Lab Manual 1
User Manual:
Open the PDF directly: View PDF 
.
Page Count: 20
| Download | |
| Open PDF In Browser | View PDF |
CSE-478
Introduction to Computer Security
Lab 1: Basic Linux Familiarity & Apache Web Server
Objectives:
•
To get familiar with Linux and its command systems
Submission:
•
Prepare a report with the contents as instructed in different exercised in this manual.
Introduction:
This motivation of this lab is to prepare for you for the subsequent labs in which we will be
using the Ubuntu Linux environment. There are three check-points. Each of these check points
needs to be ticked off by showing to your instructor what you are instructed to do. You will
also need to submit a report at the end of the lab with the required contents. We will start off
the lab with a little bit of history of Unix and Linux. Then, read thorough this lab manual and
complete the instructed tasks.
UNIX:
UNIX is a powerful operating system designed to be a multiuser and multitasking system. The
original UNIX was created by Ken Thompson in 1969 at Bell Labs. Today, the term “UNIX” does
not refer to a single operating system sold by a single company. Instead, it refers to any
operating system that meets certain standards.
Most large-scale computers and some desktop personal computers use an UNIX operating
system, which could be a generic system or one written by the computer manufacturer. Some
of the more popular UNIX operating systems include Linux, Ultrix (DEC), Irix (Silicon Graphics),
and Solaris (Sun Microsystems). Mac OSX is built on BSD Unix.
Since each UNIX operating system must meet the same standards, they function similarly.
Thus, after you are familiar with the use of one UNIX operating system, you will easily adapt
to a different one. The major differences are usually in the administration of the system—
meaning, unless you are the administrator of the system, you never have to worry about that
aspect.
Linux:
The Linux (Lynn-ucks) operating system was created by Linus Torvalds in 1991 while he was a
graduate student at the University of Helsinki (Finland). Torvalds created Linux as an
alternative to Microsoft Windows and to provide a UNIX operating system for use on the PC.
Linux is and has always been an open- source project that allows other programmers to view
and modify the source code. Today, hundreds of programmers work on Linux—mostly in their
spare time—under the direction of Torvalds.
The Linux operating system is very popular today due in part to its availability and open source
status. There are a number of Linux distributions available from different companies and
groups such as Red Hat, Fedora, Ubuntu, Slackware, SuSe, and Corel. All of these use the same
Linux operating system.
The major differences between the distributions are the services provided and the various
applications included with the Linux distribution. Linux is very powerful and is easy to learn
LAB 01. WORKING WITH LINUX
CSE-478
2
Introduction to Computer Security
LAB 01. WORKING
WITH
LINUX
The major differences between the distributions
are the services
provided
and the various applications
included with the Linux distribution.
and use. All major distributions provide a graphical user interface frontend that will be
familiar
to powerful
Microsoft
and
Macintosh
users.
Linux
is very
and
is easy
to learn and
use. All major distributions provide a graphical user interface
your username
frontend
willwill
be familiar
Microsoft
andEnter
Macintosh
users. in the “Username” text field and press Enter or click th
In our that
lab we
be usingtoUbuntu
Linux
Distribution.
button.
User Interface:
If you have trouble entering text into the box, you will need to move the mouse over th
0.1.4 Interface
you
will besystem
prompted
your password.
Users commonly interact with
a UNIX
viafor
a text-based
command-line interface. In a
Users commonly interact with a UNIX system via a text-based command-line interface. In a terminal,
terminal, commands are entered at a prompt and results are displayed. Numerous commands
commands are entered at a prompt and resultsEnter
are displayed.
Numerous commands
are provided
file
the password
to you
Enterfor
or With
clickand
the Log In butto
are provided for file and directory manipulation,
programprovided
execution,
andand
filepress
processing.
directory manipulation, program execution, and file processing. With a text-based interface, users can work
a text-based
interface,
users
can work
with
system
on theask
physical
machine
with
the system directly
on the
physical
or the
connect
a directly
remote
the
Internet.
Oneorofor
theassistant for he
shouldmachine
now be logged
in totothe
system.system
If not, via
your
instructor
lab
connect
to
a
remote
system
via
the
Internet.
One
of
the
biggest
wins
with
the
text-based
biggest wins with the text-based interface is how easy it is to automate complicated processes.
interface is how easy it is to automate complicated processes.
In addition to the text-based interface,
most
UNIX systems
also provide a graphical interface similar to
Exploring
the Desktop
In addition to the text-based 0.2.2
interface,
most
UNIX
systems
also provide a graphical interface
those of the Macintosh and Windows platforms. Unlike those systems, however, the graphical interface
similar to those of the Macintosh and Open
Windows
platforms.
Unlike by
those
systems,
the Firefox
web browser
clicking
on thehowever,
“Activities” menu in the u
under UNIX consists of several layers, as illustrated below.
of your
then click
the Firefoxbelow.
browser icon (shown below), which
the graphical interface under UNIX consists
of screen
severaland
layers,
as illustrated
the top icon.
Using the browser, navigate to the course Web page. There are lots of differe
navigate to the course Web page; you should be able to find one that works.
theiscourse
Web page.
could even
edit your
preferences
to make it your home p
The actual graphical environment
provided
by a You
standalone
program
called
X-Windows
The
actual
graphical
environment
is
provided
by
a
standalone
program
called
X-Windows
(tm).
This
(tm). This program is executed on top of the text-based interface. X-Windows is responsible
There is aX-Windows
link at the top
of the Web for
page
labeled “Resources”.
Click on the
program
is
executed
on
top
of
the
text-based
interface.
is
responsible
managing
the
monitor,
for managing the monitor, keyboard, and mouse in addition to providing the “windowing
the
Resources
page.
Then
scroll
down
to
the
“UNIX”
section
and
select “CS
keyboard,
and mouse in addition to providing the “windowing capability”.
capability”.
Lab Resources”.
The
look
and
of the
graphical
environment
is provided
by a window
manager.
The window
The
look
and
feelfeel
of the
graphical
environment
is provided
by a window
manager.
The window
manager is
The
Lab
Resources
page
contains
information
about
the
system
and various application
a manager
standalone isprogram
that works
in conjunction
with in
X-Windows
to provide
decorations to
forprovide
windows,
a standalone
program
that works
conjunction
with X-Windows
useful
to
you
throughout
the
term.
buttons,
and other
in addition
to other
controlling
the behavior
and actiontoofcontrolling
the variousthe
comdecorations
for components
windows, buttons,
and
components
in addition
ponents.
There
are
a
number
of
window
managers
from
which
to
choose.
The
default
on
our
systems
is
the
behaviour and action of the various
components.
Thereyourself
are a number
of window
managers
Play
with
the
Linux
Desktop
to
see
what
you
can
do!
Compare
Metacity
window
manager, which is highly configurable and provides a number of “themes” that changewith your neig
from which
to choose.
some helpful tricks. For example, what happens if you click on “Activities” now?
the look and feel.
Linux systems also provide a desktop manager. The desktop manager is responsible for the
Linux
providethe
a desktop
The menus
desktop and
manager
is responsible
for the
icons
on the
iconssystems
on thealso
desktop,
panels manager.
that provide
application
launchers,
and
virtual
desktop,
the panels
provide
and
application
launchers,
and
virtual
workspaces.
The
two
most
workspaces.
Thethat
two
mostmenus
popular
desktop
managers
are
GNOME
(default)
and
KDE,
0.3 The Terminal
popular
desktop
managers
are
GNOME
(default)
and
KDE,
both
of
which
are
provided
on
our
system.
however, Unity is the default desktop manager of recent Ubuntu releases.
The Terminal:
Before you can begin working with UNIX commands, you need a terminal window, wh
called a shell. The shell provides an interface between you and the operating system.
Before you can begin working with UNIXOpen
commands,
need from
a terminal
window, which
runs
a terminalyou
window
the “Applications”
menu,
under “Activities” O
a program called a shell. The shell provides
an interface
between
you and the operating
ing for “Terminal”
from
“Activities”.
system. The terminal can be launched using the Menu, or typing Terminal into the application
area or using the Ctrl + Alt + T shortcut.Add Terminal to your “Favorites” by clicking on “Activities” and dragging t
up in the bar to just under Firefox.
The terminal window on your desktop should contain some characters that look something
like:
The terminal window on your desktop should contain some characters that look someth
[username@lisp-~]$-
LAB 01. WORKING WITH LINUX
CSE-478
5
Introduction to Computer Security
This
prompt.
The The
prompt
gives you
information
about theabout
account
andaccount
machineand
being
used and
Thisisiscalled
calledthethe
prompt.
prompt
gives
you information
the
machine
the
current
directory
you’re
in.
For
example,
the
prompt
above
is
for
someone
whose
username
is
username
being used and the current directory you’re in. For example, the prompt above is for someone
and who is using the computer named lisp and that the user is in his home directory, as indicated by the ~,
whose username is username and who is using the computer named lisp and that the user is
the shortcut for the home directory.
in his home directory, as indicated by the ~, the shortcut for the home directory.
The
indicates
that UNIX
waiting
for (or “prompting”)
you to type something.
