Anda di halaman 1dari 77

IT Essentials II: Network Operating Systems V 3.

0
Linux Labs - Knoppix Version Student Manual
v3

1 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Configuring Knoppix as an NIS Client


Estimated Time: 30 minutes Introduction NIS (Network Information Service) is a service with a database that provides access to the contents of /etc/passwd, /etc/shadow, and /etc/group across networks. NIS is also called YP, because it works like the network's yellow pages. NIS allows you to distribute information such as usernames, passwords, groups, and hostnames. Objective To configure a Knoppix system as an NIS client. Equipment A computer with Knoppix 3.9 running. Scenario The system administrator of a large company has been asked to enable some computer systems to share information, including a common set of user accounts, user groups, and TCP/IP hostnames. In order to centralize the administrative efforts involved, the administrator decides to configure a Linux Red Hat system as an NIS server to manage the database (those steps will not be done in this lab). The administrator will also configure the employees Knoppix computer systems as NIS clients. Procedures Use the following steps to configure the Knoppix system as an NIS client. to be able to communicate with an NIS master server. Preliminary step First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: Gather information When setting up an NIS client, first get the NIS domain name, NIS master server hostname, and the NIS slave server hostnames. In a true running network, these might already be configured. However, for the purposes of this lab, the names will be invented.

2 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 2: Assign a NIS domain name Since there is no NIS domain name, one must be defined. To do so, type the following at the shell prompt. [root@chi anpowei]# domainname Ciscotest [root@chi anpowei]# The domainname command sets the NIS domain name to Ciscotest To verify the NIS domain name, type domainname at the shell prompt. The screen should look similar to the following. [root@chi anpowei]# domainname Ciscotest [root@chi anpowei]# This command will only set the NIS domain name temporarily. When the system is rebooted, this information will be erased unless the system is configured to run this command every time the system boots up. A script file can be changed to force a Linux system to run commands upon startup. Knoppix does not save this information when it restarts, though, so this will not be done in this lab. Step 3: Edit the yp.conf file. Set up the /etc/yp.conf file. To work properly, the ypbind daemon needs to know the NIS domain name and the names of the NIS servers. The ypbind daemon is the process that runs the NIS service on the client. This information is contained in the /etc/yp.conf file. Therefore, the file needs to be edited with the proper information. To edit this file, type: vi /etc/yp.conf The vi editor should now be open with the contents of the /etc/yp.conf file in view. Navigate to the bottom of the text and type o to insert a line. Then type: domain Ciscotest server 192.168.0.1 This will let ypbind know that the Master NIS server is at IP address 192.168.0.1. Use the actual IP address of your system. You could use text names for servers, such as Phoenix1, if you have added the necessary entries to the /etc/hosts file. This method will not be used in this lab. If the network consisted of NIS slave servers, they would be entered directly below this line. For example, you would enter the following lines in this file: domain Ciscotest server 192.168.0.2 domain Ciscotest server 192.168.0.3 domain Ciscotest server 192.168.0.4 You would use the actual IP addresses of the slave servers, if you have them on the network. Now close this file and return to the shell prompt. Do this by pressing the Esc key. Then type :wq and press the Enter key. Step 4: Creating a directory where user home directories will appear If there will be a running NIS server on the network, it could authenticate users of your workstation and export their home directories to the local system. Usually the server is configured to export them to a directory called /export. Create that directory on the Knoppix system by typing the following: [root@ chi anpowei]# mkdir /export [root@ chi anpowei]#

3 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 5: Start the portmapper and ypbind daemons To run NIS as a client, first start the portmapper, to be sure it is running. Type: [root@ chi anpowei]# /etc/init.d/portmap start Starting portmap daemon: portmap Next, start the ypbind daemon. The ypbind daemon performs two functions, the master and the slave functions. The master process handles requests for information from the NIS server and the slave process checks the bindings. Start the ypbind daemon by typing the following at the shell prompt. [root@chi anpowei]# /usr/sbin/ypbind -d [root@chi anpowei]# The d option is for debugging, and is useful for watching the establishing of the connection. Because there is no active NIS server, you will get an error message. However, if you were connected, you would see this debug output: parsing config file Trying entry: domain Ciscotest server 192.168.0.1 parsed domain 'Ciscotest' server '192.168.0.1' add_server() domain: Ciscotest, host: 192.168.0.1, slot: 0 [Welcome to ypbind-mt, version 1.18] ping interval is 20 seconds ping host '192.168.0.1', domain 'Ciscotest' Answer for domain 'Ciscotest' from server '192.168.0.1' Pinging all active server. Pinging all active server. Because you are not connected to a NIS server, the ping portion of the output will be this: ping host '192.168.0.1', domain 'Ciscotest' host 192.168.0.1 doesnt answer. This output will repeat at the ping interval (20 seconds). To stop the output, press CTRL-C. Step 6: Looking at a catalog of user-related information At this point, the Linux system should be running as an NIS client. If this system was connected to an actual NIS server, the ypwhich and ypcat commands could be used to test connectivity. However, since this system is not connecting to an NIS server, these commands will return error messages. In a connected system, the ypwhich command would give results similar to the following: [root@chi anpowei]# ypwhich [root@chi anpowei]# 192.168.0.1 (the master servers IP) To see a catalog of user-related information type: [root@chi anpowei]# ypcat passwd.byname temp3:!!:502:502:temp4,123,555-1212,552-1212:/home/temp3:/bin/bash jnis:$1$aXO7V2.3$N9skjP4rpl8asCQxm6DSk/:504:504::/export/jnis:/bin/bash temp2:x:501:501::/home/temp1:/bin/bash test1:!!:503:503::/home/test1:/bin/bash jedm:$1$KdmDbdNZ$Wrkt5RxRlCzqeecg9smBm/:500:500:Jed Morrow:/home/jedm:/bin/bash temp1:$1$ztIkqa6i$8jLIAazvHyxj2yqcQcqv.0:501:501::/home/temp1:/bin/bash [root@chi anpowei]# One main use of NIS is to authenticate a user on his or her local system, using password information that is stored on the server. Once authenticated, the users home directory on the server will appear on the local machine, usually under the local directory /export.

4 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Reflection Configuring a Linux system can be very useful. What are some circumstances in which using NIS might be beneficial? When would using NIS not be beneficial?

__________________________________________________________________ __________________________________________________________________ __________________________________________________________________ __________________________________________________________________ __________________________________________________________________

5 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

System Configuration Files and Commands for Knoppix


Scenario: You are hired by a company that uses a Debian distribution, which will be represented by Knoppix in this worksheet. You may have little Linux experience, or you may have used Red Hat, which has a somewhat different arrangement of configuration files, and some different commands for system configuration. To familiarize yourself with Debian, describe the contents of the following network configuration files or the operation of the executable scripts or commands. Use the file command to see which ones are binary executables (commands). For those, use the man pages to find the description of their use. For the configuration text files or executable shell scripts, use the more command to examine the contents of the files. You may also find some of the shell scripts and even some of the text configuration files described in the man pages. As you go through these, decide whether it is more helpful to you to use the man page or to read through the file or script. 1. /etc/hosts

____________________________________________________________
2. /etc/resolv.conf _____________________________________________________________ 3. /etc/network/interfaces

____________________________________________________________
4. /sbin/ifconfig, /sbin/ifup, /sbin/ifdown

____________________________________________________________
5. /etc/services

____________________________________________________________
6. /etc/sysconfig/desktop

____________________________________________________________
7. /etc/inetd.conf

____________________________________________________________
8. /etc/init.d/hwclock.sh

____________________________________________________________
9. /etc/init.d/networking

____________________________________________________________
10. /etc/init

____________________________________________________________
11. /etc/init.d/iptables

____________________________________________________________

6 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

12. /etc/default/iptables

____________________________________________________________
13./usr/sbin/firewall or /etc/init.d/firewall

____________________________________________________________
14. /etc/smail/config (for sendmail)

____________________________________________________________

7 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Configuring Network Settings in Knoppix


Objective Configure a Knoppix computers IP address information. Equipment The following equipment is required for this exercise: A server with Knoppix 3.9 or greater running. Note: Since it is a live CD demo, Knoppix is not a server OS, but it will play that role in this lab. A network connection from the server to a hub, switch, or, optionally, some other host. Another host is not required, but just an electrically-powered NIC on your Knoppix server. Scenario The Air Guitar Company has just purchased a server with Knoppix installed. The company has asked that the server be configured with an IP address, subnet mask and default gateway address. Procedures Before beginning this lab, make sure the Knoppix system is ready to log in. Ask the instructor for the appropriate static IP address information to use for the server. Record the information in the table provided: Server IP Address Configuration IP address: Subnet mask: Default gateway: Important Note: The IP address, Subnet Mask and Default Gateway that are used in this lab are only examples. Ask the instructor for the IP scheme used in the lab and record them in the table above. Refer to this table for the correct information. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. If you do not currently have a user account, create one now, based on your name. For example, Maria Chavez could create a user account like this: useradd m mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it.

