scis.regis.edu ● [email protected] cs 468: advanced unix class 2 dr. jesús borrego regis university...
TRANSCRIPT
![Page 2: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/2.jpg)
Topics
•Homework 1 solutions•How to capture output to file•Installation of system•User Administration•How to capture output to file•Homework 2 Assignment•Q&A
2
![Page 3: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/3.jpg)
Capturing script interaction
3
![Page 4: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/4.jpg)
Adding Users
Tasks:•Assign user name•Add new entry to password file•Add entry to group file•Create home directory for user•Create startup files for user•Notify user
4
![Page 5: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/5.jpg)
Password file format
•username:•password:•userID:•groupID:•personal:•home directory:•startup
5
![Page 6: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/6.jpg)
6
username:password:userID:groupID:personal:home directory:startup
![Page 7: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/7.jpg)
Group file
7
![Page 8: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/8.jpg)
LDAP
•Lightweight Directory Access Protocol•Smaller version of Directory Services
X.500•Table look up of entries; look up an entry
and it finds attributes•Used to determine access given to a user•Used by most operating systems,
including Unix, Linux, and Windows ▫MS: Active Directory
8
![Page 9: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/9.jpg)
Directory Services Overview•Directory Concept
▫Look up resources based on known attributes
•Based on IETF and ISB X.500▫http://www.cse.ohio-state.edu/cgi-bin/rfc/rfc1
777.html
•DAP – Directory Access Protocol▫Specified in X.511
•LDAP – Lightweight DAP▫Clients can read and query the directory
9
![Page 10: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/10.jpg)
Directory Services•Entities have attributes that can be
used to search▫Files can have access descriptors for
users•Contains a number of records with
(attribute, value) pairs•Collection of directory entries is
called a Directory Information Base (DIB)
10
Source: Tanenbaum, A., & Steen, M. V. (2007). Distributed systems: Principles and paradigms (2nd ed.). Upper Saddle River, NJ: Pearson Prentice Hall.
![Page 11: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/11.jpg)
Directory Services Overview•Resources can be:
▫Computers, servers, databases, printers▫People, groups▫Anything on a network
•Dependent on TCP/IP for functionality
11
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 12: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/12.jpg)
Active Directory Concepts•Namespace – name or group of
names defined according to a naming convention
•Name resolution – the ability to attribute a name to an object on the network▫Distinguished Name (DN) – from the root
Division/Department/Section/Unit/Group
▫Relative Distinguished Name (RDN) – relative to a particular location ./Group
12
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 13: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/13.jpg)
Microsoft Directory Services•Services defined as:
▫Single point of access to network resources
▫Adaptive and expandable information source
▫Common policy or set of rules▫Methods for querying directory
objects
13
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 14: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/14.jpg)
MS Active Directory Framework•Logical Elements
▫Structure▫Relationships
•Physical Components ▫AD Sites▫Domain Controllers
14
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 15: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/15.jpg)
Logical Elements
•Objects•Schema•Domains•Containers and OUs•Trees and Forests•Sites and Domain Controllers
15
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 16: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/16.jpg)
Objects•“Any item contained in the directory that has a common set of attributes”
•Examples: users, workstations, printers, databases, files
•Has properties and is defined by class definitions
•Can be a parent or child
16
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 17: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/17.jpg)
Object Attributes•Property = Attribute•A set of information defining an object•Children inherit attributes of parents•Actual value defines object uniquely
▫A printer can be a parent and has attributes Location, brand, properties
▫An HP OfficeJet J4680 at IP 10.10.10.15 is a specific printer
17
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 18: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/18.jpg)
Object Classes•Classes grouped by attributes•Sample classes:
▫Users▫Groups▫Computers▫Organizational Units▫Databases▫…
18
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 19: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/19.jpg)
Structure Components•Containers
▫Store objects in the directory (domains, OUs)
•Domains▫Form security boundaries on a network▫Security settings do not cross over domains
•OUs▫Subdivide directory structure into smaller
units Makes administration easier and more
manageable
04/19/23
19