Whenever
you type
Theprompt
prompt
indicates
that isUNIX
is waiting
for (or “prompting”)
you to type
something.
something
after
a
UNIX
prompt,
UNIX
tries
to
understand
it
as
a
command.
If
you
type
a
command
Whenever you type something after a UNIX prompt, UNIX tries to understand it asthat
a
UNIX understands, UNIX carries out the command. Otherwise UNIX displays a message indicating that
command. If you type a command that UNIX understands, UNIX carries out the command.
the command was not recognizable.
Otherwise UNIX displays a message indicating that the command was not recognizable.
Note: Commands and filenames in UNIX are case sensitive.
Spaces are required between commands, arguments, and options.
The basic template for a UNIX command is
command4name-[options]-[argument1]-[argument2]-...To enter a UNIX command, the terminal window must be the active window. To make a
To enter a UNIX command, the terminal window must be the active window. To make a window active,
window active, simply move the mouse so that the mouse pointer is located within the limits
simply move the mouse so that the mouse pointer is located within the limits of the window and click on
of the
window
and
click onisthe
window.
When
a window
the
window.
When
a window
active,
its border
changes
color. is active, its border changes colour.
•
Make the terminal window the active window.
•
At the prompt, type in your last name and press Enter.
Make the terminal window the active window.
At the prompt, type in your last name and press Enter.
You should see the error message that UNIX displays when it cannot interpret what you type
as one
of its
(unlessthat
your
parents
happened
to name
you “ls”
oryou
“cp”
or as
some
You
should
seecommands
the error message
UNIX
displays
when it cannot
interpret
what
type
one such
of its
commands
(unless
your the
parents
happened
to name you
“ls” report:
or “cp” or some such thing).
thing). Now,
answer
following
questions
in your
1. Does
support
multiple
sessions
(e.g.recognize
tabs)? Ifand
so, on
how
dotoyou
In theQrest
of thisthe
lab,program
we’ll focus
on commands
that
UNIX does
how
usecreate
them. new
sessions? How do you delete them?
Q 2. What character encoding does the terminal expect (common ones are UTF-8 and
0.4 Running
the Help
Client as latin-1)?
ISO-8859-1,
also known
Linux
Manual
This
is a bit
early to discuss this, but we created a new program to make it easy to keep track of who needs
Unix
documentation
assistance during lab. is traditionally in the form of a Unix Manual, which is comprised of a set
of manual pages, or simply man pages, organized into nine sections. Section one of the
prompt,
type in section two for system calls, section three for higher-level API
manual isAtfortheuser
commands,
runHelpClient-&calls and so on.
Sometimes you will see commands (and API functions) written as name(n).
This notation specifies a name and a manual section. For example, tty(1) refers to the user
We
will explain
later about
this command
works.
For now,
you tty.
should see the GUI and it
command
t t y,more
whereas
tty(4)how
refers
to the device
driver
named
should be pretty intuitive to use.
You read man pages using the man command. The man command itself has a man page,
which you read by issuing the command man man.
•
Type man man in your terminal and try to understand what is written
Before moving on to more advanced tasks, you have to become comfortable reading man
pages, and referring to the man pages must become second nature. Any time you wonder
CSE-478
Introduction to Computer Security
how a command works, read the man pages. If you need to know what format a file has, read
the man pages. If you don’t have anything else to do, read a man page; you might just learn
something.
Man pages are divided into named sections such as “SYNOPSIS”, “DESCRIPTION”,
“EXAMPLES” and “FILES”. If you are familiar with the more common sections of man pages
you can find information a lot faster than by trying to read the whole thing from beginning to
end. The man page for man itself lists some of the common sections and conventions.
Answer the following questions concerning sections of the Unix Manual into your report.
Most of the information you need can be found in the man page for the man command (you
will need to think a little too):
Q 16.
Q 17.
Q 18.
Q 19.
Which are the nine sections of the Unix manual?
Which section of the manual contains user commands such as cat and ls?
Which section documents file formats, such as configuration files?
Display the man page for the l s command.
a)
b)
c)
What does the ls command do?
What option to ls shows information about file sizes, owner, group,
permissions and so forth?
What does the –R option to l s do? (Don’t forget to try it.)
Linux File Systems
Understanding how files and directories are organized and can be manipulated is vital when
using or managing a Linux system. All files and directories in Linux are organized in a single
tree, regardless of what physical devices are involved (unlike Microsoft Windows, where
individual devices typically form separate trees).
The basic unit of storage in UNIX is a file. A file may contain many kinds of information,
including a Python script, an HTML document, a research paper, an image, or an executable
program. Files are organized in a hierarchical system of directories. A directory may contain
files and other directories. The directory at the “top” of the file system, in which all other
directories are located, is called the root directory.
The root of the tree is called /, and is known as the root directory or simply the root. The root
contains a number of directories, most of which are standard on Linux systems. The following
top-level directories are particularly important:
managing a Linux system. All files and directories in Linux are organized in a single tree, regardless of
what physical devices are involved (unlike Microsoft Windows, where individual devices typically form
separate trees).
CSE-478
Introduction
to contains
Computer
The root of the tree is called /, and is known as the root directory or simply
the root. The root
a
number of directories, most of which are standard on Linux systems. The following top-level directories
are particularly important:
Directory
Purpose
bin
Commands (binaries) needed at startup. Every Unix command is a separate executable
binary file. Commands that are fundamental to operation, and may be needed while the
system is starting, are stored in this directory. Other commands go in the /usr directory.
dev
Interfaces to hardware and logical devices. Hardware and logical devices are represented
by device nodes: special files that are stored in this directory.
etc
Configuration files. The /etc directory holds most of the configuration of a system. In
many Linux systems, /etc has a subdirectory for each installed software package.
home
Home directories. User’s home directories are subdirectories of /home.
sbin
Administrative commands. The commands in /sbin typically require administrative
privileges or are of interest only to system administrators. Commands that are needed
when the system is starting go in /sbin. Others go in /usr/sbin.
IDA/ADIT
LXB: LINUX BASICS
tmp
tmp
usr
Security
7
Temporary (non-persistent) files. The /tmp directory is typically implemented in main
memory. Data stored here is lost when the system reboots. Many applications use /tmp
Temporary
(non-persistent)
files. use
The/var).
/tmp directory is typically implemented in main
for storing
temporary files (others
memory. Data stored here is lost when the system reboots. Many applications use /tmp
The bulk of the system, including commands and data not needed at startup. The usr
for storing temporary files (others use /var).
subdirectory should only contain files that can be shared between a number of different
usr
computers,
it shouldincluding
contain no
configuration
that
unique toata startup.
particularThe usr
The bulk
of thesosystem,
commands
anddata
data
notis needed
system.
subdirectory
should only contain files that can be shared between a number of different
contain no configuration data that is unique to a particular
The figurecomputers,
below shows so
partitofshould
a Unix system.
system.
/ shows
bin part of
rijag112
bin
The figure below
a Unix system.
The figure below dev
shows partcosaz039
of a Unix system.
labs
etc
/
bin home
dev lib
etc proc
sbin
home
tmp
lib usr
proc
sbin
tmp
usr
zbicz922
tomli839
rijag112
ramsi645
cosaz039
zbicz922
bin
tomli839
lib
ramsi645
local
mplayer /home/rijag112/ bin/mplayer
mencoder
private
bin
labs
private
bin
man
share
doc
man
bin
mplayer
/home/rijag112/ bin/mplayer
man
mencoder
info
less
konsole /usr/bin/konsole
man
ssh
info
sbin
binshare
less
lib
konsole /usr/bin/konsole
local
man
ssh
File and path names
sbin
share
There are two ways to
reference a file in Unix:
share
doc using a relative path name or using an absolute path
name. An absolute path name always begins with a / and names every directory on the path from the
man
root to the file in question. For example, in
the figure above, the konsole file has the absolute path
name /usr/bin/konsole. A relative path names a path relative the current working directory. The current
and
path names
working
directory is set using the c d command. For example, if the current working directory is /usr,
File and File
path
names
then the konsole file could be referenced with the name bin/konsole. Note that there is no leading /. If
There are two ways to reference a file in Unix: using a relative path name or using an absolute path
current
directoryawere
then
konsole
could be referenced
with ../bin/konsole.
There arename.
twothe
ways
toworking
reference
file/usr/share,
in Unix:
using
relative
path
name
or using
an the
absolute
An
absolute
path
begins
a / above
andanames
every
directory
on the
path from
The
special
name
“..” name
is used always
to reference
the with
directory
the current
working
directory.
path name.
absolute
path name
always
begins
/ and
names
every
directory
root An
to the
file in question.
For example,
in the
figurewith
above,a the
konsole
file has
the absolute
pathon the
Exercise 5: AbsoluteAand
relative
pathnames
names a path relative the current working directory. The current
name
relative
path
path from
the/usr/bin/konsole.
root to the file
in question.