8 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 1: Login as root In this lab, the network IP address will be changed. In the Knoppix system, only the root account can configure an IP address. 1. Log in as the root user. Use the root shell if it is open already, or open a terminal window. If you are not root, type: su root If asked, enter the root password you created above. Step 2: ifconfig IP addresses are assigned to physical interfaces, such as Ethernet Network Interface Cards (NICs). IP addresses can also be assigned to logical interfaces, such as a local loopback. An interface typically has only one IP address assigned to it, although it is possible to assign more than one IP address to an interface. Configure the interface IP address using the ifconfig program. The if in ifconfig stands for interface. Use the man command to get information on the ifconfig program, type: man ifconfig 1. According to the man output, when are you likely to use ifconfig?

___________________________________________________________
2. According to the man output, what does the ifconfig a option do?

_______________________________________________________________
3. Type q to exit the man page. From the shell prompt, run the ifconfig command with the a option. ifconfig -a or /sbin/ifconfig -a

Note: All TCP/IP hosts associate the IP address 127.0.0.1 as a loopback address. In the output above, see the loopback interface, lo has the 127.0.0.1 address, with a mask of 255.0.0.0.

9 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

For practice, use the ifconfig command to change the loopbacks IP address, and then change it back to the original address. It is recommended that this address not be changed in a production system. Type: ifconfig lo 10.0.0.0 ifconfig a (to observe the change) ifconfig lo 127.0.0.0 ifconfig a (to observe the change back to the original address) Note how Knoppix refers to the Ethernet NIC. The output seen may be different from the sample shown above. In this exercise the NIC is referenced as eth0. If the interface has a different designation, be sure to substitute the interface name for eth0 in these examples. The Ethernet NIC (eth0) may already have an IP address bound to it. The ifconfig command displays IP addresses and their associated masks as follows: The inet stands for Internet Address (IP). The word Mask refers to the IP Subnet Mask. 4. What is the HWaddr of your computers NIC (s)?

__________________________________________________
5. What does HWaddr stand for?

_______________________________________________________________
Step 3: Configuring the IP address Use the ifconfig command to setup the Ethernet interfaces IP address. Use the information that was recorded earlier in the table (see the procedures section). 1. Enter the appropriate command at the shell prompt. The following example is correct given a new IP address of 192.168.0.5 and a subnet mask of 255.255.255.0. Type:
ifconfig eth0 192.168.0.5 netmask 255.255.255.0 or /sbin/ifconfig eth0 192.168.0.5 netmask 255.255.255.0

The netmask argument is used to specify the subnet mask. IP address changes take effect immediately in Knoppix; there is no need to reboot the system. The output of the ifconfig a command should indicate that the new IP address is bound to the NIC. Type: ifconfig -a At this point, ifconfig should report this interface as UP as shown by the highlighted output above. If this interface is shown as down, troubleshoot the Ethernet connection. Make sure the Ethernet cable is connected to the NIC and connect the other end to a networking device, such as a hub or switch which is powered up. A user can manually bring down an interface by using the down argument. ifconfig eth0 down or /sbin/ifconfig eth0 down To return a down interface to the up state, use the up argument. ifconfig eth0 up or /sbin/ifconfig eth0 up

10 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 4: The ping command To test the configuration, use the Internet Control Messaging Protocol (ICMP) ping command. Use the man command to get information on the ping program, as shown: man ping Type q to exit the man pages. Send a ping to the server interface. Use CTRL-C to stop the pinging. The following example assumes that the interface is configured as 192.168.0.5, type: ping 192.168.0.5
PING 192.168.0.5 (192.168.0.5) from 192.168.0.5: 56(84) bytes of data. 64 bytes from 192.168.0.5: icmp_seq=0 ttl=255 time=240 usec 64 bytes from 192.168.0.5: icmp_seq=1 ttl=255 time=108 usec 64 bytes from 192.168.0.5: icmp_seq=2 ttl=255 time=136 usec 64 bytes from 192.168.0.5: icmp_seq=3 ttl=255 time=133 usec 64 bytes from 192.168.0.5: icmp_seq=4 ttl=255 time=135 usec 64 bytes from 192.168.0.5: icmp_seq=5 ttl=255 time=132 usec 64 bytes from 192.168.0.5: icmp_seq=6 ttl=255 time=136 usec 64 bytes from 192.168.0.5: icmp_seq=7 ttl=255 time=131 usec 64 bytes from 192.168.0.5: icmp_seq=8 ttl=255 time=136 usec --- 192.168.0.5 ping statistics --9 packets transmitted, 9 packets received, 0% packet loss round-trip min/avg/max/mdev = 0.108/0.143/0.240/0.035 ms

In the output example above 64 bytes from 192.168.0.5 means that a reply of 64 bytes was received from that host. If no reply is received, check to see if the wrong IP address was entered either with the ping command, or when ifconfig was used. If other hosts are connected to the network, try pinging them with their IP address. A successful ping reply from another host means that the IP configuration is working and that it is live on the network. Step 5: The route command In order for the server to communicate with TCP/IP hosts beyond the local subnet, the system must use the services of a local router. The term gateway was commonly used in the past to refer to a router because a router acts a gateway to other networks. When configuring a host for IP, configure the default gateway. This is the IP address of the local routers interface. In the Linux CLI, configure the default gateway using the route command. Use the man command to get information on the route command, type: man route 1. According to the man output, what is the primary use of the route command? ______________________________________________________________

____________________________________________________________
2. What does the n switch do when it is added to the route command?

____________________________________________________________
Type q to exit the man pages. Check your systems route table, as shown, type: route -n or /sbin/route -n

The system may already have a default route to the gateway installed. The output above shows that no default route is known by the kernels routing table. That means this host cannot send messages beyond its local subnet, 192.168.0.0/24. Use the route command to install a default route to the gateway (the router). The following example installs 192.168.0.1 as the default gateway:

11 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Use the information recorded in the table (from Step 3) to install a default gateway on the system. Type the following command at the prompt: route add net default gw 192.168.0.1 dev eth0 or /sbin/route add net default gw 192.168.0.1 dev eth0 Use the IP address of your gateway. If adding a default route and the route already exists, the following error message will display: SIOCADDRT: File exists If directed by the instructor, use another IP address for the default gateway. When finished, use route to check the modified routing table. Type: route -n or /sbin/route n

Step 6: Reboot Reboot your the system using the reboot command. Return to the CLI and use ifconfig and route to display the current IP addressing configuration. Notice that any changes that were made in previous steps using those commands have disappeared. The system should be configured just as it was before you began the lab. This is because the ifconfig command that ran above does not change the startup config files that Knoppix uses to configure the NIC. Manually using the ifconfig and route commands every time the system boots would not be an efficient way to configure IP addressing information. Linux distributions run several scripts during boot time, some of which perform the task of IP address configuration. A user can modify the script files manually with a text editor, or use a program to modify these files. Once these scripts are correctly configured, a Linux system will reboot with the desired IP configuration. NOTE: Because Knoppix is stored on a CD, it will not save edits to the network configuration files. It will reboot with the same settings given by the person who mastered the CD. There are ways to save this system configuration information, but they are beyond the scope of this lab. The easiest method to modify the relevant script is to use the program called netcardconfig. Though it looks like a standard Linux line command, it is actually a small application. It does not have an entry in the man pages, and it may not be present in all distributions of Linux. At the shell prompt, run the netcardconfig command. Type: netcardconfig or /usr/sbin/netcardconfig The netcardconfig command presents a configuration dialog box. Based on the answers, the command configures the appropriate scripts. Use these answers: Use DHCP Broadcast? No Please enter IP address for Eth0 192.168.0.5 (press OK or enter this address) Please enter network mask for Eth0 255.255.255.0 (press OK) Please enter broadcast address for Eth0 192.168.0.255 (press OK or enter this address) Please enter default gateway 192.168.0.1 (press OK or enter this address) Please enter nameservers (do not enter any, just press OK) The interface will be configured. If you have a root terminal window open, you will see the line commands echoed as output. Typically, servers are manually configured for a static IP address. If a servers address were to change from one day to the next, users and other systems may not be able to find them. Use ifconfig and route to verify that the changes have taken immediate effect. In a Linux system (not Knoppix), you could now reboot the system and these settings would remain intact.

12 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 7: Network Scripts Modify the IP configuration script files manually using a text editor such as vi. In Red Hat Linux, the relevant file is: /etc/sysconfig/network-scripts/ifcfg-eth0 To check the contents of this file use the more command: Type: more /etc/sysconfig/network-scripts/ifcfg-eth0 Note: Portions of the file below may be different on the system, depending on howthe Ethernet NIC is designated by the kernel.