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 20: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/20.jpg)
Relational Components •Trees
▫A contiguous namespace▫Domains interconnected via relationships
•Forests▫Collection of trees
•Global Catalog Server▫Central repository of objects
20
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 21: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/21.jpg)
Trees•Logical hierarchy of domains within the
namespace▫Within the tree, domains are
interconnected in trust relationships•Trust Relationship
▫Formed when two or more domains are joined in the sane namespace and a link is formed
21
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 22: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/22.jpg)
Forests•When companies merge
▫Individual trees are merged into a forest•Allows established trees to coexist in a
new network•First tree created in the forest becomes
the root (by default)•Trees in forest share common schema,
configuration, and catalog server
22
Source: Schwartz, R. (2000). Windows 2000 Active Directory survival guide: Planning and implementation. New York, NY: John Wiley & Sons
![Page 23: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/23.jpg)
Chapter 7: Adding New Users
23
![Page 24: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/24.jpg)
User management commands
•To add users: useradd•To delete users: userdel•To modify users: usermod
24
![Page 25: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/25.jpg)
Login names rules
25
![Page 26: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/26.jpg)
Password encryption
26
![Page 27: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/27.jpg)
Encryption
•Crypt – based on DES•MDT•SHA256•Blowfish
27
![Page 28: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/28.jpg)
UserID
•Login names are understandable to users•UID is used by the system internally•UIDs must be unique across the
organization•User IDs are managed by LDAP
28
![Page 29: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/29.jpg)
Group ID
•Defined in /etc/groups•32-bit number•GID 0 – system•Group ID for a user is stored in the
password file•GECOS – General Comprehensive OS
▫Contains general information about user p.181
29
![Page 30: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/30.jpg)
User information
•Home Directory•Login shell (bash default)•Login scripts
30
![Page 31: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/31.jpg)
Other startup files
•See .bashrc•See .bash_profile•Review table 7.3, page 1898
31
![Page 32: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/32.jpg)
Startupfiles
32
![Page 33: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/33.jpg)
Bashprofile
33
![Page 34: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/34.jpg)
AddingUsers
34
![Page 35: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/35.jpg)
Useraccountoptions
35
![Page 36: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/36.jpg)
Chapter 12:
36
![Page 37: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/37.jpg)
Installing UNIX
Installation methods:•From media (DVD)•From network installation (DHCP, TFTP) that boots system without media
▫Retrieves files from network (HTTPS, NFS, FTP)
•From network card•Others (system dependent): Kickstart, LILO, AutoYaST
37
![Page 38: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/38.jpg)
Installation documentation
38
![Page 39: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/39.jpg)
Keywords for JumpStart
39
![Page 40: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/40.jpg)
Packages
•Used to distribute software•Can also be used to release other files•Attempt to make installation easier than
using tar.gz archives•Include dependencies to determine what
components are required for a given installation
40
![Page 41: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/41.jpg)
Package concepts
•Release – a software baseline•Component – Subset of software within a
release •Architecture – Specific class of hardware•Packages – elements that make up
components and releases
41
![Page 42: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/42.jpg)
Binaries and config files
42
![Page 43: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/43.jpg)
Software Distribution Commands
43
![Page 44: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/44.jpg)
Revision Control
•Need to keep track of versions for a system – Why?
•Can do backups but they become cumbersome
•CVS•SubVersion•Revision•Version•Branches•Trunks
44
![Page 45: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/45.jpg)
Branch Management
45
![Page 46: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/46.jpg)
Localization and Configuration
•Need to configure all devices and file systems
•Need to maintain inventory of devices•Software released involve maintaining
licenses•Set up a test environment before
releasing changes•If possible, take advantage of
management tools
46
![Page 47: Scis.regis.edu ● scis@regis.edu CS 468: Advanced UNIX Class 2 Dr. Jesús Borrego Regis University 1](https://reader036.vdocument.in/reader036/viewer/2022062718/56649eaa5503460f94baf331/html5/thumbnails/47.jpg)
Questions?
47