For example, in the figure above, the konsole file
working
is set
usingabove
the name
c d command.
example,
if the
current
directory is /usr,
5-1directory
In the
example
at least one For
relative
path name
indicating
sshworking
if
has the then
absolute
path
A relative
relative
the
the konsole
filename
could be/usr/bin/konsole.
referenced with the name
bin/konsole.path
Note names
that thereais path
no leading
/. If
(a)
The current working directory is /usr/bin.
the currentdirectory.
working directory
were /usr/share,
then directory
konsole could
referenced
with cd
../bin/konsole.
current working
The current
working
isbeset
using the
command. For
(b)“..” is used
The current
workingthe
directory
is /usr/local/bin.
name
to reference
directory
current
working
directory.
example,The
if special
the current
working
directory
is /usr, above
thenthe
the
konsole
file
could be referenced
Report: Answers to all questions.
with theExercise
name 5:bin/konsole.
Note path
thatnames
there is no leading /. If the current working directory
Absolute and relative
File system
permissions
were /usr/share,
then
konsole
could
be
referenced
../bin/konsole.
5-1
In the example above name at least
one relativewith
path name
indicating ssh ifThe special name “..”
Like
most
operating
systems
Linux
has
permissions
on
files
and
directories
that grant individual users or
is used to reference
the The
directory
above
the current working directory.
groups
on the files
and folders.
(a)of users rights
current
working
directory is /usr/bin.
In Linux,
are divided
into three
groups: is
“user”,
“group” and “other”. User permissions apply
(b) permissions
The current
working
directory
/usr/local/bin.
abovegroup
name
at least
one
relative
path
name indicating
toIn
thethe
ownerexample
of a file or directory;
permissions
to the
members
of the file’s
(or directory’s)
group;
Report:otherAnswers
to all
questions.
permissions
apply
to everyone else.
Q 20.
a) The current working directory is /usr/bin.
Every group contains three main permissions: read, write and execute, and each is represented as one
Thepermissions
current
working directory is /usr/local/bin.
Fileb)
system
bit in an
integer. The read (r) bit grants permission to read the contents of a file or directory; the write
ssh if
(w) bit grants permission to write to the file or create files in a directory, and the execute (x) bit grants
Like most operating systems Linux has permissions on files and directories that grant individual users or
permission to execute a file as a program. On directories the execute bit grants permission to traverse
groupsthe
of users
rights
the
and folders.
directory
(i.e. on
set it
as files
the working
directory).
In Linux, permissions are divided into three groups: “user”, “group” and “other”. User permissions apply
to the owner of a file or directory; group permissions to the members of the file’s (or directory’s) group;
other permissions apply to everyone else.
IDA/ADIT
LXB: LINUX BASICS
8
Every group contains three main permissions: read, write and execute, and each is represented as one
bit in an integer. The read (r) bit grants permission to read the contents of a file or directory; the write
(w) bit grants permission to write to the file or create files in a directory, and the execute (x) bit grants
CSE-478
Introduction to Computer Security
File system permissions
Like most operating systems Linux has permissions on files and directories that grant
individual users or groups of users rights on the files and folders.
In Linux, permissions are divided into three groups: “user”, “group” and “other”. User
permissions apply to the owner of a file or directory; group permissions to the members of
the file’s (or directory’s) group; other permissions apply to everyone else.
Every group contains three main permissions: read, write and execute, and each is
represented as one bit in an integer. The read (r) bit grants permission to read the contents
of a file or directory; the write (w) bit grants permission to write to the file or create files in a
directory, and the execute (x) bit grants permission to execute a file as a program. On
directories the execute bit grants permission to traverse the directory (i.e. set it as the
working directory).
There
areareother
bitsasaswell.
well.
most
important
of these
theand
setuid
and
There
otherpermission
permission bits
TheThe
most
important
of these
are theare
setuid
setgid
bitssetgid
(in
bitsthe
(inuser
theand
user
andpermission
group permission
groups, respectively).
When
a program
group
groups, respectively).
When a program
with the
setuid bitwith
set isthe
run,setuid
it is
owner
theas
file,the
notowner
the userofwho
the program.
setgid
bit works
same, but
bit run
setasisthe
run,
it isofrun
thestarted
file, not
the userThe
who
started
the the
program.
The
for groups.
setgid
bit works the same, but for groups.
the permissions of a file or directory, use the l s command with the - l option (to enable long file
To To
listlist
the
permissions of a file or directory, use the ls command with the -l option (to enable
listing; see the man page for l s ). For example, to see the permissions set for the file “foobar” in the
long
file listing;
see
the
man page for ls). You can see something like this:
current
directory
has,
write:
% l s - l f oobar
- r wx r - x r - - 1 j ohn us er s 64 May 26 09: 55 f oobar
Each group of permissions is represented by three characters in the leftmost column of the listing. The
very
first character
indicates
the typeto
ofget
the the
file, file
andlist
is not
to permissions.
nextfor
three
Q 21.
Use the
ls command
andrelated
then use
with the -l The
option
any
characters
(in
this
case
rwx)
represent
user
permissions.
The
following
three
(in
this
case
r-x)
represent
two files and examine what you can see.
group permissions and the final three represent permissions for others (in this case r--).
Thegroup
ownerof
and
group of the is
filerepresented
are given by the
fourth column,
respectively
john of
andthe
Each
permissions
by third
threeand
characters
in the
leftmost(user
column
group
users
in
this
example).
listing. The very first character indicates the type of the file, and is not related to permissions.
this example
the owner, “john”,
allowed
to read,
write and
execute
the file (rwx).
belonging
TheInnext
three characters
(in thisis case
rwx)
represent
user
permissions.
The Users
following
three
thecase
groupr-x)
“users”
are allowed
to read
and executeand
the the
file (r-x),
cannot
write to it.permissions
All other usersfor
(in to
this
represent
group
permissions
finalbut
three
represent
are allowed to read foobar (r--), but not write or execute it.
others
(in this case r--).
File types
The owner and group of the file are given by the third and fourth column, respectively (user
Theand
firstgroup
character,
theintype
indicates the file type. In the example above the file type is “-”, which
john
users
thisfield,
example).
indicates a regular file. Other file types include: d for directory, l (lower case ell) for symbolic link, s for
Unix example
domain socket,
p for named
pipe, is
c for
character
andand
b forexecute
block device
In this
the owner,
“john”,
allowed
to device
read, file
write
thefile.
file (rwx). Users
belonging
to the
group
“users” are allowed to read and execute the file (r-x), but cannot write
Manipulating
access
rights
to it. All other users are allowed to read foobar (r--), but not write or execute it.
The c hmod and c hown commands are used to manipulating permissions.
Filec hm
types
od is used to manipulate permissions. Permissions can be specified using either “long” format or a
mode (all permission
bits together
are called
thetype.
file’s mode).
long format
takes
string
of is
Thenumeric
first character,
the type field,
indicates
the file
In the The
example
above
theafile
type
permission values (r, w or x) together with a plus or minus sign. For example, to prevent any user from
“-”,changing
which indicates
a regular file. Other file types include: d for directory, l (lower case ell) for
the file foobar we would do as follows to disable write permission, then verify that the change
symbolic
link,
s
for
Unix
domain socket, p for named pipe, c for character device file and b for
has taken place:
block device file.
% c hmod - w f oobar
% l s –l access
f oobarrights
Manipulating
- r - x r - x r - x 1 j ohn us er s
81 May 26 10: 43 f oobar
TheTochmod
and chown
commands
areminus
usedsign
to manipulating
permissions.
enable write
access again,
replace the
with a plus sign (chmod
+w foobar).
Exercise 6: Long format chmod
6-1
It is possible to set individual permissions for user, group and others using c hmod. Review the
documentation and answer the following questions:
(a)
How can you set the permission string to user read/write, group read, others read
using c hmod in long format?
File types
The first character, the type field, indicates the file type. In the example above the file type is “-”, which
indicates a regular file. Other file types include: d for directory, l (lower case ell) for symbolic link, s for
Unix domain socket, p for named pipe, c for character device file and
b for block device
file.
CSE-478
Introduction
to Computer
Security
Manipulating access rights
The c hm
andto
c hown
commands
are used to manipulating
permissions.
chmod
is od
used
manipulate
permissions.
Permissions
can be specified using either “long”
c hmod
to manipulate
permissions.
Permissions
can be specified
using
either
“long”
format
or long
a
format
orisaused
numeric
mode (all
permission
bits together
are called
the
file’s
mode).
The
numeric
mode
(all
permission
bits
together
are
called
the
file’s
mode).
The
long
format
takes
a
string
of
format takes a string of permission values (r, w or x) together with a plus or minus sign. For
permission values (r, w or x) together with a plus or minus sign. For example, to prevent any user from
example,
to prevent any user from changing the file foobar we would do as follows to disable
changing the file foobar we would do as follows to disable write permission, then verify that the change
write
permission,
has taken place: then verify that the change has taken place:
% c hmod - w f oobar
% l s –l f oobar
- r - x r - x r - x 1 j ohn us er s 81 May 26 10: 43 f oobar
To enable write access again, replace the minus sign with a plus sign (chmod +w foobar).
Answer the following questions in your report.