Manually editing this file and then rebooting is another way to change the IP configuration of the NIC. However, it is easy to mistype a configuration command or leave something important out of this file. For these reasons, use netcardconfig instead of a text editor whenever possible. In Knoppix, the equivalent file is /etc/network/interfaces. Using the vi editor, the eth0 portion to be added is iface eth0 inet static address 192.168.0.5 netmask 255.255.255.0 broadcast 192.168.0.255 gateway 192.168.0.1 Troubleshooting As an IT professional, configuring and troubleshooting TCP/IP is typically a daily activity. A common problem with manually configured IP addresses is operator error. Always double-check a static IP configuration. Most operating systems will warn the user when it detects another node on the network with the same IP address. Reflection Administrators usually manually configure static addresses on servers. Why is static configuration uncommon among workstations?

__________________________________________________________________ __________________________________________________________________ __________________________________________________________________


Should a large company allow the employees to manually assign IP addresses on their workstations? Why or why not?

__________________________________________________________________ __________________________________________________________________

13 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Linux Kernel Management - Knoppix


Estimated Time: 25 Minutes Objective To view and manipulate some kernel parameters. Equipment The following equipment is required for this exercise: A computer system with Knoppix 3.9 or greater running. Procedures Use Knoppix commands to alter the maximum number of open files the Linux system will accommodate. Verify the change. Use Knoppix commands to look at which kernel modules are running. Remove a module and verify that it is removed. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: Examining the maximum number of open files 1. Login as the root user and open a terminal window, or use the root shell window if it is open. Find out how many open files your current kernel supports. Type more /proc/sys/fs/file-max

__________________________________________________________
2. When might you want to change this number? _______________________________________________________________ 3. To change the number of open files that the kernel can support, enter the following command: echo 8192 > /proc/sys/fs/file-max This change in step 3 is in RAM and will only be valid until the computer reboots. 4. Verify the change. Type more /proc/sys/fs/file-max How many files does the kernel now support?

___________________________________________________________
Step 2: Manipulating kernel modules 1. Briefly describe the following kernel commands: (hint: use the man command) lsmod

__________________________________________________________
insmod

__________________________________________________________
rmmod

__________________________________________________________

14 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

2. As the root user, run the following command: lsmod The output indicates that there are quite a few modules installed. To see any output that may have scrolled offscreen, press SHIFT Page-Up.

End of output from lsmod command 3. Look at a limited number of modules. Type lsmod | grep snd How many modules contain the text string snd? ___ _________________________

4. Run the following command: rmmod snd_mixer_oss This should remove the module snd_mixer_oss. Note that a module can only be removed if no other modules depend on it.

15 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

5. Run the following command (again): lsmod | grep snd Is the snd module still installed?

_____________________________________________________________

16 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Logging into Knoppix


Estimated Time: 30 minutes Objective In this lab, the student will learn how to boot a Linux computer, log in as the root user, navigate using the Command-Line Interface (CLI), and then shut the computer down. This lab will cover the following CLI commands: su whoami man ls shutdown Equipment The following equipment is required for this exercise: Computer with Knoppix 3.9 or newer running. Scenario Boot up the Linux computer and log in using the root user. Run Linux in the command line mode and shut down the system using the Linux shutdown command. Step 1 Turn the computer on and observe the boot process. The boot process will take a few minutes. As Knoppix boots, the Linux processes will load.

17 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 2 After Knoppix is booted, KDE will be displayed, as seen in the image below.

Use the following procedure to log in as the root user. First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. The screen below shows a CLI login prompt. Step 3 It is not a good practice to work as the root user. The root user has complete control of the Linux system and can inadvertently delete important files. It is better to work as a user that does not have total control and to switch to the root account only when maintaining or upgrading the system. If you do not currently have a user account, create one now, based on your name, while you are logged in as root. For example, Maria Chavez could create a user account like this: useradd m mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted.

18 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. In Knoppix, it is a simple process to switch users by using the su command. At the command prompt, type: su - mchavez Note: When the root user is switching to another user account, they will not be prompted for a password. All other accounts will be prompted for a password if they switch to another account. Did the command prompt change? How? __________________________________________________________________

__________________________________________________________________
Note: The (-) after the su command is called a switch. When switching users, this switch will run all associated user scripts. To experiment, type exit after logging in as any user other than the root user. The user will become the root user. Now type: su mchavez What happened without the switch this time.? Did the user end up in mchavezs home directory? ________________________________________________________________________

Using the su command Step 4 Login as a regular user. To verify this, use the whoami command. The whoami command will only display the login name of the current user. At the command prompt, type: whoami What were the results?

________________________________________________________________
Step 5 Navigating the Command-Line Interface (CLI) is not difficult if the user knows where to find help. In Linux, the man command displays information about CLI commands. For example, to learn about the ls command type: man ls Results of the man ls command To move around the man screen, press the space bar key to move down. Press B to back up. Like DOS commands, Linux commands may have switches (or options) associated with them. Note that the ls command uses many switches, -a and l are the most common. To exit the man command, type the letter: q The user will return to the CLI.

19 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 6 At the CLI, type in the following commands. Describe the results after each command is entered: ls ls a ls al How are files hidden in Linux? Hint: What character does Linux place in front of the file to hide it? ____________________________________________________

__________________________________________________________________
Step 7 In this step, using the shutdown command will turn off the computer. All NOSs must complete the shut down process. Most Linux distributions need time to shutdown so they can put files where they belong. Turning off a Linux system quickly can result in files being lost and the corruption of vital configuration settings. With Knoppix, there are usually no files or settings that need to be saved. However, it still will go through a shutdown procedure when given the proper command. To learn about the shutdown command, type in: man shutdown From this man page, briefly describe the shutdown command.

__________________________________________________________________ __________________________________________________________________
What does the r switch do?

___________________________________________________________
What does the h switch do? ________________________________________________________________ How is the time set with the shutdown command?

_______________________________________________________________
What letter is typed to exit the man page help screen?

_________________________________________________________________
Step 8 Only the root user is allowed to shutdown a Linux computer. To complete this step, verify that the user is logged in as the root user. If not, type: su root Or, type exit If requested, enter the root password. Next, type: shutdown r now Describe the shutdown process.

With Knoppix, when shutdown is complete, you will get a message saying to remove the CD and press Enter to restart the computer.

20 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Troubleshooting IT professionals are frequently called on to troubleshoot Linux log-in problems. The following list can be used as a checklist when troubleshooting: Problem: Cannot log in to the system Possible causes: 1. Username or password is misspelled or mistyped. Check both the username and password and carefully re-enter this information. In both Linux and UNIX, usernames and passwords are case-sensitive, so verify that the password uses the correct case. 2. Keyboard Caps Lock is on. Press the Caps Lock key once, verify that the keyboard Caps Lock indicator light is off, and try entering the password again. 3. User has confused username with password. Verify that the user is typing his or her username in the User name field, and password in the Password field. 4. When logging in through CLI, some users do not realize that although they do not see anything being entered as they type, the system is taking the input. So it is sometimes common for beginning users to think their machine is frozen at this point. Reflection 1. Why is it important to log out or lock the console when leaving it unattended?

_______________________________________________________________ _______________________________________________________________
2. What are some of the reasons a user may not be able to log in to the server?

_______________________________________________________________ _______________________________________________________________
3. What advantages does the ability to switch between multiple login terminals provide?

______________________________________________________________ _______________________________________________________________

21 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

The CLI Interface - Knoppix


Estimated Time: 15 minutes Objective In this lab, the student will navigate the Knoppix file system. The student will learn how to use the navigation tools provided by Knoppix to locate files and folders. This lab covers the following commands: cd ls pwd cal date Equipment The following equipment is required for this exercise: A computer with Knoppix 3.9 or greater running. Scenario The student is setting up a new computer for a user. Before the user can have the new computer, some directories and files need to be created that the user will need. Procedure Using this new computer that has Knoppix running on it, the student will navigate through the file system and locate the users home directory. The student will also use the file system to navigate through and check to make sure that the necessary directories are in place. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: The ls, pwd and cd Commands 1. Login as the root user. If you followed the Preliminary step just above, you have already accomplished this. 2. At the command line, type: pwd This will show you the home directory that Knoppix assigned to the root user. What is this directory? ___________________________________________ The Knoppix command line processor is currently using the bash shell, which displays the last portion of the current directory path. What do you see in the square brackets? _________________ Does this make sense? ___________________ Note: Knoppix assigns /home/knoppix directory as roots home directory. Other Linux distributions, such as Red Hat and Fedora, assign a different directory (/root) as the root users home directory. 3. At the command line, type: ls This will display the contents of the root users home directory. In the space below, list the contents of the root users home directory.

22 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

4. From within the roots home directory type: cd .. Press the Enter key. Make sure to include a space between the (cd and the ..). The cd.. command moves the users up one directory. The parent directory of the roots home directory (in the Knoppix distribution of Linux) is the /home directory. 5. At the command line, again type: cd .. This is now the root ( / ) of the Linux directory structure. 6. From the / type: ls Press the Enter key. This will display the contents of the / directory. In the space below, list the directories just below the root / . Notice that there is a directory called /root. This is present in the Knoppix file system, but is not used by default as the root users home directory. It was mentioned in step 2 in connection with other distributions of Linux.

