Difference between revisions of "OPS235 Lab 5 - Fedora17"
Brian.gray (talk | contribs) (→Investigation 5: How do we turn system services on and off?) |
Brian.gray (talk | contribs) (→Investigation 5: How do we turn system services on and off?) |
||
| Line 132: | Line 132: | ||
#Run the command: | #Run the command: | ||
#*<code>chkconfig --list</code> | #*<code>chkconfig --list</code> | ||
| + | #What does the output show? | ||
| + | #What is the relationship between the Service Configuration tool, the symbolic links in the startup directory, and the <code>chkconfig</code> command? | ||
| + | #You can also use <code>chkconfig</code> to set services to be on or off for certain runlevels. For example, to turn httpd on for runlevel 4, we issue the command: | ||
| + | #*<code>chkconfig --level 4 httpd on</code> | ||
| + | #To turn it off, we type: | ||
| + | #*<code>chkconfig --level 4 httpd off</code> | ||
| + | #To increase your computer's security, make sure these services are disabled: | ||
| + | #*anacron, bluetooth, cups, irda, irqbalance, isdn, mdmonitor, netfs, nfs, nfslock, pcscd, rpcgssd, rpcidmapd, rpcsvcgssd, sendmail, ypbind. | ||
| + | {{Admon/note|Carefull|You should understand that while most services in this list are often not needed, or are needed under circumstances different than those which occur here, there may be situations in which some of them are required, and it may be up to you as an administrator to determine which services are needed, and which should be turned off.}} | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
17. Finally, make sure the gpm service runs in runlevel 3, but not in 5. | 17. Finally, make sure the gpm service runs in runlevel 3, but not in 5. | ||
Answer the Investigation 5 question. | Answer the Investigation 5 question. | ||
Revision as of 13:08, 13 February 2010
Contents
- 1 OPS235 Lab 5 - Loopback Filesystems, Archives, Compiling from Source
- 1.1 Objectives
- 1.2 References
- 1.3 Required Material
- 1.4 Prerequisites
- 1.5 Introduction
- 1.6 Investigation 1: How do you create and use a filesystem in a regular file?
- 1.7 Investigation 2: How do you create an archive file?
- 1.8 Investigation 3: How do you restore files from an archive?
- 1.9 Investigation 4: How do you build software from source code?
- 1.10 Investigation 5: How do we turn system services on and off?
OPS235 Lab 5 - Loopback Filesystems, Archives, Compiling from Source
.png){kind=small}
Caution!
This lab is under construction.
This lab is under construction.
Objectives
- To create and use loopback filesystems in read-write mode
- To create and use archive files (tar and tar.gz)
- Compiling software from source code
- Customizing system startup
References
- man pages for mount, fstab, tar, gzip, make, chkconfig, dd, service
- Resources on the web:
Required Material
- SATA Hard Disk with Fedora 12 (the same one used for Lab 3 and 4)
- Lab log book
Prerequisites
- Completion of Labs 1-4
Introduction
There are two techniques used to place multiple files within one file: the first is to create a filesystem within a file, and the second is to use an archive program to create an archive file. Archive files are often used to contain source code for software; in this lab you will also be compiling software from a source code archive. Finally, you will modify your system startup to eliminate unnecessary services and configure your system to automatically mount a partition.
Investigation 1: How do you create and use a filesystem in a regular file?
Use fedora3
Perform these steps in the fedora3 virtual machine.
Perform these steps in the fedora3 virtual machine.
- Login using your Learn ID
- Create an empty file that is exactly 3 MB in size:
dd if=/dev/zero of=/tmp/fstest bs=1k count=3072
- How does this command ensure that the file is 3 MB in size? What is in the file at first?
- Create an ext3 filesystem within the newly-created file
/tmp/fstest. Note the warning message/question that appears - Mount the filesystem (remember to use the loopback option; refer to Lab 1 if required). Use a mountpoint of your choosing.
- Copy the files
/etc/servicesand/etc/protocolsto the filesystem mounted in the previous step - Unmount the filesystem
- Test your filesystem to be sure that the files
/etc/servicesand/etc/protocolswere in fact copied into the filesystem within the file named/tmp/fstest. - How much space is left in that filesystem? (Hint:
df -h).
Make sure that your lab notes answer the Investigation 1 question.
Investigation 2: How do you create an archive file?
Use fedora3
Perform these steps in the fedora3 virtual machine.
Perform these steps in the fedora3 virtual machine.
Warning!
Don't miss the . at the end of the
Don't miss the . at the end of the
tar commands below! It specifies what should go into the archive: the contents of the current directory.- Change your working directory to
/usr/share/doc/sudo* - Use the tar (tape archiver) command to create an archive file named
/tmp/archive1.tartar cvf /tmp/archive1.tar .
- What do the options c, v, and f mean?
- Record the archive file size.
- Compress the file using
gzip:gzip /tmp/archive1.tar
- Record the archive file size after compression.
- Make sure you're still in
/usr/share/doc/sudo*and then create a compressed archive:tar cvzf /tmp/archive2.tgz .
- What does the
zoption do? - Compare the sizes of
/tmp/archive1.tar.gzand/tmp/archive2.tgz. Why are they so close in size?
