Shell Script Exercise Homework #4

Instructions: Please answer all questions in your own words and turn in via blackboard by the due date.  Note: Be sure to put your NAME on the first page of the document (and every other page using the header/footer capabilities of your word processor)

 

Part I: Questions (25%)

 

1. (5 points) What exactly does formatting accomplish in terms of adding a disk in Debian/Linux? Explain.

 

1. (5 points) Why does one need to set permissions after installing applications in UNIX? Explain.

 

1. (5 points) Describe the need to run configuration scripts during the software installation process for source installations. Explain.

 

1. (5 points) Provide two reasons that installing software (either through source or binary) in UNIX can be difficult.  Explain.

 

1. (5 points) The primary difference between ext2 and ext3 is the journaling feature.  What is it? What does it provide? (IE, why would anyone want to use it?) Explain.

 

Part II: Commands (75%)             

 

Instructions: Please simply write the command(s) which perform the following tasks in Debian (your VM) in as few commands as possible and turn in via blackboard by the due date.  Note: Bash will be assumed, unless indicated.  Only write the commands to perform the given work (PLEASE no output!)  Note: credit will only be given for commands we’ve discussed and no use of adduser is permitted.

 

1. (50 points) Suppose you had a 100MB drive rusting away in your backyard and you were managing your server and a user (we’ll call it student) starting causing all sorts of problems and you decided to use that 100MB drive to put student’s home directory on it (creates some isolation for student).  How would you do it? Note: You will need to create a 100MB drive in Virtual Box and add it to the virtual machine and show all commands.  Note: this drive should be mounted at boot. For all of the interactive commands, such as creating and adding the drive to the virtual machine, just describe the process in enough detail for a newbie to follow.  For the non-interactive commands, please just list the command.

 

1. (10 points) Install the java compiler on the machine and ensure that all users can run the command using apt-get.  Show all commands and steps in this process in enough detail for a newbie to follow.

 

1. (10 points) At the moment, only root can run the shutdown command, create a group which can run the shutdown command and set student to that group (IE allow student to shutdown the computer using the shutdown command through adding student to a group)

 

1. (5 points) Provide a command which shows the size of the entire /home/student directory.

 

 

Shell Script Exercise Homework #3

Instructions: Please answer all questions in your own words and turn in via blackboard by the due date.  Note: Be sure to put your NAME on the first page of the document (and every other page using the header/footer capabilities of your word processor)

 

Part I: Questions (30%)

 

1. (5 points) Do you agree with the following statement: “Even under time, money, and people constraints, the scientific method should be followed at least to some degree”? Explain.

 

1. (5 points) Suppose Bill from Automated Systems, Inc. tells you about a new technique for managing Storage Area Networks and describes it as a best practice.  What does he mean by “best” practice and should this practice be applied at your organization?  Explain.

 

1. (5 points) Why is it so important for System administrators to learn the command-line commands for user management on any machine they need to administer?

 

1. (10 points) Describe the uses of policy documents and the procedure documents in system administration and provide a scenario for the use of each.
2. (5 points) Does deleting/removing a user automatically remove the user from all groups the user was a member in? Explain.

 

Part II: Commands (70%)             

 

Instructions: Please simply write the command(s) which perform the following tasks in Debian (your VM) in as few commands as possible and turn in via blackboard by the due date.  Note: Bash will be assumed, unless indicated.  Only write the commands to perform the given work (PLEASE no output!)  Note: credit will only be given for commands we’ve discussed and no use of adduser is permitted.

 

1. (10 points) Create a user named joe with password coffee with the following parameters: home directory in /home/cst318/users using the username joe as the user’s home directory name.

 

1. (20 points) Create three users named larry, curly, and moe using system defaults for everything.  After creating the users, set their home directories to directories under /home/3stooges/ using their usernames as their home directory names (no changing defaults).  Add a group named 3stooges and add all three users to this group.