The contents of the / directory should look similar to the example above. Note: Although the / and the /root directory sound the same, they are two entirely different directories. The / is the highest level you can go in the Linux directory system. The /root is the home directory for the root user in some Linux distributions. In Knoppix, it is present, but is an empty directory. Example: 7. From the root of the Linux directory structure type: cd bin Press the Enter key. This will change the current active directory to /bin. Verify this with the pwd command. The pwd command will print the current working directory to the screen. Type: pwd Press the Enter key. In the space below, write down the output of the pwd command:

__________________________________________________________________

23 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

8. To list the contents of the /bin directory type: ls Press the Enter key. In the space below, list three commonly used commands that can be found in the /bin directory.

______________________________________________________

Example: typical /bin directory 9. From the /bin directory, type the following command and press the Enter key: cd When typed without switches, the cd command will lead to the users home directory. Verify that the user is in the /home/knoppix home directory, type: pwd Press the Enter key and write down the output of the pwd command.

________________________________________________________
10. From the /home/knoppix home directory, type and press the Enter key: cd /etc This command will take the user to the /etc directory. The / before the etc directory will tell Linux to go up to the root ( / ) first, then down to the etc directory. From within the /home/knoppix directory the user cannot simply type cd etc. Typing cd etc from within the /home/knoppix directory will tell Linux to look down first and the etc directory will not be found. From within the /etc directory type: ls Press the Enter key and briefly describe the contents of the /etc directory. In the space below, write the file names that start with rc.

__________________________________________________________________

24 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

11. Return home by typing: cd Press the Enter key and verify that you are in the home directory by typing: pwd In the space below, write out the path.

________________________________________________________
Step 2: The cal and date Commands 1. To use the man command to learn about the cal command, type the following: man cal Next, type the current month. Example: cal 11 2005 Now try: cal 09 1752 Example:

Linux did not get the month wrong. What happened to the 3rd through the 13th in September of 1752? Hint: go back to the man page for the cal command. Search for something about the year 1752 with the search function, /1752. Knoppix gives an abbreviated account of the history of the calendar conversions.

______________________________________________________________
2. To use the man command to learn about the date command, type the following: man date At the command line, type: date Then type: date u In the space below, describe the difference between the two outputs.

________________________________________________________
Reflection Navigating the file system can be done with the X-Windows GUI similar to the way it is done in Windows. However, many experienced Linux users find it easier and faster to navigate using the CLI (Command Line Interface).

25 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

The Linux bash and C Shells - Knoppix


Estimated Time: 15 minutes Objective In this lab, the student will learn how to use the following shells: bash csh Equipment The following equipment is required for this exercise: Computer with Knoppix 3.9 or greater running. Scenario Login and run the bash shell and the C shell. Initiate various commands to compare and contrast the two shells. Procedures Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: Shell Background Information Answer the following questions: 1. What is a shell?

_______________________________________________________________
2. Who wrote the bash and the C shells?

_______________________________________________________________ _____________________________________________________________
This lab will use the Linux ps command. The ps command gives a snapshot of the current processes (or jobs) that are running. Before starting this lab, learn more about the ps command by typing: man ps What are some significant switches (options) that can be used with the ps command?

______________________________________________________
Note: All Linux shells have many common attributes. For example, the following keystrokes will do the following functions: Ctrl-C Sends an interrupt signal to terminate a process. Ctrl-D Sends an end of file to the running command. Ctrl-Z Suspends the currently running program.

26 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 2: Shell Operations If not already logged in, log in now as the root user. To determine the current shell, try typing in the following commands: ps and echo $SHELL The echo command will reply back to the monitor (or echo) information about the current running shell.

Note: Knoppix uses the bash shell for the root user by default. If you create a regular user, Knoppix will by default give that account another shell called sh. Other Linux distributions follow different conventions. Does the screen look like this? What is the shell that is currently running?

______________________________________________________
Step 3: The C Shell 1. Switch to the C shell. At the prompt type: csh What does the prompt look like? How is it different from the bash shell? _______________________________________________

2. Run the ps command again, type: ps Describe the output of this command: Does the screen look similar to this screen?

____________________________________________________________
What is the Process Identification (PID) for the csh shell on the computer?

______________________________________________________

27 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 4: Exit the C shell From the C shell type: exit What shell did the user end in?

___________________________________________________________
How can this be verified?

__ ________________________________________________________
Step 5: Exit the bash shell From the bash shell type: exit Where did the user end up this time?

_________________________________________________________
Step 6: Shell Helpful Tips If logged out in the previous step, log back in as the root user by clicking the Penguin icon. There are many useful keyboard combinations that are part of the bash shell. For example, if it is known that a command starts with gre, but the rest of the command has been forgotten, try typing: gre (then press the Tab key) What were the results?

_______________________________________________________________
Now, go to the C shell (type csh) again and try the same command, type: gre (then press the Tab key) Did the same command work in the C shell? Explain why. _________________________________________________________________

_______________________________________________________________
Exit the C shell by typing exit Step 7: Navigating the File Structure Type: cd / This will take you to the root of the directory structure, /. Next, type: cd /h (then press the Tab key) Did it complete the command for you?

_______________________________________________________________
Click the Enter key. What is the current directory?

_____________________________________________________________
Try this same command sequence in the C shell. Does tab-completion work in the C shell?

_______________________________________________________________
Reflection Linux shells are generally not considered to be very user-friendly. Between the bash shell and the C shell, which one is easier and why?

______________________________________________________________ _______________________________________________________________

28 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Using the Linux vi Editor in Knoppix


Estimated Time: 30-45 Minutes Objectives Become familiar with the vi Editor Review the three vi Modes Review keystrokes to move between vi modes Create a new file with vi Editor Invoke vi with show mode Review the save and quit commands Open an existing file with vi Editor Use editing commands Customize a session Use search commands Equipment The following equipment is required for this exercise: A computer running Knoppix v.3.9 or greater with a user account. Introduction In this lab, the student will use a UNIX text-editing tool called the vi (pronounced "vee eye") Editor. This text editor is primarily used for creating and modifying files that customize the work environment and for writing script files to automate tasks. System administrators use text editors to create and modify system files used for networking, security, application sharing, and so on. The vi Editor became a part of the UNIX operating systems shortly after UNIXs inception, and is universally available with UNIX systems (including Linux). The vi Editor is a very flexible and powerful editor with many options. These will be reviewed here with examples of their use. For users learning to become system administrators, it is important to know how to use the vi Editor. It is sometimes the only full screen editor available to edit crucial system files. Examples of these include scripts and environment control files. Skill in using vi Editor is also needed if the windowing system is not available. The vi Editor is a useful tool when working remotely on other Linux workstations or servers. Administrators routinely login remotely or telnet to another Linux computer to perform maintenance and troubleshooting tasks using the vi Editor. The availability and operation of vi Editor is consistent across all UNIX/Linux platforms, including Knoppix. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. If you do not currently have a user account, create one now, based on your name. For example, Maria Chavez could create a user account like this: useradd m mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted.

29 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. Step 1: Access the Command Line Use the root shell, or press the Konsole terminal icon on the taskbar to open a terminal window. Step 2: Switch to your user account Type, for example, su - mchavez to be a regular user. Step 3: Review the Three vi Modes There are three modes of operation in vi Editor. Understanding the function of these three modes is the key to working with vi Editor. All commands available with vi Editor can be classified in one of the three modes. The table below lists the modes and a brief description of each. Review the three modes and answer the following questions. ModeMMode Function / Characteristics Initial default mode for creating and editing files, cursor positioning and Command mode modification of existing text. All commands are initiated from this mode. Insert mode Used for entry of new text. Entering an insert command such as i (insert), a (append) and o (open new line) will take the user from command mode to entry mode. Entry commands are stand-alone and are entered without pressing the Enter key. Last-line mode Used for saving work and quitting the vi Editor. Type a colon (:) to get to this mode. Pressing the Enter key or Esc key returns to command mode. 1. Which vi mode is primarily used to enter new text?

_________________________________________________________________
2. Which vi mode is used to save the work and quit vi Editor?

_______________________________________________________________
3. When starting start the vi Editor, which mode is the default?

______________________________________________________________
Step 4: Review Keystrokes to Move Between vi Modes The table below shows how to switch modes and get from one mode to another. Review the keystrokes required to move between modes and answer the following questions. From Mode Command Entry Command Last-line Entry Last-line To Mode Entry Command Last-line Command Last-line Entry Commands / Keystrokes i (input), o (open new line), a (append to existing line) Press Esc (Escape) Colon (:) Press Esc or Enter Press Esc to return to Command mode, then enter a colon Press Enter or Esc to return to Command mode, then enter an insert command

1. Which single-character alphabetic commands will put vi in Entry mode?

_______________________________________________________________
2. Which key will return vi to Command mode from either Last-line or Entry mode?

