    $ mv somedir/partners.txt .
    $ less partners.txt
    
    • Will the link still work? If so, which file will have its contents listed? Why?
  5. Consider the following files:

    -rw-r--r-- 1 carol carol 19 Jun 24 11:12 clients.txt
    lrwxrwxrwx 1 carol carol 11 Jun 24 11:13 partners.txt -> clients.txt
    
    • What are the access permissions for partners.txt? Why?