 

1. (30 points) Change the defaults for user’s base directory to /home/cartoonnetwork and the default shell to /etc/ksh and create three users named cow, chicken, and bonelesschicken  These three users need to share a central directory named /usr/shared/CowNChicken (which may need to be created and its permissions modified)  Create a link to the shared directory inside each of their home directories.   Finally, after creating the users and the directory to share, you should change the defaults back to what they were before creating the users.  (Note: you should create a group for the three users and each account should after creation be disabled)

 

1. (10 points) Remove all users and groups created thus far and remove all of their home directories!

 

 

Shell Script Exercise Homework #1

Instructions: Please answer all questions in your own words and turn in via blackboard by the due date.  Note: Be sure to put your NAME on the first page of the document (and every other page using the header/footer capabilities of your word processor)

 

Part I: Questions (20%)

 

1. (5 points) Explain why it is necessary to adapt the UNIX kernel to each new system.

 

1. (10 points) Provide one advantage/disadvantage for using a command line user interface and one advantage/disadvantage for using a graphical interfaces and an explanation for each.

 

1. (5 points) Suppose there are two executable versions of a program in your path, one in /usr/bin and one in /home/user/bin, and you want the one in /home/user/bin to be the default, how would you ensure this if both directories will remain in your path?

Part II: Commands (80%):

 

Please simply write the command(s) which performs the following tasks Debian (your VM) in as few commands as possible.  Note: If you do not indicate which shell you are using, I will assume you are using the bash shell (whether or not you are actually using this shell)

 

1. (10 points) Set the environment variable TRUTH to The Truth Will Set You Free!

 

1. (5 points) Add the following path to your current path: /usr/sbin for this session only.

 

1. (10 points) Output the following text, but replace SHELL with the shell in use: My Shell is SHELL

 

1. (15 points) Describe how you would add the path shown in question 2 to your current path permanently.  Note, I am asking you to describe what file(s) you would change and what changes you would make, and finally a description of how you would edit the file using nano.

 

1. (10 points) List the files in the present working directory sorted by file creation date.

 

1. (10 points) List the files in the present working directory sorted by file size.

 

1. (20 points) Use the script command to create a log of what you need to do for the next three questions and (5 points)copy the resulting file at the end of this document:
   
   1. (10 points) Create a new directory named burtnernie, enter the directory, and create empty files named hw1A, hw2c, hw3A, hw4turnin, hw5what, and hw6isthis using touch.  Remove the files named hw1A, hw3A, and hw5what.
   2. (5 points) Delete the directory from above named burtnernie in a single command.

 

Shell Script Exercise Homework #2

Instructions: Please simply write the command(s) which performs the following tasks in Debian (your VM) in as few commands as possible and turn in via blackboard by the due date.  Note: Bash will be assumed, unless indicated.  Only write the commands to perform the given work (PLEASE no output!)

1. (10 points) Find all files in /home with the extension .pl and save the result to a file called userPerl.txt

1. (10 points) Find all files in /sbin and /bin which begin with the letter a and save the results to programBeginsWithA.txt (Note: you need to run find twice for full credit)

1. (5 points) Find all files in /home which do NOT belong to student

1. (15 points)  Backup student directory into student directory!
   
   1. Create a subdirectory in /home/student named backup
   2. (5 points) Copy all files in /home/student into /home/student/backup
      
      1.                      i.      Make sure to preserve all attributes!
      2. (10 points) Compress all files in /home/student/backup using tar and save the results to a file in /home/student named student.tar

1. (10 points) List all directory files in the present working directory and show only those files which have the permissions for group set to rwx (note the first part is simply ls –l, use grep to do the rest) 
2. (10 points) Write a regular expression to pass to grep to determine if a New Orleans (area code is 504 or 985) phone number is present in a given file (The command would be as follows: cat file* | grep <regular expression> with the regular expression replacing the statement enclosed in <>’s)

1. (10 points) List all users (in /etc/passwd) who use either bash (/bin/bash) or dash (/bin/sh) and their home directory is in /home (second to last section of : has home directory).  Hint: grep twice!

1. (10 points)  Perform the following: Put all users who have a UID (3^rd section of : in /etc/passwd) sorted by name into a file named realusers.txt but only output the first 5 (useful to see if you are doing it correctly).