Exercise 6: Long format chmod
Q 22. It is possible
It is possible
to set individual permissions for user, group and others using
to set individual permissions for user, group and others using c hmod. Review the
chmod.
Review
the
documentation
and
answer the following questions:
documentation and answer the following
questions:
a)
How How
can you
set the permission string to user read/write, group read, others
(a)
can you set the permission string to user read/write, group read, others read
read using
long
format?
using cchmod
hmod in in
long
format?
b) How can you revoke group write permissions on a file without changing any
(b)
How can you revoke group write permissions on a file without changing any other
otherpermissions?
permissions?
c) How can you grant user and group execute permissions without changing any
(c)
How can you grant user and group execute permissions without changing any other
otherpermissions?
permissions?
6-1
to the questions above.
In Report:
numeric Answers
mode, each
permission is treated as a single bit value. The read permission has
value
4,
write
value
2
and
execute
valueas1.aThe
is aThe
three
string
where
In numeric mode, each permission
is treated
singlemode
bit value.
readcharacter
permissionoctal
has value
4, write
thevalue
first2 digit
contains
sum
of the
usercharacter
permissions,
the where
second
of the group
and execute
valuethe
1. The
mode
is a three
octal string
thethe
firstsum
digit contains
the
sum
of
the
user
permissions,
the
second
the
sum
of
the
group
permissions
and
the
third
the
sum
of
the
permissions and the third the sum of the others permissions. For example, to set the
others permissions.
For example, to(user
set themay
permission
string “-rwxrw-r--”
(userread
may do
groupnot
permission
string “-rwxrw-r--”
do anything,
group may
oranything,
write, but
execute and all others may read) for a file, you would calculate the mode as follows:
may read or write, but not execute and all others
mayBASICS
read) for a file, you would calculate the mode as
IDA/ADIT
LXB: LINUX
9
follows:
• User: 4 + 2 + 1 = 7 (rwx)
User:• may
4+2+1=
7or(rwx)
Group:
+write,
2 = 6but
(rw-)
read 4
not execute and all others may read) for a file, you would calculate the mode as
follows:
• Others:
4 = 4 (r--)
Group:
4+2 = 6 (rw-)
Others: User:
4 = 4 (r--)4+2+1= 7 (rwx)
Together with chmod the string “764” can then be used to set the file permissions:
4+2the
= 6string
(rw-) “764” can then be used to set the file permissions:
TogetherGroup:
with c hmod
Others: 4 = 4 (r--)
% c hmod 764 f oobar
% l sTogether
- l f oobar
with c hmod the string “764” can then be used to set the file permissions:
- r wx r w- r - - 1 j ohn us er s 81 May 26 10: 43 f oobar
% c hmod 764 f oobar
Numeric combinations
generally quicker to work with once you learn them, especially when making
% l s - l are
f oobar
more
complicated
changes
to
and
encouraged
to usethem,
them. especially
It is
- r wx r w- r - - 1
jfiles
ohn
usdirectories.
er s quicker
81 MTherefore,
ayto26
10:you
43are
f once
oobar
Numeric combinations
are
generally
work
with
you learn
useful
to
learn
a
few
common
modes
by
heart:
when Numeric
makingcombinations
more complicated
changes
files
Therefore,
youmaking
are
are generally
quicker toto
work
withand
oncedirectories.
you learn them,
especially when
755
Full rights
to them.
user,changes
execute
and
read
rights
toa others.
Typically modes
used
for by
executables.
encouraged
to use
It is useful
to
learn
few common
heart: to use them. It is
more
complicated
to
files
and
directories.
Therefore,
you are
encouraged
useful to learn a few common modes by heart:
644
Read and write rights to user, read to others. Typically used for regular files.
755
Full rights to user, execute and read rights to others. Typically used for executables.
777
Read, write and execute rights to everybody. Rarely used.
644
Read and write rights to user, read to others. Typically used for regular files.
Exercise 7: Numeric file modes
777
Read, write and execute rights to everybody. Rarely used.
7-1
What do the following numeric file modes represent:
Exercise 7: Numeric file modes
(a)
666
7-1
What do the following numeric file modes represent:
(b)
770
(a)
666
(c)
640
(b)
770
(d)
444
(c)
640
7-2
What command-line argument to c hmod allows you to alter the permissions of an entire
directory(d)
tree?
444
777
Read, write and execute rights to everybody. Rarely used.
Exercise 7: Numeric file modes
CSE-478
7-1
Introduction to Computer Security
What do the following numeric file modes represent:
(a)
666
Answer the following questions in your report.
(b)
770
Q 23. What do the following numeric file
represent:
(c) modes 640
a) 666
(d)
b) 770
7-2
What command-line argument to c hmod allows you to alter the permissions of
directory tree?
7-3
What does execute (x) permission mean on directories?
7-4
A user wants to set the permissions of a directory tree rooted in dir so that the
c) 640
d) 444
444
Q 24. What command-line argument
chmod
allows
you (but
to alter
the permissions
of an else has any acce
groupto
can
list, read
and write
not execute)
files, but nobody
entire directory tree?
of the following commands is most appropriate? Why?
(a)
chmod
–R 660 dirtree rooted in dir so that the
Q 25. A user wants to set the permissions
of a directory
user and group can list, read
(but
files, but nobody else has
(b)and write
chmod
–Rnot
770 execute)
dir
any access. Which of the following commands is most appropriate? Why?
a) chmod –R 660 dir
b) chmod –R 770 dir
Report:
(c)
chmod –R u+rw,g+rw,o-rwx dir
When answering this question, consider how the execute permission is handle
various choices, and what importance the execute permission has on directories.
Answers to the questions above.
The chown is used to change the owner and group for a file. To change the user from “john”
c hown
is used
to changeissue:
the owner and group for a file. To change the user from “john” to “m
to “mike” and the group from
“users”
to “wheel”
the group from “users” to “wheel” issue:
% c hown mi k e: wheel f oobar
Note that some Unix systems do not support changing the group with c hown. On these syst
Note that some Unix systems
not
support
changing
the group
with
Onbethese
c hgrdo
p to
change
tile file’s
group. Changing
owner
of a chown.
file can only
done by privileged user
systems, use chgrp to change
tileUnprivileged
file’s group.
Changing
owner
of a file
only
done
root.
users
can change
the group
of a can
file to
anybe
group
theybyare a member of. P
users
can manipulation
alter theusers
group can
arbitrarily.
privileged users
such
as root.
Unprivileged
change the group of a file to any group
Exercise
8: Owner
and
group
they are a member
of.
users can
8-1
HowPrivileged
can you change
the alter
ownerthe
andgroup
grouparbitrarily.
of an entire directory tree (a directory, its
Symbolic links
Report:
subdirectories and all the files they contain) with a single command?
Answers to the questions above.
In Unix, it is possible to create a special file called a symbolic link that points to another file,
Symbolic linksIDA/ADIT
LINUX
BASICS
the target file, allowing
the target file to be accessed throughLXB:
the
name
of the special file.
In
Unix,
it
is
possible
to
create
a
special
file
called
a
symbolic
link
that
points
to another
file, the
Similar functions exist in other operating systems, under different names (e.g.
“shortcut”
or target
file, allowing the target file to be accessed through the name of the special file. Similar functions exist in
“alias”).
other operating systems, under different names (e.g. “shortcut” or “alias”).
For example,
make it
to access
/etc/init.d/myservice
Forto
example,
to possible
make it possible
to access
/etc/init.d/myserviceas
as /etc/rc2.d/S98myservice,
/etc/rc2.d/S98myservice, you would
you would issue
issuethe
thefollowing
following
command:
command:
% l n –s / et c / i ni t . d/ my s er v i c e / et c / r c 2. d/ S98my s er v i c e
Symbolic
can to
point
to any
type
file or
and and
are mostly
transparent
to applications.
Symbolic links
canlinks
point
any
type
ofoffile
ordirectory,
directory,
are mostly
transparent
to
applications.
Unix also supports a concept called “hard linking”, which makes it possible to give a file several different
names (possibly in different directories) that are entirely equal (i.e. there is no concept of “target”, as all
File and Directory
Commands
names areManipulation
equally valid for the
file).
File and Directory Manipulation Commands
Many Unix commands are concerned with manipulating files and directories. The following
Many
commands
arecommands
concerned with
manipulating
files and directories.
Theman
following
lists
lists some of
theUnix
most
common
in their
most common
forms. The
page
forsome of
the most common commands in their most common forms. The man page for each command contains
each command
contains full details, and reading the man pages will be necessary to complete
full details, and reading the man pages will be necessary to complete the exercise.
following the exercises.
Command
Purpose
t ouc h f i l ename
Change the creation date of filename (creating it if necessary).
pwd
Displays the current working directory.
c d di r ec t or y
Changes the current working directory to directory.
ls
Lists the contents of directory. If directory is omitted, lists the contents
of the current working directory. With arguments, can display
names are equally valid for the file).
File and Directory Manipulation Commands
Many Unix commands are concerned with manipulating files and directories.