_________________________________________________________________
3. Which command will put vi into Last-line mode from Command mode?

_____________________________________________________________

30 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 5: Create a New File with vi Editor The vi Editor is started from the command line. Whenever invoking vi Editor, the user is opening a file. The name of the file to be created or edited can be specified when the user starts vi Editor, a new file can be opened to be named later. It is common to start vi Editor and specify a file name. If the file exists, it is opened for editing. If the file does not exist, it is created. Command Format: vi [option(s)] [filename] 1. If logged in as the root user, switch users to the user account you created (for example su mchavez). Verify that the student is in the home directory. What command was used?

_______________________________________________________________
2. Open a new file called myvifile using the command: vi myvifile. What does the vi document screen look like?

_____________________________________________________________
3. Press the lower case letter i to begin inserting text at the first line. Is there any indication on the screen that the user is in Insert Entry mode?

_______________________________________________________________
4. Type the students name. If a mistake is made, do not try to correct it at this time. Was the student able to enter text in Insert mode?

_________________________________________________________________
5. Press the Esc key to leave Insert Entry mode and return to Command mode. Is there any indication on the screen that the user is back in Command mode?

________________________________________________________________
6. Type a colon to go from Command mode to Last-line mode. Is the user now at the bottom left corner of the screen at a colon (:) prompt? If not, press Esc again, and enter another colon.

________________________________________________________________
7. Type a lower case w (write - to save the new file), followed by a lower case q (quit - to exit the vi Editor) and press Enter. What was the result of the wq commands? Is the user back to the command prompt now?

________________________________________________________________
8. The new file should be saved in the practice directory on the hard disk. Display a long listing of this directory to verify that the file is there (ls l). How many bytes are in the file?

________________________________________________________

31 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 6: Review the Save and Quit Commands In the previous steps, the student created a file and saved it with the w (write) command and exited vi Editor with the q (quit) command. There are several Save and Quit commands available with vi Editor. The following table lists some of the more common ones. Note: Save and Quit commands (except for ZZ) are entered only when in Last-line mode. Save and Quit Commands Command Meaning :w Write buffer (Save changes and continue working in vi Editor) :w new_filename Write buffer to new_filename (continue working in vi) :wq Write buffer (save changes) and quit vi ZZ (upper case) Save changes and quit vi. Alternative to :wq :q! Quit without saving changes :wq! Write buffer (save changes) and quit vi (The ! will override Read only permissions if the user is the owner of the file.) 1. Most save and quit commands are entered in which mode?

____________________________________________________________
2. Which command will allow the user to exit vi Editor and not save any of the changes?

__________________________________________________________________
3. Which two commands listed in the table perform the same function?

___________________________________________________________
4. Which command allows the user to save the current file being edited under another name, and remain in vi Editor to continue editing the current file?

_____________________________________________________
Step 7: Open an Existing File If the user starts vi Editor and specifies an existing file name, it is opened for editing. Here the student will add some new text in Entry mode and try a few cursor positioning commands. 1. Open myvifile, which was created earlier using the command: vi myvifile. What does the vi document screen look like?

_________________________________________________________
2. Position the cursor at the end of the name and press the lower case letter a to Append to the line that was typed earlier. Type some text, and the press Enter for a hard return and then type some more text. Enter about three lines of text this way. What mode is the user currently in?

_______________________________________________________
3. Press the Esc key to leave Insert mode and return to Command mode. In Command mode, can the user position the cursor (with the arrow keys) for additional editing?

_______________________________________________________________
4. The user can move the cursor with the arrow keys while in the various entry modes and will still remain in that mode. The table below contains some of the more common cursor positioning keys and commands. If using the alphabetic commands while in an entry mode, they will be entered as text. The user needs to press Esc to get to command mode to use them. Practice using these while editing this file. Which character moves the user back one word at a time?

________________________________________________________________

32 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 8: Cursor Positioning Commands Command Meaning Move down one line j or Down arrow Move up one line k or Up arrow Move right (forward) one character Space bar w Move forward one word (including punctuation) Move left one character (check for accuracy) Back Space B Move back one word (including punctuation) Move to end of line $ Move to beginning of line 0 (zero) or ^ Move down to beginning of next line Return Meaning 1. Press the up arrow to position the cursor until it is on line two. Use the j (jump down) command to move down and then use the k (kick up) command to move back to line two. 2. Type a lower case o to open a new line below the line the cursor is on and enter some new text. What mode is the user in now?

_______________________________________________________
3. Press the Esc key again to leave Open line Entry mode and return to Command mode. 4. Type a colon (:) to go to Last-line mode then save and quit this file when finished. If this were a real file, and some mistakes had been made, and the user did not want to save the changes, what Last-line mode command would be used?

_______________________________________________________________
5. The new file should be saved in the practice directory on the hard disk. Display a long listing of this directory to verify that the file is there. How many bytes are in the file?

______________________________________________________
Step 9: Use Editing Commands There are a many editing commands that can be used to modify existing text in a file. These include commands for deleting, and changing text. The majority of these commands are entered while in command mode. 1. Open a new document with vi Editor. What is the file named?

______________________________________________________
2. Insert some text. Add five or more lines of text and press Enter at the end of each line. Make some mistakes while typing. 3. Delete some text. While in command mode, position the cursor to the desired location and use the options shown in table below to delete some of the mistakes. Note: These commands are ALL lower case and are entered without the Enter key. Basic Text Deletion Commands Command Meaning x Delete character at the cursor dw Delete word (or part of word to right of cursor) 3dw Delete three words dd Delete line containing the cursor 3dd Delete three lines

33 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

1. Undo and change some text. To change text and undo changes, use the commands shown in the table below. Many of these commands change the user to Insert mode until Escape is pressed. Note: These commands are ALL lower case. Undo and Change Commands Command Meaning cw Change word (or part of word) at the cursor location to the end of the word 3cw Change three words r Replace character at cursor with one other character u Undo previous command 1. Copy and paste text. To copy and paste text, use the following options: Copy and Paste Commands Command Meaning yy Yank a copy of line and place in the clipboard p Put (paste) yanked or deleted line below current line P (upper case) Put (paste) yanked or deleted line above current line 1. Save the file and quit vi Editor. What command was used?

_______________________________________________________________
Step 10: Customize the Session The vi Editor includes options for customizing the edit sessions. These are summarized in the table below. The set command is used from last-line mode to control these options. The set nu option shows line numbers and is used frequently when writing programs and script files. The line numbers are not part of the file. 1. Open the document you just created with vi Editor. Use the commands in the table to customize the vi session. Session Customizing Commands Command Meaning :set nu Show line numbers :set nonu Hide line numbers :set showmode Display current mode of operation :set noshowmode Turn off mode display :set Display all vi variables set :set all Display all possible vi variables and their current settings

34 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 11: Use Search Commands The commands in the table below allow the user to perform advanced editing such as finding lines or conducting searches for text. Note that the forward slash (/) and the question mark (?) search options are also last-line commands, but they do not require a colon first. The next (n) and next previous (N) commands can be used to find the next occurrence after the /string or ?string commands found what the user was looking for. Basic Search Commands Command Meaning G (upper case) Go to last line of file :21 Go to line 21 /string Search forward for string ?string Search backward for string n Find next occurrence of string Use the commands in the table to practice searching for a particular line or string of text. Quit vi Editor without saving any changes. What command was used?

______________________________________________________

35 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Using the AWK Command in Knoppix


Estimated Time: 45 Minutes Objective In this lab, the student will learn how to write a script and execute it with the awk command. Equipment The following equipment is required for this exercise: A computer running Knoppix 3.9 or greater. A text file (see below) that is copied into the users home directory. Background The AWK command is a programming language that allows you to search through files and modify records. AWK is named after its authors Aho, Weinberger and Kernigham When running AWK, remember these rules: Enclose the AWK commands argument in single quotes. All quotation marks within the argument are used in pairs. Enclose action statements such as {print $2} with curly braces. Enclose conditional statements such as ($4 > 20.0) in round parentheses. Step 1: Create the text file that simulates a small database Create a data file using the vi text editor. Type the following text in the file and then save the file. # vi countries.txt To save the file in vi press the esc key, then type :wq (save & quit) at the prompt. Country Afghanistan Cambodia Canada Mexico United_States Area(sq-km) 647,500 181,040 9,984,670 1,972,550 9,631,418 Population 28513677 13363421 32507874 104959594 293027571 Median_age(yr) 17.5 19.5 38.2 24.6 36 Life_expectancy 42.46 58.41 79.96 74.94 77.43 Capital: Kabul Phnom_Penh Ottawa Mexico_City Washington_DC

source: www.cia.gov Step 2 Verify the contents of this file: cat countries.txt Run the following commands and then briefly describe the output. If you do not have access to the awk command, try logging using the root account. awk '{print $0}' countries.txt awk '{print $1}' countries.txt awk '{print $2}' countries.txt awk '{print $1 $5}' countries.txt awk '{print $1,$5}' countries.txt awk '{print $1 \t $5}' countries.txt awk '{print $1 \t $2}' countries.txt awk '{if ($1~/Cambodia/) print $0}' countries.txt awk '{if ($1~/Mexico/) print $0}' countries.txt

36 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

awk '{if ($5~/7/) print $0}' countries.txt awk '{if ($5!~/7/) print $0}' countries.txt awk '/^C/' countries.txt awk '{if ($4 > 20.0) print $0}' countries.txt awk '{if ($5 >= 50.0) print $0}' countries.txt awk '{if ($5 > 70.0) print $0}' countries.txt Step 3 Total up the population numbers in the output: #awk '(tot+=$3); END{print Total population numbers: Describe the output. tot}' countries.txt

Note: The population numbers in the countries.txt file do not contain commas, as the numbers in the Area column do. This allows numbers to be added without specifying their format. If you tried to add the numbers in the Areas column (Challenge: what command would you use?), you would not get the correct answer, because of the commas.