1. (10 points) Suppose that file1, file2, file3, file4, and file5x each contain a list of new usernames to be added to the system, but you only have time to add the first 50 users and you need to remove duplicate usernames and save the results to a file named usernames.  If you had to type in only one command (using pipes/redirection) of course, what would it be?

1. (10 points) Supply the chmod command using octal numbers AND symbolic values to produce the permissions for each filename presented below.

-rw--wx--x 9 mike stdnt 620 Oct 4, 2010 entry0

d-wx-w-r-- 5 dede instr 287 Oct 4, 2010 entry1

d-wx---r-x 4 mike stdnt 227 Oct 4, 2010 entry2

-r--rwxrwx 5 alby stdnt 481 Oct 4, 2010 entry3

dr-----rwx 1 alby instr 913 Oct 4, 2010 entry4

Shell Script Homework #5

Instructions: For this assignment, you will be writing a variety of scripts to perform a variety of tasks. Once finished, put the scripts in a directory, zip it, and turn in via blackboard by the due date.

1.       (20 points) userbackup.bash – Write a shell script will compress (using tar) all the user directories (in /home) of the systems and put the tarred files into a specified backup directory.

a.      For naming the tar files, use the name of the user (For instance, backup student’s home directory (/home/student) to student.tar and put the file in the appropriate place.

b.      Specified backup directory implies a directory must be given at the command line (you must check to make sure the directory is there and at least attempt to create it if not)

2.       (15 points) lineNums.bash – Write a shell script which uses STDIN to read a file and prints the contents of the file line by line with the line number prepended on the same line.

a.      STDIN implies it should run like: cat /etc/passwd | ./myscript.bash

3.       (20 points) addusers.bash – Write a script which adds a list of users non-interactively.

a.      Your script should read the names of the users (each on a line by themselves) from STDIN

b.      Other than the defaults, set the password (to the user’s name), ensure directory creation, and lock the account after creation.

c.       Your script should check to see if the user already exists and NOT attempt to add the user if the user exists (hint: `cat /etc/passwd | grep $username` and check to see if empty)

4.       (20 points) myFD.bash – Write a shell script which takes a regular file from the command line, performs some basic error checking and displays the results of ls –l command for the given file, followed by a blank line, followed by the contents of the file.

a.      Command line implies command will be run like: ./myFD.bash filename

b.      File must exist and must be readable

5.       (15 points) cmdLine.bash – Write a script which outputs the command executed, and each argument on a line by itself in the format listed below.

a.      The output of the arguments should be: Argument #3:

6.       (10 points) removeUser.bash – Write a shell script that performs all the necessary tasks associated with removing a given user including backing up the user’s files into a backup directory (similar to question #1) and then actually removing the given user from the system.  Note: the script should get the user name from the command line

How to check your mobile number in GP/Aktel/Airtel/Banglalink in Bangladesh

In Bangladesh we have several phone companies including GrameenPhone, Airtel(Former Warid), Robi(Former Aktel), Banglalink, Teletalk, Citycell. Most phone companies come with several services including easy refill, updated news, cricket news, religious information via sms or by calling certain number to them. In this post I will mention about how you can check your own SIM mobile number without any charge. If you phone company provide this service then you can easily check it.

Airtel (Warid) - *121*6*3#
GrameenPhone - *2#
Banglalink - *511#
Robi (Aktel) - *140*2*4#

Oracle Database Security Policy Checklist

Objectives

To develop a security policy to outline and map the enforcement of the use of security plan.

Scope

ORACLE database security related

How

In order to set the right policy, we need to perform a risk assessment in order to understand exactly which sort of security policy is needed to put in place.