The following
lists some
of
CSE-478
Introduction
to Computer
Security
the most common commands in their most common forms. The man page for each command contains
full details, and reading the man pages will be necessary to complete the exercise.
Command
Purpose
t ouc h f i l ename
Change the creation date of filename (creating it if necessary).
pwd
Displays the current working directory.
c d di r ec t or y
Changes the current working directory to directory.
ls
Lists the contents of directory. If directory is omitted, lists the contents
of the current working directory. With arguments, can display
information about each file (see the manual page).
c at f i l ename
Display the contents of filename
l es s f i l ename
Displays the contents of filename page-by-page (l es s is a so-called
pager). Press the space bar to advance one page; b to go back one
page; q to quit; and h for help on all commands in less.
r m f i l ename
Removes the file filename from the file system.
mv ol dname newname
Renames (moves) the file oldname to newname. If newname is an
existing directory, moves oldname into the directory newname.
mk di r di r name
Creates a new directory named dirname.
r mdi r di r name
Removes the directory dirname. The directory must be empty for
r mdi r to work.
c p f i l ename newname
Creates a copy of filename named newname. If newname is a
directory, creates a copy named filename in the directory newname.
c hmod modes f i l ename
Change permissions on filename according to modes.
c hgr p gr oup f i l ename
Change the group of filename to group.
c hown us er f i l ename
Change the owner of filename to user.
l n –s ol dname newname
Creates a symbolic link, so that oldname can also be accessed as
newname.
IDA/ADITQ
13. What does cd .. do?
LXB: LINUX BASICS
Q 14. What does cd ../.. do?
Q 15. What information about a file is shown by l s - laF?
11
The Command shell
In Unix, the shell is the program that is responsible for interpreting commands from the user.
The canonical shell is the bourne shell, sh, which has evolved into the POSIX shell. This shell
has limited functionality, but is often used for shell scripts (programs written in the shell
command language). On Linux, the most common shell is bash (bourne again shell). Bash is a
POSIX-compatible shell that adds a number of useful functions. For interactive use, its line
editing and command history are particularly important. There are a number of other shells
available. The Korn shell (ksh), is standard on many systems, as is the C shell (csh) and the TC
shell (t csh).
Each shell uses its own syntax for internal functions (such as setting variables, redirecting I/O
and so forth), but there are two main variants in widespread use. Shells that trace their roots
to the bourne shell use one syntax (which is POSIX-compatible), and shells that are based on
the C shell use another. In addition, there are a number of shells which owe little to either of
CSE-478
Introduction to Computer Security
these traditions, and they may use a completely different (and occasionally quite bizarre)
syntax.
When the shell starts, it reads one or more files, depending on how it is started. These are
called rc or init files. For example, the bourne shell reads the file .profile in your home
directory, while t csh reads .login and .tcshrc (if started as a login shell). These files may
contain sequences of shell commands to run automatically. Typically, they are used to set up
the shell and environment to suit the user’s preferences.
Using the shell efficiently
Learning to use the shell efficiently is a very worthwhile investment. New users should at the
very least learn how to use the command history (repeating previous commands), command
line editing (editing the current or previous commands) and tab completion (saving time by
letting the computer figure out what you mean).
The following text assumes that you are using bash or zsh with bash-like key bindings. Other
shells will behave differently; the manual for the shell will explain how.
Command history
All (at least many) of the commands you type are kept in the command history. You can
browse the history by using the up and down arrows (or crtl+P and crtl+N). When you find a
command you want to use, you can edit it just as if you had typed it on the command line.
You should also be aware of esc+< and esc+>, which move to the beginning and the end of
the command history, respectively. You can also search the command history by typing crtl+R
and then the word you want to search for.
Tab completion
Completion is one of the most useful features of a good shell. The idea behind completion is
that often the prefix of something (a command, file name or even command-line option)
uniquely identifies it, or at least uniquely identifies part of it. For example, if there are two
files in a directory, READFIRST and READSECOND, when a user types R where the shell expects
a file name, the shell can deduce that the next three characters will be EAD, and when the
user has typed READS, the shell can deduce that the user means READSECOND.
Rather than type out annoyingly long file names, learn to use tab completion.
Environment and shell variables
Unix, and many other operating systems, including Windows NT/2000/XP/2003/Vista have
the concept of environment variables. These are name-to-value mappings that are available
to each running program, and constitute the program’s environment. In Unix, environment
variables are widely used for simple configuration of programs. Unix shells typically support
shell variables in addition to environment variables. These are variables that are available to
the shell, but are not exported to other processes.
Environment and shell variables are altered using shell syntax:
Unix, and many other operating systems, including Windows NT/2000/XP/2003/Vista have the concept
of environment variables. These are name-to-value mappings that are available to each running
program, and constitute the program’s environment. In Unix, environment variables are widely used for
simple configuration of programs. Unix shells typically support shell variables in addition to environment
CSE-478
Computer
Security
variables. These are variables that are available to the shell, but are Introduction
not exported toto
other
processes.
Environment and shell variables are altered using shell syntax:
NAME=VALUE
POSIX (and bas h) syntax. Sets the variable NAME to VALUE. Does not necessarily set the
environment variable (shell dependent).
ex por t NAME
POSIX (and bas h) syntax. Makes NAME and its value part of the environment, so its value is
available to any program that is started from the shell after the export command was given
(programs started from other shells are not affected).
s et env NAME VALUE
IDA/ADIT
LXB:variable
LINUX BASICS
13
C shell syntax. Sets the environment
NAME to VALUE. Use s et instead of s et env to set
a shell variable.
AllExercise
(useful)
shells support
parameter
expansion. This process replaces part of a command
11:Unix
Manipulating
environment
variables
line with the contents of an environment or shell variable. In most shells, the syntax is “${
11-1
Use the env command to display all environment variables. What is PATH set to (you might
NAME} ” towant
expand
environment
variable
command
canforbeyour
combined
to usethe
gr ep
to find it)? What
is thisNAME.
variableThe
usedecho
for (the
man pages
shell
with variable
expansion
to
output
the
value
of
a
particular
variable.
For
example,
“echo ${
might be helpful in answering this question)?
HOME}
”, when
HOME is set to “/ home/ user ”, will output “/ home/ user ”. Note that the
11-2
Use ec ho to display the value of HOME. What does the HOME variable normally contain?
shell is responsible for expanding the variable; the echo command will receive the contents
Prepend / dat a/ k ur s / adi t / bi n: / dat a/ k ur s / TDDI 09/ bi n to the variable PATH.
of11-3
the variable
as its sole argument. The man page for your shell will list various ways of
The easiest way to accomplish this is to use variable expansion in the right-hand side of the
performingassignment.
parameter expansion.
Now
do theAnswers
following
activities
NOT add
Report:
to 11-1
and 11-2.but
TheDO
commands
usedanswers
in 11-3 in your report.
• Use the env command to display all environment variables. What is PATH set to (you
All (useful)
Unix
shellstosupport
expansion.
Thisisprocess
replacesused
part offor
a command
with for
might
want
use grparameter
ep to find
it)? What
this variable
(the manline
pages
the contents of an environment or shell variable. In most shells, the syntax is “${ NAME} ” to expand the
your shell might be helpful in answering this question)?
environment variable NAME. The ec ho command can be combined with variable expansion to output
the• value
a echo
particular
variable.
example,
“ec ho
${ does
HOME}the
”, HOME
when HOM
E is set
to
11-2 ofUse
to display
theFor
value
of HOME.
What
variable
normally
“/ homcontain?
e/ us er ”, will output “/ home/ us er ”. Note that the shell is responsible for expanding the
variable; the ec ho command will receive the contents of the variable as its sole argument. The man
page
your shell
will list various ways of performing parameter expansion.
• for
11-3
Prepend/data/kurs/adit/bin:/data/kurs/TDDI09/bintothevariablePATH.
The
easiest way to accomplish this is to use variable expansion in the right-hand side of
the assignment.
Redirecting I/O
m
Redirecting I/O & Pipeline
You absolutely must run these exercises in the bash shell, or results will not be as expected. You have
twoprovides
simple options:
either
runof
theredirecting
exercises in the
a UML
instance
(this assumes to
that
youor
know
howcommands
to start
Unix
several
ways
output
of commands
files
other
yourseveral
UML systems)
bash manually,
issuing
the command
bas h inThe
a terminal
and
ways or
ofstart
directing
data tobythe
input
of commands.
basicwindow.
mechanisms are
redirections
pipes.
precise mechanisms
ontothe
you commands
are using;and
these
Unix providesand
several
waysThe
of redirecting
the output ofdepend
commands
filesshell
or other
several ways assume
of directing
to shell
the input
commands.
The basic
mechanisms
aremore
redirections
and
instructions
thedata
bash
(seeof“The
Command
shell”
above for
information
pipes.shells).
The precise mechanisms depend on the shell you are using; these instructions assume the bash
about
shell (see “The Command shell” above for more information about shells).
In Unix, I/O is performed from file descriptors. These are simply numbered input or output
In Unix, I/O is performed from file descriptors. These are simply numbered input or output streams that
streams
that point
to sources
or(e.g.
destinations
of network
data (e.g.
files, terminals,
network
point to sources
or destinations
of data
files, terminals,
connections).