37 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Adding Users in Knoppix


Estimated Time: 30 minutes Objective In this lab, the student will learn how to log onto the server and create user accounts. Equipment The following equipment is required for this exercise: A computer with Knoppix 3.9 running. Preliminary step First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: Creating Accounts Step 1.1: The useradd Command If your Linux has booted to the graphical desktop, open a terminal window. You can use the root shell, or click the terminal icon on the taskbar. At the command prompt, type the command: man useradd What do the following switches do? -c ___ ____________________________________________ -d _ _ _____________________________________________ -e __ ________________________________________________ Does the useradd command create a home directory for the user by default? If so where?

Type q to exit the man page. Step 1.2: Adding Users If not already logged in as root, use the su root command with the roots password. You can now add user accounts to your Linux system. Add an account using your name. For example, Maria Chavez could create a user account like this: useradd m mchavez

Step 1.3: The passwd Command The useradd command by itself does not automatically allow a user to login. A password must first be assigned to the user account. This is done with the passwd command. At the command prompt, type the command: man passwd

38 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Briefly describe the following passwd switches: -l: _____________________ -u: ____________________ -d: ______________ What other means of password protection does the man passwd page discuss?

______________________________________________________________
Step 1.4: Assigning a password As root, assign your new account a password. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. Now you can login as that user. Note: If part of the password can be found in a dictionary, Knoppix will warn against using these passwords for security reasons, but it will accept them. Step 2: Account Verification In this step, verify that the accounts were created correctly in step 4 by using the finger command. To learn about the finger command type: man finger Experiment with the finger command, type: finger root Use the finger command to see if your account was created correctly. Was it? ______ Briefly describe the output of this command.

________________________________________________________________________ ________________________________________________________________________
Step 3: Deleting Users To delete an account, the Linux administrator uses the userdel command. Read the man page on the userdel command. Type: man userdel Describe the r switch when it is run with the userdel command. __ ___________________________________________________________ Step 3.1: Creating a Temporary Account To test the userdel command, create a temporary account. Type: useradd -m temp123 Note: This account does not need a password since this is only a temporary account. To see if the account was created, type: finger temp123 Was a home directory created? Y / N. Where? ____________________ Step 3.2: Deleting the Temporary Account Next delete the temp123 account, type: userdel r temp123 Does the account still exist? Type: finger temp123 What was the output of this command?

_______________________________________________________________
Is the home directory of the temp123 user deleted now? Y / N ____________

39 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Troubleshooting To create accounts in Linux, the user must be logged onto the server as an Administrator (root user). If you cannot create an account, make sure you are root. Reflection Why is it important that only an administrator is allowed to create user accounts?

_______________________________________________________________________ ________________________________________________________________________

40 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Managing User Account and Passwords in Knoppix


Estimated Time: 45 Minutes Objective In this lab, the student will examine where and how passwords and personal information for users is stored. Equipment The following equipment is required for this exercise: A computer with Knoppix 3.9 running. Preliminary step First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. If you do not currently have a user account, create one now, based on your name. For example, Maria Chavez could create a user account like this: useradd m mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. Step 1- Looking at the users account record in /etc/passwd Using the root shell or the Konsole shell from the taskbar, log in with the root user account. Type: tail /etc/passwd What is the last user that was added to your system (last line of the file)?

__ _____________________________________________________
There are seven fields in the passwd file, separated by colons. Write them below: 1) ____________2) ______________3) ______________4) ___________ 5) _____________6) ______________7) ________________ Create a short policy on login names for your organization. Briefly write out three rules that your login names should follow:

____________________________________________________ _______________________________________________________________

41 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 2- Looking for the users password Recall the password you gave to your user account that you created earlier. The second field in the password files record for your account is the password field (Field 2 in the preceding question). What is in that field now? Is it the same as the password you entered? ___ The password is not present in /etc/passwd. Look for it in /etc/shadow (the shadow password file), which only root can view. It is the second field in your accounts record there, too. Is it the same as the password you created?

The string of letters and numbers you see is an encrypted version of your password. Why was it put in a more secure file, and encrypted? ______________ Step 3- Verifying passwords Logout and log back in with your new user account to verify that the account works. The procedure for Knoppix will differ from that for a Linux distro such as Red Hat or Fedora. Those distros use a graphical logout/login. To log out of a users account and into anothers in Knoppix, open a terminal window, either the root shell or the Konsole icon from the taskbar. Type root@tty1[/]# login mchavez password: Last login: Mon May 30 03:34:27 2005 on /UNIONFS/dev/tty1 Welcome to Knoppix! mchavez@tty1[~]# If you see a similar output, your login was successful. Type exit to logout, and go back to root. Step 4- Setting options on passwords Run the man command on the passwd command. Briefly describe the following options: -l ________________________ -u __________________________ -d _____________________________ -n _____________________________ -x ____________________________ -w ______________________________ -i ________________________________ -S _________________________________ Check the status of the password on your new account using the S option: passwd S mchavez Now try it on the root account: passwd S root Was there a difference?

_______________________________________________________
When you created your user password, you did not give it any options. Do that now. Set lifetime of the password to 30 days, and warnings to be issued 5 days before it expires. passwd x 30 w 5 mchavez Verify that the password options have been updated (look for the 30 and the 5): tail -5 /etc/shadow

42 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 5- Investigating weaknesses in the password security system 1) Create a temporary user account, temp1. Do not assign this new account a password. Note: Knoppix wont create a home directory automatically, unless you use the m option. When you login as the temp1 user the home dir will be the root dir / . Also note that the other Linux command, adduser, may not work under Knoppix (there is a complicated workaround). #useradd temp1 2) Delete the x from the password field in the /etc/passwd file. #vi /etc/passwd In the last line of the file, delete the x in the line containing the temp1 account, by placing the cursor on it and typing x. Exit and save the passwd file by typing :wq 3) Login with the new temp1 account. Note: This procedure for Knoppix will differ from that for a Linux distro such as Red Hat or Fedora. Those distros use a graphical logout/login app. To log out of a users account and into anothers in Knoppix, open a terminal window, either the root shell or the Konsole icon from the taskbar. Type # login temp1 After deleting the x, were you able to login as temp1 without supplying a password? _______ Note: With Fedora or some other distributions, you may be able to log in. Note: Knoppix will continue to ask for a login. To terminate it, press CRTL-C and Enter to get back to the command prompt 4) Use vi to put the x back in the temp1 line in /etc/passwd. Give the temp1 account a password. Type #passwd temp1 Enter new UNIX password: Retype new UNIX password: Note: The encrypted password appears in the etc/shadow file, as you will see later. As root, use an editor to create a temporary account, i.e. temp2 by adding a line at the end of the /etc/passwd file. Note: You can create this account by copying and pasting the temp1 account and then changing the name. In Knoppix you can do this by using a word processor to edit the file. Or you can use vi to open the file and put the cursor at the beginning of the line you want to copy. Type yyp, a handy keystroke combination to remember for copying a line. You will have two copies of the line, one of which you can edit to make the temp2 account. In one of the lines, change temp1 to temp2 (two occurrences). Position the cursor over the character to delete, press x to delete it, press I to go into Insert mode, and press the character you wish to insert. After making changes, press ESC. Then type :wq to save the file. 5) Verify that you can login to the temp1 account, that now has a password (See number 3, above if you need a reminder of the command to do this). If you succeed in logging into temp1, Logout of temp1 and login to the new temp2 account. Describe any problems that you may have encountered and what the cause of this problem is. View the /etc/shadow file to see that temp1 has an encrypted password entry, and temp2 has no entry line at all in that file. Type #cat /etc/shadow. 6) Run the following command: #cat /etc/passwd | grep root What is the UID and the GID of the root account (third and fourth fields)? Could you create another account with a UID that is the same as the root account?