General Checklist& Assessment

Item	Y/N	Current Solution	Proposed Solution
1.       Standards of username for OS Account [a. Combination of person’s first and last name?]
2.       Standards of username for Database Account
3.       Passwords guidelines for aOS Account [a. Password aging and expiration] [b. Password reuse? DBA indicates that the user cannot reuse her password for 60 days?] [c. Failed login attempts] [d. Account locking and unlocking. A security manager will have to intervene to unlock a locked account?] [e. Password complexity ·         The password has a minimum length of 4. ·         The password is not the same as the USERID. ·         The password has at least one alpha, one numeric, and one punctuation mark. ·         The password does not match simple words like welcome, account, database, or user. ·         The password differs from the previous password by at least 3 letters.]
4.       Passwords guidelines for aDatabase Account
5.       How many different types of user account are there?        [Admin/ Security admin/application developer/support user/end user?]
6.       Privilege Management        [a. Roles, user group and access grant]
7.       Revoking access to an Application for those who tasked to a different role.
8.       Revoking access to an application for people who leaves the Company
9.       Removing access to a USERID for a Database Account
10.   Revoking access for abruptly termination of an employee
11.   REINSTATING USERID
12.   Restriction access to database?
13.   Data backup? [What, when and method used?]
14.   Data retention and destruction?
15.   System maintenance

Oracle Database Vault

This is to prevent highly privilege and powerful DBAs from accessing sensitive applications or information outside their responsibility.

Objective

-          To prevent DBA to have full access control

-          To prevent insiders threat

Define threat	Solution
PL/SQL Packages: UTL_FILE, DBMS_FILE_TRANSFER, LogMiner Packages
Privileges: CREATE ANY JOB, CREATE JOB, CREATE EXTERNAL JOB, ALTER SYSTEM and ALTER SESSION
The Recycle Bin
Java Stored Procedures and External C Callouts
Trusted accounts: Oracle software owner OS account and SYSDBA users.

Two things needs to be define

1.       Who and what to limit

2.       How to protect super user

Roles and responsibility

Items	Input
Who are the  key players?
Required IT governance to oversee implement
Identified the specific types of accounts required for each system--both operating system and database?
Determined who will have authority to approve accounts?
Determined who will create/delete/manage accounts?
Determined a user tracking method and implementation?
Decided how account approval will be performed: email, web site, hard-copy form, etc.?
Identified all affected applications on each system?
Identified a username and password structure?
Determined what constitutes a security breach and the appropriate penalty for each breach?
Identified all sensitive data on the system and created methods to protect that data?
Determined what forms of monitoring will be used?
Determined what forms of backup will be used?
Created recovery procedures to be followed?
Determined the required availability for the database?
Established standards for views and roles?

Security Plan Spreadsheet
Component	Database A	Database B	Database C
Platform/Division
Database/SID Name
Database Function
Application(s)
Application Owner
Username
Password
Access Type
Authorization Mode
Person to Create Account
Auditing Type
Form(s) of Backup
Recovery Procedure
Database Availability
Auditor
Roles Required
Grants Required

Lot of trace files generated once auditing is enabled ORA-07445 exception encountered: core dump

Problem Description
Once we enable auditing in our database (ALTER SYSTEM SET audit_trail='DB' SCOPE=SPFILE;) we see database is generating a lot of trace file with big sized for example each trace like 10~50M size. Our database version is 10.2.0.1.
Following error is recorded in our alert log.

Mon Nov 28 07:59:33 2011
Errors in file /u01/oracle/product/10.2.0/admin/arju/bdump/arju_j000_5932.trc:
ORA-07445: exception encountered: core dump [ACCESS_VIOLATION] [kghalp+288] [PC:0x4F0F13E] [ADDR:0x20] [UNABLE_TO_READ] []
ORA-12012: error on auto execute of job 21
ORA-00604: error occurred at recursive SQL level 1
ORA-01427: single-row subquery returns more than one row
ORA-06512: at line 5
.
.
Mon Nov 28 08:59:33 2011
Errors in file /u01/oracle/product/10.2.0/admin/arju/bdump/arju_j004_2136.trc:
ORA-07445: exception encountered: core dump [ACCESS_VIOLATION] [kghalp+288] [PC:0x4F0F13E] [ADDR:0x1E] [UNABLE_TO_READ] []
ORA-12012: error on auto execute of job 47
ORA-00604: error occurred at recursive SQL level 1
ORA-01427: single-row subquery returns more than one row
ORA-06512: at line 5

If we look at our trace file, we see entries like following:

*** SERVICE NAME:(SYS$USERS) 2011-11-27 16:34:20.403
*** SESSION ID:(70.84) 2011-11-27 16:34:20.403
*** 2011-11-27 16:34:20.403
*** 2011-11-27 16:34:20.762
ksedmp: internal or fatal error
ORA-07445: exception encountered: core dump [ACCESS_VIOLATION] [kghalp+288] [PC:0x4F0F13E] [ADDR:0x20] [UNABLE_TO_READ] []
ORA-12012: error on auto execute of job 93
ORA-00604: error occurred at recursive SQL level 1
ORA-01427: single-row subquery returns more than one row
ORA-06512: at line 5

So it is ksedmp: internal or fatal error which reveals to look further about this issue.