By convention,
file
connections).
By convention,
file
descriptor
0 isdefault
called
standard
input
or stdin,1 and
is the
descriptor 0 is called
standard input
or stdin,
and is the
source
for input;
file descriptor
is called
standard
out orfor
stdout,
andfile
is where
output is
by default;
file descriptor
2 is called
standard
error
or
default
source
input;
descriptor
1 sent
is called
standard
out or stdout,
and
is where
output
stderr,
and
is
usually
used
for
printing
error
messages.
is sent by default; file descriptor 2 is called standard error or stderr, and is usually used for
printing
error messages.
I/O redirection
simply is a matter of changing what the file descriptors point to.
Youredirection
can redirect output
commandoftochanging
a file using the
> orthe
>> operators.
I/O
simplyfrom
is aa matter
what
file descriptors point to. You can
redirect output from a command to a file using the > or >> operators.
c ommand > f i l ename
The output of command is written to filename. The file will be created if it doesn’t exist, and any
previous contents will be erased. In some shells there is a noclobber option. If this is set, you may
have to use the >! operator to overwrite an existing file.
In technical terms, this opens filename for writing, then changes file descriptor 1 (stdout) to point
descriptor 0 is called standard input or stdin, and is the default source for input; file descriptor 1 is called
standard out or stdout, and is where output is sent by default; file descriptor 2 is called standard error or
stderr, and is usually used for printing error messages.
CSE-478
Introduction
to Computer Security
I/O redirection simply is a matter of changing what the file descriptors
point to.
You can redirect output from a command to a file using the > or >> operators.
c ommand > f i l ename
The output of command is written to filename. The file will be created if it doesn’t exist, and any
previous contents will be erased. In some shells there is a noclobber option. If this is set, you may
have to use the >! operator to overwrite an existing file.
In technical terms, this opens filename for writing, then changes file descriptor 1 (stdout) to point
to the open file.
c ommand >> f i l ename
The output of command is appended to filename. The file will be created if it doesn’t already
exist.
IDA/ADIT
In technical terms, this opens filename for writing, seeks to the end of the file, then changes file
LXB: LINUX BASICS
14
descriptor 1 (stdout) to point to the open file.
In technical terms, this opens filename for writing, seeks to the end of the file, then changes file
These basic
redirection
commands
redirect
they dooutput;
not redirect
error.
If
These
basic
redirection
commands
only
redirectoutput;
standard
theystandard
do not
redirect
descriptor
1 (stdout)
to
pointonly
to the
open standard
file.
you want to redirect all output, you have to redirect file descriptor two as well. The exact syntax for
standard error. If you want to redirect all output, you have to redirect file descriptor two as
redirecting errors (and other file descriptors) is very shell-dependent.
well.
syntax
for redirecting
other
descriptors)
is very
TheseThe
basicexact
redirection
commands
only redirecterrors
standard(and
output;
they file
do not
redirect standard
error.shellIf
dependent.
want
all output,
you have to redirect file descriptor two as well. The exact syntax for
cyou
omm
and to2>redirect
f i l enam
e
redirecting errors (and other file descriptors) is very shell-dependent.
The output of command to standard error (usually error messages) written to filename. The file
will be created if it does not already exist, and any previous contents will be overwritten.
c ommand 2> f i l ename
In
technical
terms,
this is to
thestandard
same aserror
>, but
it changes
descriptor
2 (stderr)
insteadThe
of file
The
output of
command
(usually
error file
messages)
written
to filename.
file
descriptor
one.
will be created if it does not already exist, and any previous contents will be overwritten.
c ommand
2>> f i terms,
l enam
e is the same as >, but it changes file descriptor 2 (stderr) instead of file
In technical
this
The
output one.
of command to standard error (usually error messages) is appended to filename. The
descriptor
file will be created if it does not already exist.
c ommand 2>> f i l ename
In
technical
terms,
this is to
thestandard
same aserror
>>, but
it changes
file descriptor
2 (stderr)toinstead
of The
file
The
output of
command
(usually
error messages)
is appended
filename.
descriptor
one.
file will be created if it does not already exist.
In technical terms, this is the same as >>, but it changes file descriptor 2 (stderr) instead of file
descriptor
c ommand
2>&1 one.
Output from command to standard error is sent to whatever standard out points to at the
moment (it does not link standard error and standard out, so if standard out is redirected later,
c ommand 2>&1
that redirection will not affect standard error). The most common use of this is to redirect
Output from
command
standard
sent to whatever standard out points to at the
standard
out and
standardtoerror
to theerror
same is
file.
moment (it does not link standard error and standard out, so if standard out is redirected later,
Technically,
file descriptor
2 becomes
a copy
of fileThe
descriptor
1 so that
they
same
that redirection
will not affect
standard
error).
most common
use
of point
this istotothe
redirect
thing.
The
two
file
descriptors
remain
independent
of
each
other.
This
means
that
the
order
in
standard out and standard error to the same file.
which you perform redirections matters when using 2>&1.
Technically, file descriptor 2 becomes a copy of file descriptor 1 so that they point to the same
thing. The two file descriptors remain independent of each other. This means that the order in
you performoutput
redirections matters when using 2>&1.
Exercisewhich
12: Redirecting
12-1
Where will stdout and stderr be redirected in the following examples? If you want to test your
theories,
use /data/kurs/TDDI09/bin/stdio
for command. This program outputs a series of E:s
Redirecting
output
InExercise
addition12:
to
to files,
it isa possible
output
to other commands.
The mechanism
toredirecting
stderr (file output
descriptor
2) and
series of to
O:sredirect
to stdout
(file descriptor
1).
that
makes this
possible
is called
pipe.
Thebe
Unix
philosophy
of command
design is that
each
command
should
12-1
Where
will stdout
and
stderr
redirected
in the
following examples?
If you
want
to test your
c om
mwell,
and and
>f ithat
l e1complex functions
perform one(a)
small function
are performed
by combining
simple
commands
theories,
use
/data/kurs/TDDI09/bin/stdio
for command.
This program
outputs
a series
of E:s
with pipes and
redirection.
Itand
actually
(b)
c om
m
2>&1
>faquite
i series
l e1well.
to stderr
(file
descriptor
2)works
and
of O:s to stdout (file descriptor 1).
(c)
ccom
(a)
omm
mand
and >f
>f ii ll e1
e1 2>&1
When
these,2>&1
remember
(b) answering
c ommand
>f i l that
e1 the order of redirections matters!
Report:
The
tom
12-1.
(c) answers
c om
and >f i l e1 2>&1
When answering these, remember that the order of redirections matters!
In addition to redirecting output to files, it is possible to redirect output to other commands. The
Report: The
to 12-1.
mechanism
thatanswers
makes this
possible is called pipe. The Unix philosophy of command design is that each
command should perform one small function well, and that complex functions are performed by
In additionsimple
to redirecting
to files,
is possibleIt to
redirect
output
other commands. The
combining
commandsoutput
with pipes
and it
redirection.
actually
works
quiteto
well.
mechanism that makes this possible is called pipe. The Unix philosophy of command design is that each
Report:
The answers to 12-1.
In addition to redirecting output to files, it is possible to redirect output to other commands. The
mechanism that makes this possible is called pipe. The Unix philosophy
of command
is thatSecurity
each
CSE-478
Introduction
todesign
Computer
command should perform one small function well, and that complex functions are performed by
combining simple commands with pipes and redirection. It actually works quite well.
c ommand1 | c ommand2
The output (standard out) from command1 is used as the input (standard in) to command2. Note
that this connection is made before any redirection takes place.
From a technical point of view, file descriptor 1 (stdout) of command1 becomes linked to file
descriptor 0 (stdin) of command2.
c ommand1 2>&1 | c ommand2
IDA/ADIT
LXB: LINUX BASICS
15
Both standard out and standard error from command1 will be used as input (standard in) to
command2.
From a technical point of view, both file descriptor 2 (stderr) and file descriptor 1 (stdin) will be
linked to file descriptor 0 (stdin) of command2.This works because pipes are always connected
before redirection.
Now
answers
the following questions in your report:
Exercise
13: Pipelines
13-1
What do the following commands do? If you want to test your theories, use
Q 16. Where
will stdout and stderr
be redirected
command
2>&1
> file1
/data/kurs/TDDI09/bin/stdio
for command
and grepfor:
for “E”
rather than
“fail”.
Q 17. What do the following command do: command 2>&1 | grep –i fail
(a)
l s | gr ep –i doc
Processes(b)
and jobsc ommand
2>&1 | gr ep –i f ai l
(c)
c ommand
2>&1 >/
dev / nulsystem.
l | gr ep
–i f users
ai l can use the computer at
Linux is a multi-tasking,
multi-user
operating
Several
13-2 and Write
lines
to perform
following tasks:
once,
eachcommand
user can
run
severalthe
programs
at the same time. Every program that is
executed results
in Output
at leasta one
process.