43 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

7) Edit the field for the account created above (temp1) in the /etc/passwd file. If there is an x in the password field, remove it. Change the UID to 0 (this is the first number). Log out completely and try to login as temp1. Were you asked to enter a password when you logged in? Step 6- Changing finger information- chfn command Thus far, you havent entered any personal information about your user account. Type: chfn mchavez Enter a full name, room number, phone numbers, etc. when prompted to do so. To view a display of the information, type in the following command sequence: finger mchavez Describe the output of the finger command: Step 7- User information field should reflect the name of the user The chfn command fills in the User Information field of the users entry in /etc/passwd. The information is treated as comments, although the finger command will look at that field, as well as the Login Name field. chfn asks for several pieces of information, one at a time. This exercise illustrates that the User Information field should reflect the name of the user, to avoid confusion. Create a new account, i.e. temp3. Type # useradd temp3 There is no need to assign a password. After the account has been created run the following command: #chfn temp3 This command fills in the User Information field of the users entry in /etc/passwd. Change the Full Name to temp4 and place random numbers when prompted to enter Room and Phone numbers, and Other. Run the following command sequence: #cat /etc/passwd | grep temp* Where did the temp4 account information name show up in the passwd file? Next, type in the following command: #finger temp3 Describe the output of the finger command for temp3: Is this a good idea? Should administrators disable the chfn command? Where is the chfn command located? (Hint: type #which chfn) ____________________

When Finished When you are done, become the root user and delete the users temp1, temp2, temp3.

44 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Creating Groups in Knoppix


Estimated Time: 30 minutes Objective In this lab, the student will learn how to create, rename, and delete groups using the Linux operating system. The student will also add a member to a group, and modify group permissions. Equipment The following equipment is required for this exercise: A computer with Knoppix 3.9 running. Scenario A few members in the Engineering Department, who are using Linux, are going to be working on classified documents. They need to have their own group created so they can keep these documents in certain folders that only their group will have permissions to. A group must be created and members added to this group. Procedures In this lab, the student will first create the engineering group and add a user account to this group. The student will then rename the group. In the last step, the student will delete the group. Tips: User permissions apply to the owner of the file or directory Group permissions apply to the members of the group that are assigned to a file or directory Linux stores group information in the /etc/group file. Preliminary step First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. If you do not currently have a user account, create one now, based on your name. For example, Maria Chavez could create a user account like this: useradd m mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it.

45 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 1: Creating a Group and Adding Users to the Group Use the account you created earlier (or mchavez) while doing this lab. In addition, create another user account called temp1, with a password, who will not be in your group. Refer back to Part 1 for this if you need to. 1. Login with the root account. 2. At the command prompt, type: groupadd engineering This will create the engineering group. 3. Next, add your account to the new engineering group by typing: usermod G engineering mchavez This will add the mchavez account to the engineering group. 4. Verify that the new group has been created by typing: grep mchavez /etc/group The grep command looks for strings of text. In this case, the user asked the grep command to look in the /etc/group file for anything named mchavez. What were the results?

__________________________________________________________________
________________________________________________________________________ Step 2: Create a Working Directory for the Engineering Group 1. As the root user, go to the /home directory: cd /home 2. Create a new directory: mkdir eng 3. Verify that the new directory exists: ls l Notice the words root root in the line for the eng directory. The first root indicates that the root user owns the eng directory. The second root refers to a group (also called root) whose members have access to the eng directory. 4. Change the group membership of the eng directory with the following command: chgrp engineering eng 5. Verify that group membership has changed from root to engineering: ls l Which groups members now have membership in the eng directory? ____________________________________________________________________ 6. Change the permissions of the engineering directory: chmod 771 eng 7. Verify that permissions of the directory have changed: ls -l Write down the permissions you see in the listing. Do you know how they correspond to the Octal number 771? You may have to ask the instructor.

46 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Contents of roots home directory. Notice the entry for the /eng directory Note: Both the root account and the engineering group have the same Read, Write, and Execute permissions. The third group, called everyone, or other has Execute privileges only. Step 3: Creating Files in the eng Directory 1. Switch users from root to the mchavez account: su mchavez 2. Go into the eng directory: cd /home/eng 3. Create a file. Type: touch grp_file The touch command creates a file, although it has nothing in it. 4. Verify that the new file was created: ls l Is the file grp_file there? Y/N ____________ 5. Exit from the mchavez account. Type exit Now switch to a user temp1 who is not a member of the engineering group: su temp1 6. Go to the /home/eng directory: cd /home/eng 7. Create a file: touch grp_file1 What happened?

__________________________________________________________
Try typing: ls l What happened? Why?

__________________________________________________________

47 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 4: Deleting the eng directory 1. Log back in as the root user: exit 2. Verify that you are the root user: whoami 3. Go to the /home directory: cd /home 4. Delete the eng dir and its contents: rm r eng When prompted to descend into directory eng, type Y for yes. When prompted to delete the files, type Y for yes. When prompted to delete the directory, type Y for yes. 5. Verify that the eng directory has been removed: ls l Is the eng directory gone? Y/N ____________ Step 5: Renaming a Group 1. At the command prompt, type: groupmod n engineers engineering Press Enter. This will rename the group. 2. Verify that the group name changed: grep engineers /etc/group What is the output? ____________________________________________ Step 6: Deleting a Group 1. At the command prompt type: groupdel engineers Press Enter. This will delete the group. 2. Verify with the grep command: grep engineers /etc/group If the grep command returns with no output, it did not find anything in the file. Troubleshooting To create accounts in Knoppix, the user must be logged in as the root user. If problems are encountered while creating these accounts, verify that the user has the necessary administrative privileges. Reflection Why is it important that only an administrator be allowed to create groups?

__________________________________________________________________ __________________________________________________________________

48 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Creating Directories in Knoppix


Estimated Time: 15 minutes Objective In this lab, the student will learn how to create files and directories with the Knoppix operating system. Equipment The following equipment is required for this exercise: A computer with Knoppix 3.9 running. Scenario The IT department in a small company has purchased some new computer systems. They want some new directories and files created on the server for the people that are going to be receiving these new computers. Procedures In the first steps of this lab, the student will create some nested directories or folder. In the second part of the lab, the student will create another directory inside one of the directories already created. Lastly, the student will delete part of the directory tree without disturbing the rest of it. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. If you do not currently have a user account, create one now, based on your name. For example, Maria Chavez could create a user account like this: useradd m mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. Step 1: Login Login using your user account for this lab. Type: su - mchavez Step 2: The mkdir Command The mkdir command is used to create directories and subdirectories. Run the following command: man mkdir What does the p switch do when it is run in conjunction with the mkdir command?

___________________________________________________________

49 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 3: Creating Directories The following command sequence will not work unless the user is in the home directory. Type: cd Verify that the user is in the home directory. Type: pwd Next, create the directory structure by typing in the following command: mkdir p chemistry/experiments/week3 Verify that the directories were created correctly by typing: ls R Be sure to use a capital R with the ls command (for recursive listing). Describe the results.

______________________________________________________________
Your results should look similar to the following screen:

Next, create another directory in the chemistry directory. Type: cd chemistry This will change the current working directory to the chemistry directory. From the chemistry directory, type: mkdir laboratory Verify that the laboratory directory was created, type: ls Is the subdirectory called laboratory there? Y / N ___________ Are there now two directories in the chemistry directory? Y / N ___________ In the space below draw a picture of the home directory. Create a graphical representation of the home directory including all of the new directories that were created in the steps in this lab.

50 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 4: Removing Directories To remove the experiments/week3 directories without disturbing the others, navigate to the chemistry directory. Type: cd chemistry rm r experiments The r option is a recursive option, and descends into the directory levels and deletes. If prompted to descend into directory experiments, type Y for yes. If prompted to remove directory experiments/week3, type Y for yes. If prompted to remove directory experiments, type Y for yes. Type cd chemistry ls Are they gone? Y / N ___________ Reflection If the user had not used the p switch with the mkdir command, how would the directory structure have been created?

________________________________________________________________ __________________________________________________________________

51 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Configuring FTP Services in Knoppix


Estimated Time: 45 minutes Objective In this lab, the student will configure Knoppix as an FTP server. Equipment The following equipment is required for this exercise: A computer running Knoppix 3.9 or greater. Scenario The Marketing Director of the XYZ Company has requested an FTP site so employees in the Marketing and Sales Department will be able to access and download files when away from the office. An FTP site must be created on the server for them to access. Procedures First, a user will be added to the system, since FTP normally does not allow root to login to FTP. In the first part of this lab, the student will build the content that will be on the FTP server. In Knoppix, the FTP service is not started by default, so in the next step the student will start the internet daemon to start the FTP service. By default, Knoppix allows logins from localhost only (127.0.0.1). The student will verify that this works. The next part of the lab requires a LAN connection to another host. In this part of this lab, the student will edit two configuration files that will allow a remote host to login. It will also be necessary to set up the NIC for use on the network. The student will then verify that a remote host can login to the Knoppix FTP server. The procedures for starting the FTP service and the Telnet service in Knoppix are similar but not identical. Preliminary step First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: Adding a user that can login to FTP 1. The FTP server requires a user to have a home directory, and it also requires the path to the users shell to be listed in the users entry in /etc/passwd. Two options are needed with the useradd command to accomplish this. Create a user account, based on your name. For example, root could create an account for Maria Chavez like this: useradd m s /bin/bash mchavez 2. As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. 3. Look at the /etc/passwd file to see that the path to the users shell (the bash shell) appears. Type: tail /etc/passwd The end of the mchavez line will have /bin/bash.