Answer the Investigation 2 question.
Investigation 3: How do you restore files from an archive?
Use fedora3
Perform these steps in the fedora3 virtual machine.
Perform these steps in the fedora3 virtual machine.
- Create the directory
/tmp/extract1and make it your current working directory (change into that directory). - Unzip the first archive you created:
gunzip /tmp/archive1.tar.gz
- Extract the files from the first archive:
tar xvf /tmp/archive1.tar
- Are all the files there?
- Compare
/tmp/extract1/READMEand/usr/share/doc/sudo*/README. Are they exactly the same? Why? - Create the directory
/tmp/extract2and make it your current working directory. - Extract the files from the second archive:
tar xvzf /tmp/archive2.tgz
- Note that this time a separate
gunzipcommand was not needed. Why? - Compare the
READMEfile in this directory with the original file. Are they exactly the same?
Answer the Investigation 3 question.
Investigation 4: How do you build software from source code?
Use fedora2
Perform these steps in the fedora2 virtual machine.
Perform these steps in the fedora2 virtual machine.
Compiling requires the correct tools to be installed.
In order to build software from source code, you must have the appropriate software development tools (such as make and gcc) and libraries (such as GTK) installed. The required tools will vary depending on the computer languages used in the software being built.
In order to build software from source code, you must have the appropriate software development tools (such as make and gcc) and libraries (such as GTK) installed. The required tools will vary depending on the computer languages used in the software being built.
Software Development Tools Required
You may need to install
You may need to install
gcc (GNU C Compiler) and ncurses-devel (Development Library) in order to complete this investigation successfully. Use yum to install these packages if you get an error message saying the cc command was not found or the ncurses library is not found.- Go to the directory
/tmp - Use the
wgetcommand to download the "tar ball" that contains the source code for the NLED text editor. - Extract the files. Change to the newly-extracted directory (
/tmp/nled-2.52) - Check to see if there is a file named
configure. If so, run it; if not, skip this step. (Most but not all source code archives contain this file) - Check to see if there is a file named
Makefileormakefile. If so, type the command:make
- What does
makedo? - Some software distributed as source code can automatically install itself. Try this command:
make install
- Most but not all source code archives include the capability of installing themselves this way.
- If the command
make installdoes not work (how can you tell?), copy thenledprogram manually:cp nled /usr/local/bin
- Test
nledto make sure it works.
Answer the Investigation 4 question.
Investigation 5: How do we turn system services on and off?
Use fedora2
Perform these steps in the fedora2 virtual machine.
Perform these steps in the fedora2 virtual machine.
Security Advice
We have seen that maintaining unneeded users and groups can be a security risk due to the unnecessary increase in the complexity of your system. Similarly, it is also unnecessarily hazardous, and even more so, to leave unneeded services running. In this investigation, we will learn how to control services, and turn off those that we think are not necessary.
We have seen that maintaining unneeded users and groups can be a security risk due to the unnecessary increase in the complexity of your system. Similarly, it is also unnecessarily hazardous, and even more so, to leave unneeded services running. In this investigation, we will learn how to control services, and turn off those that we think are not necessary.
- Determine your current runlevel using the
runlevelcommand. - Change to the appropriate startup directory in a terminal window. For example, if your runlevel is 4, change to
/etc/rc.d/rc4.d - Observe the names of the symbolic links in that directory.
- Where do the links link to?
- Run the menu option
System>Administration>Services. You will then see the Service Configuration screen. - Find the
isdnservice and select customize from the tool bar. and deselect the checkbox for your runlevel from step 1. Quit the app. - Return to the terminal window you used in Step 2. Get a listing of the symbolic links in the startup directory. Is it any different from what you observed previously?
- Using the Service Configuration screen, re-enable the
isdnservice. - Check the symbolic links again. What has changed this time?
- Run this command:
chkconfig isdn off
- Now what has changed in the directory?
- Run this command:
chkconfig isdn on
- Now what has changed?
- Run the command:
chkconfig --list
- What does the output show?
- What is the relationship between the Service Configuration tool, the symbolic links in the startup directory, and the
chkconfigcommand? - You can also use
chkconfigto set services to be on or off for certain runlevels. For example, to turn httpd on for runlevel 4, we issue the command:chkconfig --level 4 httpd on
- To turn it off, we type:
chkconfig --level 4 httpd off
- To increase your computer's security, make sure these services are disabled:
- anacron, bluetooth, cups, irda, irqbalance, isdn, mdmonitor, netfs, nfs, nfslock, pcscd, rpcgssd, rpcidmapd, rpcsvcgssd, sendmail, ypbind.
Carefull
You should understand that while most services in this list are often not needed, or are needed under circumstances different than those which occur here, there may be situations in which some of them are required, and it may be up to you as an administrator to determine which services are needed, and which should be turned off.
You should understand that while most services in this list are often not needed, or are needed under circumstances different than those which occur here, there may be situations in which some of them are required, and it may be up to you as an administrator to determine which services are needed, and which should be turned off.
17. Finally, make sure the gpm service runs in runlevel 3, but not in 5.
Answer the Investigation 5 question.