Each
process
identifier
and has
its own
(a)
recursive
listing
(using
l s ) ofhas
youra process
home directory,
including
invisible
files, to with
the file
/ t mp/processes.
HOMEFI LES.
memory area not shared
other
A job is a processes that is under the control
of a command
Since
are connected
to command
they are slightly
(b) shell.
Find
any jobs
files (using
f i nd) on the
system that shells,
are world-writable
(i.e. theeasier
write to
permission
for “others” is set). Error messages should be discarded (redirected to
manipulate than other
processes.
/ dev / nul l ). This command is actually useful for auditing the security of a system
Processes are very important
in Unix,
so you
shouldrisks.
be very familiar with the terminology and
– world-writable
files can
be security
commands associated with Unix processes.
Report:
Answers to 13-1 and the solutions in 13-2.
Processes and terminals
Processes and jobs
A terminal is an I/O device, which basically represents a text-based terminal device. Terminals
Linux is a multi-tasking, multi-user operating system. Several users can use the computer at once, and
(oreach
ttys)
play a special role in Unix, as they are the main method of interaction between a user
user can run several programs at the same time. Every program that is executed results in at least
and
text-based
programs.
Traditionally
terminals
were
physical
devices;
today
wewith
tend
to use
one process. Each
process has
a process identifier
and has
its own
memory
area not
shared
other
windowing
with terminal
emulators;
terms,shell.
these
are
implemented
using
processes. Asystems
job is a processes
that is under
the controlinofUnix
a command
Since
jobs
are connected to
command
shells,
they
are
slightly
easier
to
manipulate
than
other
processes.
pseudo-terminals (or ptys), which behave like physical terminals from the program’s point of
view,
but are
only implemented
software.
Processes
arereally
very important
in Unix, soinyou
should be very familiar with the terminology and
commands associated with Unix processes.
A process in Unix may have a controlling terminal. The controlling terminal is inherited when
Processes
and terminals
a new
process
is created, so all processes with a common ancestry share the same controlling
A terminalFor
is an
I/O device,
which
basically
a text-based
terminalwith
device.
Terminals (orterminal
ttys)
terminal.
example,
when
you
log in,represents
a command
shell is started
a controlling
play a special the
role terminal
in Unix, asor
they
are theyou
mainlogged
methodinofon;
interaction
between
a user
representing
window
processes
created
by and
thetext-based
shell inherit
programs.
Traditionally terminals
physical
today
tend to use
windowing
systems
with
the
same controlling
terminal.were
When
youdevices;
log out,
all we
processes
with
the same
controlling
terminal emulators; in Unix terms, these are implemented using pseudo-terminals (or ptys), which
terminal
as the
process
you terminated
by logout
sent the
HUPreally
signal
below). in
behave like
physical
terminals
from the program’s
pointare
of view,
but are
only(see
implemented
A software.
process with a controlling terminal can be controlled from the keyboard. The default
A
process
Unixare
maythat
havecrtl+Z
a controlling
terminal.
The controlling
terminal is inherited
when aaborts
new it
settings
in inUnix
suspends
a process,
crtl+C terminates
it and crtl+\
process is created,
so all processes
with a common
ancestry share
the same controlling
For
(terminates
with extreme
prejudice).
This is actually
implemented
by havingterminal.
the terminal
example, when you log in, a command shell is started with a controlling terminal representing the
driver intercept the key presses and sending predefined signals to the process.
terminal or window you logged in on; processes created by the shell inherit the same controlling
terminal. When you log out, all processes with the same controlling terminal as the process you
terminated by logout are sent the HUP signal (see below).
A process with a controlling terminal can be controlled from the keyboard. The default settings in Unix
are that vZ suspends a process, vC terminates it and v\ aborts it
(terminates with extreme prejudice). This is actually implemented by having the terminal driver
CSE-478
Introduction to Computer Security
Foreground, background and suspended processes
The distinction between foreground and background processes is mostly related to how the
process interacts with the terminal driver. There may be at most one foreground process at
a time, and this is the process which receives input and signals from the terminal driver.
Background processes may send output to the terminal, but do not receive input or signals.
If a background process attempts to read from the terminal it is automatically suspended. It
is shown like this in the terminal:
A process that is suspended is not executing. It is essentially frozen in time waiting to be
woken. Processes are suspended by sending them the TSTP or STOP signals. The TSTP signal
can be sent by typing vZ when the process is in the foreground (assuming standard shell and
terminal settings). The STOP signal can be sent using the ki l l command. A process which is
suspended can be resumed by sending it the CONT signal (e.g. using f g, bg or ki l l ).
Sometimes it is desirable to run a process in the background, detached from its parent and
from its controlling terminal. This ensures that the process will not be affected by its parent
terminating or a terminal closing. Processes which run in the background like this are called
daemons, and the logic that detaches them is in the program code itself. Some shells (e.g.
zsh) have a feature that allows the user to turn any process into a daemon.
Signals
The simplest form of inter-process communication in Unix are signals. These are content-free
messages sent between processes, or from the operating system to a process, used to signal
exceptional conditions. For example, if a program attempts to violate memory access rules,
the operating system sends it a SEGV signal (known as a segmentation fault).
There is a wide range of signals available, and each has a predefined meaning (there are two
user- defined signals, USR1 and USR2 as well) and default reaction. By default, some signals
are ignored (e.g. WINCH, which is signaled when a terminal window changes its size), while
others terminate the receiving program (e.g. HUP, which is signaled when the terminal a
process is attached to is closed), and others result in a core dump (dump of the process
memory; e.g. SEGV, which is sent when a program violates memory access rules).
Programs may redefine the response to most, but not all, signals. For example, a program
may ignore HUP signals, but it can never ignore KILL (kill process) ABRT (process aborted) or
STOP (suspend process). A few process related commands are given in the next page.
Do the following activities, but DO NOT include them in the report:
•
•
•
Create a long running process by typing pi ng 127. 0. 0. 1. Suspend it with vZ and bring
it to the foreground with f g. Terminate it with vC.
14-2 Create a long running process in the background by typing pi ng 127. 0. 0. 1 >/
dev/ nul l &. Find out its process id using ps and kill it using ki l l .
14-3 What does the command ki l l - 9 pi d do, where pid is the number of a process?
What does ki l l - 9 - 1 do? Read the documentation to figure the last one out as it is a
somewhat dangerous command.
violates memory access rules).
Programs may redefine the response to most, but not all, signals. For example, a program may ignore
HUP signals, but it can never ignore KILL (kill process) ABRT (process aborted) or STOP (suspend
CSE-478
Introduction to Computer Security
process).
Process-related commands
Command
Purpose
ps aux
List all running processes.
k i l l - s i gnal pi d
Send signal number signal to process with ID pid. Omit signal to just
terminate the process. If pid has the form %n, then send signal to job
n.
k i l l - 9 pi d
Send signal number 9 (SIGKILL) to process with ID pid. This is a lastresort method to terminate a process.
pk i l l pat t er n
Kill all processes that match pattern. By default, only the command
name is searched for pattern.
j obs
Display running jobs.
vC
Interrupts (terminates) the process currently in the foreground.
vZ
Suspends the process currently running in the foreground.
vS
Stops output in the active terminal (this is not strictly process control,
but output control).
vQ
Resumes output in the active terminal.
c ommand &
Runs command in the background.
bg
Resumes a suspended process in the background. If the process needs
to read from the terminal, it will be suspended again.
fg
Brings a process in the background to the foreground. This will resume
the process if it is currently suspended.
IDA/ADIT
LXB: LINUX BASICS
17
Editing
viewing and
filesjobs
Exerciseand
14: Processes
14-1 are Create
long editors
running process
by for
typing
pi ngRegardless
127. 0. 0.of
1.which
Suspend
it with
vZ
There
lots ofatext
available
Linux.
text
editor
your prefer,
and
bring
it
to
the
foreground
with
f
g.
Terminate
it
with
vC.
it is useful to have a working knowledge of vi , since it is shipped with almost every Unix
variant
exists.
vi tointhethe
point
where you
editpitext
there
14-2 that
Create
a You
long should
runninglearn
process
background
by can
typing
ng files,
127.but
0. 0.
1 is
dev / nul l an
&. Find
out its
process
id using
kill itenough
using k i so
l l you
.
no point in>/becoming
expert
– you
only
needps
toand
know
can get a system to
the
point where
youthe
can
install emacs.
14-3
What does
command
k i l l - 9 pi d do, where pid is the number of a process? What does
Looking at filesLooking at files
k i l l - 9 - 1 do? Read the documentation to figure the last one out as it is a somewhat
Inexperienced
Unix users tend to load
text files into
editors
totoview
them.
The
problem
with
Unix
tend
files
editors
view
them. with
The prob
InexperiencedInexperienced
Unix users tend
to users
load text
files load
into text
editors
tointo
view
them.toThe
problem
ope
dangerous command.
opening text files in antext
editor
is
that
you
might
accidentally
change
them.
In
this
course,
text
files
in
an
editor
is
that
you
might
accidentally
change
them.
In
this
files in an editor is that you might accidentally change them. In this course, pleasecourse
use
14-4 useCreate
a long running
process
the files
background
by files
typing
ng opening
127.