Cause of the problem
The problem happened due to Oracle bug 4447168. When Auditing is enabled and a commit/Rollback/Abort transaction is done, memory which is being cleaned up is accessed (which may be null) leading to a dump.

Solution of the Problem
This is really severe Oracle bug exist in 10.2.0.1 and 10.2.0.2 and there is no workaround available for this bug. Disabling auditing should solve this bug.

The only remaining solution is to upgrade your database. This problem is fixed in following patch.

- 10.2.0.1 Patch 5 on Windows Platforms
- 10.2.0.3 (Server Patch Set)
- 11.1.0.6 (Base Release)
- 11gR2 and upper version.

During installation of Oracle pre-check fails with "Unknown Host Exception has Occurred"

Problem Description
While installing Oracle 10g on Linux, the prerequisite step throws "Unknown Host Exception has Occurred"
Check complete. The overall result of this check is: Not executed <<<< From the logfile we see we have the following details :

Command = /u01/app/oracle/product/10.2.0/db_1/bin/dbca has failed 

Execution Error : Exception in thread "main" java.lang.NullPointerException 

at oracle.sysman.assistants.util.NetworkUtils.getOneLocalListenerProtocolAddress(NetworkUtils.java:2655) 

at oracle.sysman.assistants.util.NetworkUtils.getOneLocalListenerProtocolAddress(NetworkUtils.java:2599)

Cause of the Problem
The problem happened because host name can't be resolved by its name. For example if your hostname is "mrp" then ping mrp should return reply. Your /etc/hosts file might not contains hostname entry. It might look like,

$ cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6

Here we are missing entry "mrp".

Ping hostname fails too.
$ ping mrp
ping: unknown host mrp

Solution of the Problem
Verify that the hosts file contains the fully qualified host name by using the following command:

#cat /etc/hosts | grep `eval hostname` 

The output of this command should contain an entry for the fully qualified host name and for localhost.

If it does not return then as root user edit the hosts files and add an entry like below.

# vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
192.168.100.141 mrp

/usr/bin/ld: cannot find -laio Exception String: Error in invoking target 'ioracle' of makefile

Problem Description
Installation of Oracle software products such as Oracle Audit Vault Server fails with exception in GUI "cannot find -laio". From the log file we see the following entries.

INFO: acle/product/10.2.3/av_1/lib

INFO: /usr/bin/ld: cannot find -laio

INFO: collect2: ld returned 1 exit status
make: *** [/u01/oracle/product/10.2.3/av_1/rdbms/lib/oracle] Error 1

INFO: End output from spawned process.
INFO: ----------------------------------
INFO: Exception thrown from action: make
Exception Name: MakefileException
Exception String: Error in invoking target 'ioracle' of makefile '/u01/oracle/product/10.2.3/av_1/rdbms/lib/ins_rdbms.mk'. See '/u01/app/oraInventory/logs/installActions2011-11-28_11-49-19AM.log' for details.
Exception Severity: 1
INFO: The output of this make operation is also available at: '/u01/oracle/product/10.2.3/av_1/install/make.log'
INFO: 

Cause of the Problem
The problem happened due to missing of libaio-devel package.

Solution of the Problem
Download the missing libaio-devel package from http://public-yum.oracle.com/repo/EnterpriseLinux/EL5/0/base/x86_64/, install it and then retry installation.

# rpm -ivh libaio-devel-0.3.106-3.2.x86_64.rpm 
warning: libaio-devel-0.3.106-3.2.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 1e5e0159
Preparing...                ########################################### [100%]
   1:libaio-devel           ########################################### [100%]