Open main menu

CDOT Wiki β

Changes

OPS235 Lab 2 - Fedora17

5 bytes removed, 00:07, 19 January 2010
Investigation 3: What is a runlevel?
<!-- {{Admon/tip |SELinux| The final task is to turn off SELinux. SELinux is a Linux feature that provides a variety of security policies, including U.S. Department of Defense style mandatory access controls, through the use of Linux Security Modules in the Linux kernel. While it is certainly something you would leave on in a real world environment, it is beyond the scope of this course and does interfere with some of our activities. To disable SELinux, click on '''System => Administration => SELinux Management'''. Set the "System Default Enforcing Mode" to Disabled. Quit and reboot your system.}} -->
===Investigation 3: What is a runlevel?===
After the kernel boots, it starts a single program, called <code>init</code>. A running instance of a program is called a '''process''' -- the init process always has a process ID (PID) of 1. All other processes on the system are started by init, or they are started by processes started by init.
Most current Linux systems use some variation of the init system originally developed for Unix System V (called "sysvinit") or a newer version called "upstart".
These systems employ the concept of "runlevels" -- groups of software that can be selected, so that the system can be run in various modes. In Fedora systems, these runlevels are used:
{|class="mediawiki" border="1"
!Runlevel
!Description
|-
|0
|Halt (powers off the system)
|-
|1
|Single-user maintenance mode
|-
|3
|Network running, character-mode display only
|-
|5
|Network running, graphical user interface
|-
|6
|Reboot
|}
{{Admon/note|Different runlevel systems|Various Linux distributions may use the runlevel numbers differently. For example, on some Debian/Ubuntu systems, the default (standard) runlevel is 2.}}
These program use a In order to implement runlevels, init uses a configuration file named <code>/etc/inittab</code> (the filename suffix "tab" is short for "table").and a number of script files:
* <code>/etc/inittab</code> is the configuration file, which sets the default runlevel.
* <code>/etc/rc.d/init.d</code> is a directory of scripts.
 The purpose of the "init" process is In order to start and stop other programs in a particular sequence according to the file called /etc/inittab and other files in various directories under the /etc/rc.d/init.d/ directory. At any given time on a Linux/Unix system, a pre-defined set of base processes are running according to the so-called "runlevel" determine which of the system which can be set by the init process. The init process gets the value for the system's runlevel from its main configuration file /etc/inittab. A system's runlevel can also startup scripts should be changed by using the init or telinit commands (they are equivalent executed in Linux). A system's runlevel is usually denoted with a number from 0 through 6; different systems may have a different set of base processes for each "runlevel", but these descriptions usually apply: 0 - Shutdown1 - Single user maintenence mode3 - Network operation, text mode display only5 - Network operation, full graphical user interface6 - Rebootthe directory
** Note not all distributions use the same runlevel configurations. Debian and Ubuntu based distro's are different.
# To find out the value of the runlevel your GNU/Linux system goes into after boot, enter the command: <code>grep initdefault /etc/inittab</code># You should get a single line containing ":" as the field delimiter. The second field stores the value of the runlevel the init process will use after a reboot. Record the output in your log book.# A list of processes that should be running at a given runlevel can be found in the directory <code>/etc/rc.d/rc'''X'''.d</code> where '''X''' is the runlevel. Do a directory listing of that directory and study what files are in there. Pay attention to the first three characters of each file name. They have special meaning to the system. Record your observation in your log book.# Make a backup of the file /etc/inittab with the command: <code>cp /etc/inittab /etc/inittab.original</code># Edit the file <code>/etc/inittab</code> and change the default runlevel to 3. Save the change and reboot your system.# After the reboot, you should get a "Text Login Screen". Login with your Learn account and type startx at the command prompt. Describe what happens in your log book.# Enter the command: <code>runlevel<code> -- this shows the previous and current runlevel. Record the values in your book.
You should get a single line containing ":" as the field delimiter. The second field stores the value of the runlevel the init process will use after a reboot. Record the output in your log book.
A list of processes that should be running at a given runlevel can be found in Answer the directory /etc/rc.d/rcX.d where X is the runlevelInvestigation 3 question.
Do a directory listing of that directory and study what files are in there. Pay attention to the first three characters of each file name. They have special meaning to the system. Record your observation in your log book.
Make a backup of == Investigation 4: What is the file /etc/inittab with the command: cp /etc/inittab /etc/inittab.originalnetwork configuration?
Edit # To check the file /etc/inittab network configuration settings obtained from the DHCP server, run the following commands, describing the output in your log book:#* ifconfig#* route#* netstat -rn#* nslookup (at the > prompt, enter the word "server" (do not type the quotes) and change record the default runlevel output. Type exit to 3leave nslookup). Save # Find the change and reboot your system.following information in the output of the above commands:#* MAC address (physical or hardware address) of the ethernet network interface#* The IP address (logical address) assigned by the DHCP server#* The default route (gateway)#* The DNS nameserver
Reboot your system. After the reboot, you should get a "Text Login Screen". Login with your Learn account and type startx at the command prompt.
Describe what happens in your log book.
Enter the command: runlevelThis shows the previous and current runlevel. Record the values in your book.Answer the Investigation 3 4 question. Investigation 4: What is the network configuration? To check the network configuration settings obtained from the DHCP server, run the following commands:ifconfigroutenetstat -rnnslookup (at the > prompt, enter the word "server" (do not type the quotes) and record the output. Type exit to leave nslookup).
Describe the output in your log book. Record the following information from the outputs into your lab log:
MAC address (physical or hardware address) of the ethernet network interface
The IP address (logical address) assigned by the DHCP server
The default route (gateway)
The DNS nameserver
Answer === Investigation 5: How do You Secure the Investigation 4 question.Grub Boot Loader? ===
Investigation 5: How do You Secure the Grub Boot Loader?
By default, the Grub boot loader allows anyone with access to the computer at boot time to set the runlevel, or change the boot parameters, which can allow them to influence the init process and which kernel image is loaded. Anyone with access to the boot prompt can therefore bypass security controls and control which software is loaded. For example, rebooting to runlevel 1, known as single user mode, gives the user root priveleges without the need for a password! Obviously, giving a non-administrator this much control can be dangerous, and it is wise to protect the boot loader with a secure password.