0.
0. 1in editors.
appropriate
to view
ratherpithem
than
them
please
the appropriate
commands
toinview
rather
than
opening
them
editors.
appropriate
commands
to commands
view files
rather
than
opening
in in
editors.
>/ dev / nul l &. Kill it using pk i l l . The pk i l l command is very useful when you need to
Tosome
display
a Simply
short
the
atSimply
command.
c ate will
f i ldisplay
enamethe
w
kill
severalfile,
processes
thatcat
share
attribute
(such
asuse
a command
name).
To display
a command.
short
file,
use
the
cfile,
at
command.
typing
c at ftyping
ithe
l enam
To display a short
use
the
typing
catcfilename
will Simply
display
file
named
filename.
named filename.
named
Report:filename.
Answers to the questions above and the commands executed.
A pager: moreA pager: more
Practically all Unix systems come with a so-called pager. A pager is a program that displays
Practically all Unix systems come with a so-called pager. A pager is a program that disp
all default
Unix systems
come
a so-called
pager. A is
pager
is a program
text files one page at aPractically
time. The
pager
onwith
most
Unix systems
named
mor e.that
To displays text files
page at a time. The default pager on most Unix systems is named mor e. To display
page
at
a
time.
The
default
pager
on
most
Unix
systems
is
named
m
or
e.
To
display
a text file (nam
a textand
filecompressed
(named filename)
one pageone
atpage
a time,
type:
Part display
2: Archives
files filename)
at a simply
time, simply
type:
filename) one page at a time, simply type:
e f itol enam
e
When working with Unix (or m
Linux)
aremor
bound
encounter
archives and compressed files (and
or e you
f i l enam
e
compressed
archives).
For
example,
most
of
the
Debian
package
documentation
istime.
compressed
to
save
You
can
use
more
to
display
the
output
any program
one
page at a time. For exam
You can use more to display
the
of any program
page
at aof
Foratexample,
You can
useoutput
more
to
the
outputone
of any
program
one page
a time. Fortoexample, to list all
space, and source code is typically
distributed
in display
archive
that end
in “.h”form.
on the system, one page at a time, type:
list all files that end in “.h”
system,
page
a time,
type:type:
thaton
endthe
in “.h”
on theone
system,
oneatpage
at a time,
f
i
nd
/
nam
e
‘
*
.
h’
–pr
i nt | mor e
Compressed files
f i nd / - name ‘ * . h’ –pr i nt | mor e
Or to read a compressed file:
In the Linux world the two
most
compression
Or to
readpopular
a compressed
file: standards are gz i p and bz i p2. A gz i p
compressed file usually has a .gz file name extension,
a bzip2
z c at f iwhile
l enam
e. gzcompressed
| mor e file ends in .bz2. In more
z c will
at see
f i lthe
enam
e. gz
| morwhich
e
venerable Unix-like systems, you
.Z file
extension,
indicates a file compressed with the
If you try this you may notice that you can only move forward in the output – mor
c ompr es s command.
If you try this move
you may
that you
only
move
forward
inorthe
output
– mor
e will
backnotice
and forth.
Youcan
may
also
notice
that m
e exits
when
the
last not
line let
of
move
back
and
forth.
You
may
also
notice
that
m
or
e
exits
when
the
last
line
of
output
has b
Command
Purposedisplayed.
displayed.
better
pager: less contents of FILENAME.gz or FILENAME.bz2
z c at FI LENAME. gz
Output Athe
uncompressed
pager:
less
bz c at FI LENAME. bz 2 A better
to stdout.
The preferred alternative to mor e is called l es s . It is not installed by default, bu
CSE-478
Introduction to Computer Security
If you try this you may notice that you can only move forward in the output – more will not
let you move back and forth. You may also notice that mor e exits when the last line of output
has been displayed.
The preferred alternative to more is called less. It is not installed by default, but it is
worthwhile installing it as soon as you can on a new system. less has several advantages over
more, chief of which is that it allows paging forwards and backwards in any file, even if it is
piped into less. It also has better search facilities. Learn about less by reading the man page.
Typing ‘h’ in less will display a list of keyboard commands.
Sometimes it is convenient to edit a file without using an interactive editor. This is often the
case when editing files from shell scripts, or when making a large number of systematic
changes to a file. Unix includes a number of utilities that can be used to non-interactively edit
a file. Read the man pages for sed, awk, cut and past e for detailed information about some
of the more useful commands. Here are some common examples:
s ed –e ‘ s / REGEX/ REPLACEMENT/ g’ < I NFI LE > OUTFI LE
Replace all occurrences of REGEX in INFILE with REPLACEMENT, and write the output to OUTFILE.
This is probably the most common use of s ed.
awk –e ‘ { pr i nt $2 } ’ < I NFI LE
Print the second column of INFILE to standard output. The column separator can be changed by
setting the FS variable. See the awk manual for details.
c ut –d: - f 1 < / et c / pas s wd
Print all user names in / et c / pas s wd (really, print the first column in / et c / pas s wd,
assuming that columns are separated by colons).
Exercise 17: Using non-interactive text editors (this exercise is optional)
Do the following activities, but DO NOT include them in the report:
17-1
Use s ed to change all occurrences of “/bin/tcsh” to “/bin/sh” in /etc/passwd (output to a
different file). This exercise is optional.
• Create a file called temp in command prompt in your home directory.
the files shadow and passwd in the directory /data/kurs/TDDI09/labs/lxb. Use
• Use Examine
the vi editor
to open the file and explore the file.
pas t e and awk to output a file where each line consists of column one from pas s wd and
• Addcolumn
a few two
linesfrom
of text
in the file, with
at sleast
oneThe
occurrence
of the text:
the corresponding
line in
hadow.
pr i nt f function
in awkhello
is helpful
• Savehere.
the This
file.exercise is optional since it goes beyond the basics.
• Exit from the file.
Report: No report is required.
• Use the sed command to replace the world hello with world.
17-2
scrips logging
PartShell
4: System
Systemshell
logs are
someisofone
the of
most
sourceused
of information
when
troubleshooting
Writing
scripts
theimportant
most widely
tasks that
might
be requireda problem,
for any or
when
testing
a
system.
Most
Unix
services
print
diagnostic
information
to
the
system
logs.
A
goodon
habit
security administrator. There are lots of mundane tasks that will required to execute
day
to develop is to always look in the log files when you have reconfigured or restarted a service, just to
to day basis. These can be automated using shell scripts. In the following we will learn the
make sure that there are no obvious problems.
basic of writing shell scripts.
Logging is managed by the s y s l ogd process, which is accessed through a standard API. By default, the
s y s l ogd process outputs log messages to various log files in /var/log, but it is also possible to send log
Themessages
whole purpose
of this script is nothing else but print "Hello World" using echo command
over the network to another machine. It is also possible to configure exactly which log
to messages
the terminal
output.
Using
text editor
to create
are sent
to which
files, any
and which
are simply
ignored.a new file named hello.sh containing
the below code:
For the purpose of this course, the default configuration is sufficient. It creates a number of log files, the
most important of which are: /var/log/auth.log for log messages related to authentication (e.g. logins
and logouts); /var/log/syslog and /var/log/messages contain most other messages; mail.log contains log
messages from the mail subsystem. For details on what goes where, see /etc/syslog.conf.
Since log files grow all the time, there needs to be a facility to remove old logs. In Debian/Gnu Linux, a
service called l ogr ot at e is commonly used. It “rotates” log files regularly, creating a series of
numbered log files, some of which are compressed. For example, you may see the files
CSE-478
Introduction to Computer Security
Once ready, make your script executable with the chmod command and execute it using
relative path ./hello.sh :
Examples of Some other programming are given below:
CSE-478
Introduction to Computer Security
CSE-478
Now, the final phase of the exercise:
Introduction to Computer Security
CSE-478
Introduction to Computer Security
Q 18. Write a shell script that will take three inputs of the first name, last name and birth
place and display the result into the console as well as redirect to a file named
input.
Q 19. Write a shell script that will take three numbers and display the result of their
addition, subtraction, multiplication and division into a file called math.
Q 20. Write a shell script that will input three numbers and display the highest and lowest
number in the console.
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf Linearized : No Page Count : 20 PDF Version : 1.4 XMP Toolkit : Adobe XMP Core 5.2-c001 63.139439, 2010/09/27-13:37:26 Create Date : 2018:09:30 10:19:27+06:00 Modify Date : 2018:09:30 21:32:48+06:00 Metadata Date : 2018:09:30 10:19:27+06:00 Schemas Namespace URI : http://www.foxitsoftware.com/connectedPDF/1.0/ Schemas Prefix : cPDF Schemas Schema : ConnectedPDF Schema Schemas Property Name : cDocID Schemas Property Value Type : Text Schemas Property Category : external Schemas Property Description : The cDocID C Version ID : Title : Microsoft Word - Lab Manual - 1.docx Producer : Mac OS X 10.13.5 Quartz PDFContext Creator : WordEXIF Metadata provided by EXIF.tools