1,885
edits
Changes
→Investigation 3: What is a runlevel?
===Investigation 3: What is a runlevel?===
Investigation 3:What is a runlevel?
All the system processes running on your system are controlled by the "init" process which has the process ID (pid) of 1. And this process is the "granddaddy" of all the other processes on your system.
The purpose of the "init" process is to start and stop other programs in a particular sequence according to the file called /etc/inittab and other files in various directories under the /etc/rc.d/init.d/ directory.
A great explanation of init and its place in the boot process can be found here. http://www.kevinboone.com/boot.html
At any given time on a Linux/Unix system, a pre-defined set of base processes are running according to the so-called "runlevel" of the system which can be set by the init process. The init process gets the value for the system's runlevel from its main configuration file /etc/inittab. A system's runlevel can also be changed by using the init or telinit commands (they are equivalent in Linux). A system's runlevel is usually denoted with a number from 0 through 6; different systems may have a different set of base processes for each "runlevel", but these descriptions usually apply:
0 - Shutdown
1 - Single user maintenence mode
3 - Network operation, text mode display only
5 - Network operation, full graphical user interface
6 - Reboot
** Note not all distributions use the same runlevel configurations. Debian and Ubuntu based distro's are different.
To find out the value of the runlevel your GNU/Linux system goes into after boot, enter the command: grep initdefault /etc/inittab
You should get a single line containing ":" as the field delimiter. The second field stores the value of the runlevel the init process will use after a reboot. Record the output in your log book.
A list of processes that should be running at a given runlevel can be found in the directory /etc/rc.d/rcX.d where X is the runlevel.
Do a directory listing of that directory and study what files are in there. Pay attention to the first three characters of each file name. They have special meaning to the system. Record your observation in your log book.
Make a backup of the file /etc/inittab with the command: cp /etc/inittab /etc/inittab.original
Edit the file /etc/inittab and change the default runlevel to 3. Save the change and reboot your system.
Reboot your system. After the reboot, you should get a "Text Login Screen". Login with your Learn account and type startx at the command prompt.
Describe what happens in your log book.
Enter the command: runlevel
This shows the previous and current runlevel. Record the values in your book.
Answer the Investigation 3 question.
Investigation 4: What is the network configuration?
To check the network configuration settings obtained from the DHCP server, run the following commands:
ifconfig
route
netstat -rn
nslookup (at the > prompt, enter the word "server" (do not type the quotes) and record the output. Type exit to leave nslookup).
Describe the output in your log book. Record the following information from the outputs into your lab log:
MAC address (physical or hardware address) of the ethernet network interface
The IP address (logical address) assigned by the DHCP server
The default route (gateway)
The DNS nameserver
Answer the Investigation 4 question.
Investigation 5: How do You Secure the Grub Boot Loader?
By default, the Grub boot loader allows anyone with access to the computer at boot time to set the runlevel, or change the boot parameters, which can allow them to influence the init process and which kernel image is loaded. Anyone with access to the boot prompt can therefore bypass security controls and control which software is loaded. For example, rebooting to runlevel 1, known as single user mode, gives the user root priveleges without the need for a password! Obviously, giving a non-administrator this much control can be dangerous, and it is wise to protect the boot loader with a secure password.
We will need to choose a password, encrypt with the grub programs hash utility(called md5crypt, and add the encrypted hash of your password to the grub configuration file, /etc/grub.conf
First, choose a suitable password.
Do not forget it, or you will not be able to change boot parameters when you boot your system! If you need to write it down, put it in a safe place, where no one will be able to tell what it is for.
Open the grub program by typing the command: grub
At the grub prompt, type in the command: md5crypt
When prompted for a password, carefully type in your password. The program will display the encrypted hash of your password. Carefully write this down.
Type the command: quit to exit the grub program.
Open the grub configuration file, /etc/grub.conf , for editing.
This file is actually linked to /boot/grub/grub.conf.
Carefully add the line
password --md5 password-hash (note: password-hash is the hash you generated with md5crypt)
to the file between the splashimage line and the title line. If there are other lines there, there is no need to remove them. Just insert your password line as a new line.
It should look something like this:
...
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
password --md5 $1$jxcdN0$hVHViq1aiPf8FziuGJGZp0
hiddenmenu
title Fedora
...
You can find a more complete sample of this file here.
Make sure you have not made a mistake. What you type in must match exactly the output from the md5crypt command.
While you are editing the file you should also increase the timeout for grub to automatically boot the default OS. Edit the line timeout=0 to timeout=5 to give us more time to interrupt the process.
Save the file and exit. Your Grub boot loader is now password protected.
Make sure the configuration file is owned by root, and set the permissions so only root can read and write.
Find the section of this article that explains how to change the runlevel at boot time, and read it. Reboot your system, trying to change to runlevel 1 from the boot prompt, and see if the password protection worked.
From now on, when you want to change boot parameters when you boot, you must type lowercase
p
at the boot prompt and enter the required password.
Completing the Lab
Check off the following items and sign your name before asking your instructor to check your lab:
I have completed the following tasks in full:
[ ] Task 1 - Install GNU/Linux Workstation using Fedora 10
[ ] Task 2 - Collect system information after installation.
[ ] Task 3 - Customize and configure boot time environment
[ ] Task 4 - Collect network information
[ ] Task 5 - Password protect Grub Bootloader
Student Signature: _____________________ Date: ________________
Arrange evidence for each of these items on your screen, then ask your instructor each item:
[ ] Grub is password protected.
[ ] Can login with student's "learn" account
[ ] Has all the mount points
[ ] Has the package count
[ ] Has edited the default runlevel
[ ] Has the correct IP address and MAC address
[ ] Find out the default route (gateway)
[ ] IP of the DNS name server
Instructor Signature: _____________________ Date: ________________
Preparing for the Quizzes
How many packages were installed?
How many files (correct to the nearest hundred) were installed?
How many mount points were used?
How many users were created automatically on your system (do not count your learn account)?
What is your learn account's UID and GID?
What is your learn account's home directory?
What is the home directory for the user "root"?
How do you determine the host name of your GNU/Linux workstation?
What command can display the NIC's MAC address?
Which file contains the default "runlevel" value for your GNU/Linux workstation?