52 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 2: Create a file that will be accessible by an ftp user The student will be logging into their home directory. Create a file there. Type: touch /home/mchavez/testfile or use the directory corresponding to your username. Step 3: Start the internet daemon Most daemons have start, stop and restart commands. If the internet daemon has not been started previously during this Knoppix session, start is used. If it is running, and you want it to re-read some altered configuration files, restart is used. Login with the root account. The internet daemon can only be started by root. Type: /etc/init.d/inetd start Step 4: Testing the FTP Server with a local login 1. To test if the FTP services are working properly from a terminal window, type: ftp localhost This command will use the system to access the FTP services on the same system. The Linux system will attempt to make a FTP connection to the system through the local loopback address 127.0.0.1. It will run through the login procedure and prompt the user to enter a username and password. 2. Login using the student account you have created (do not use the root account to log on). When prompted, type the student account name and password. 3. If you receive a welcome message from the FTP server, then you have successfully configured your Knoppix server for FTP access.

Example of a successful FTP login 4. To see the current working directory, type: pwd 5. To see the files in the current directory, type: ls a Do you see the file you created earlier (testfile)? _______ 6. To exit the FTP session, type: bye

53 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 5: Editing configuration files Two configuration files must be edited to allow logins to a Knoppix server from a remote host. 1. Using vi, edit the file /etc/hosts.allow, that has these contents.
# /etc/hosts.allow: list of hosts that are allowed to access the system. # See the manual pages hosts_access(5), hosts_options(5) # and /usr/doc/netbase/portmapper.txt.gz # # Example: ALL: LOCAL @some_netgroup # ALL: .foobar.edu EXCEPT terminalserver.foobar.edu # # If you're going to protect the portmapper use the name "portmap" for the # daemon name. Remember that you can only use the keyword "ALL" and IP # addresses (NOT host or domain names) for the portmapper. See portmap(8) # and /usr/doc/netbase/portmapper.txt.gz for further information. # ssh sshd : ALL@ALL : ALLOW ALL : 127.0.0.1 LOCAL : ALLOW ALL : ALL@ALL : DENY

As root, type: vi /etc/hosts.allow Navigate down to the last line:


ALL : ALL@ALL : DENY Move the cursor to the D of DENY. Press x four times to remove the word DENY. Press i to enter insert mode. Type ALLOW in uppercase. ALL : ALL@ALL : ALLOW Press ESC to exit insert mode. Type :wq to exit and save the file.

2. Using vi, edit the file /etc/hosts.deny, that has these contents.
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system. # See the manual pages hosts_access(5), hosts_options(5) # and /usr/doc/netbase/portmapper.txt.gz # # Example: ALL: some.host.name, .some.domain # ALL EXCEPT in.fingerd: other.host.name, .other.domain # # If you're going to protect the portmapper use the name "portmap" for the # daemon name. Remember that you can only use the keyword "ALL" and IP # addresses (NOT host or domain names) for the portmapper. See portmap(8) # and /usr/doc/netbase/portmapper.txt.gz for further information. # # The PARANOID wildcard matches any host whose name does not match its # address. ALL: PARANOID

As root, type: vi /etc/hosts.allow Navigate down to the last line:


ALL: PARANOID

Comment this line out with a # symbol. Press i to enter insert mode. Type # in uppercase.
# ALL: PARANOID Press ESC to exit insert mode. Type :wq to exit and save the file.

54 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 6: Restarting the internet daemon (inetd) Login with the root account. The internet daemon can only be started with the root account. Since the internet daemon is already running, use the restart command. Type: /etc/init.d/inetd restart The server should now accept logins from remote hosts

Restarting the internet daemon Step 7: Configuring the NIC In order to make a connection to the Knoppix server, its NIC, called eth0, must be configured and enabled. Select an IP address, network mask and broadcast address for your Knoppix server that is compatible with the other hosts on the network. Ask your instructor if you have questions. Then type: ifconfig eth0 192.168.0.3 netmask 255.255.255.0 broadcast 192.168.0.255 up Use numbers that are appropriate to your system. Remember to type the word up at the end of the line. That enables the eth0 card. Step 8: Testing the FTP server with a remote login 1. To login to a Knoppix server, you need to know its internet address. You assigned it in the previous step, but make sure it is correct, and that the NIC is running. At the servers terminal window, Type: ifconfig In the eth0 portion of the output, find the line that contains a part similar to this: inet addr: 192.168.0.3 (the address may be different) UP BROADCAST RUNNING Write down the IP address of eth0 on your Knoppix server.

_________________________________________________
2. To test if the FTP services are working properly, go to a computer that has a LAN connection to the Knoppix server. You can use a Windows command window (Start, Run, cmd), or a Linux system. If it is a Linux system, create a temporary user for the FTP purposes: adduser ftpclient 3. Give the new ftpclient a password: passwd ftpclient It is not necessary to have the same user account that you created on the Knoppix server. Login to the remote system as the user ftpclient. 4. Connect to the remote Knoppix FTP server. Type: ftp 192.168.0.3 (use the proper IP address) The remote system will attempt to make an FTP connection to the Knoppix system through the network. It will prompt the user to enter a username and password. 5. Login to the FTP server using the account name you created on the Knoppix system earlier in this lab, for example mchavez (do not use the root account to log on). 6. Because Knoppix is CD-based, expect a delay of several seconds before you see a response from the server. If you receive a welcome message from the FTP server, then you have successfully configured your Knoppix server for FTP access.

55 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

7. To see the current working directory, type: pwd 8. To see the files in the current directory, type: ls a Do you see the file you created earlier (testfile)? _________ 9. Retrieve the file testfile from the Knoppix server by typing: get testfile This will bring the file to the computer being used. Did you get a message saying that the file was received? __________ 10. To verify that the file has been received, open another terminal window on the client system. Type ls /home/ftpclient Was the file received? Y/N

__________________________________________________________________
With a windows FTP client, testfile may be placed in your user name directory under Documents and Settings. 11. To exit the FTP session, type: bye Troubleshooting In this lab, the IP address for the Knoppix server was statically assigned. In a corporate setting, if you have trouble connecting to the FTP site, check the IP address on the FTP server. If the networks IP addresses are assigned dynamically with a DHCP server, then the IP address might change from time to time. It is a good idea to assign the FTP server a static IP address so that the IP address does not change. Having the IP address changing all the time could create a lot of administrative costs and trouble from users and customers who will be calling and saying they cannot access the FTP site anymore. If there is difficulty with the Linux FTP client, try a windows computer. In addition to the command line ftp, a Windows system can easily connect to a Linux FTP server by using a popular program called WS_FTP. If you are familiar with WS_FTP, try to connect to the Linux system and download the file directly to the PC. Reflection If you are setting up an FTP server in a business or corporate network, routers and firewalls will have to be configured to allow FTP access to the FTP server. Remember that the IP address of the FTP server might not be a public IP address and therefore will not be directly connected to the network. In this case, configure the router to forward incoming FTP requests to the proper computer on which the FTP server resides. Keep in mind that the IP address of the Web or FTP must be statically assigned.

56 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Configuring Telnet in Knoppix


Estimated Time: 45 Minutes Objective In this lab, the student will learn how to configure the Telnet service on a system so that the user can remotely administer a Knoppix server. Equipment The following equipment is required for this exercise: A computer running Knoppix 3.9 or greater. Another system, either Linux or Windows, to attempt to Telnet into the Knoppix server. Scenario The student is setting up a Knoppix server that will need to be administered and accessed remotely. To do this, Telnet services will be installed on the Knoppix server. Procedures First, a user will be added to the system, since Telnet normally does not allow root to login. The student will then create a file in the home directory, so that the directory will be easily recognized when a Telnet connection is made. In Knoppix, the Telnet service is not started by default. In this lab, the student will edit two configuration files to add information that will be necessary when the service is started. After that, the student will start the internet daemon. In the last part of the lab, the student will test the Telnet service to confirm that it is properly installed and started on the server. Preliminary step First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: Adding a user that can login to Telnet 1. The Telnet server requires a user to have a home directory. One option is needed with the useradd command to accomplish this. Create a user account, based on your name. For example, root could create an account for Maria Chavez like this: useradd m mchavez 2. As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. Step 2: Create a file that will be seen by a Telnet user Later in this lab, the student will connect to the Knoppix server via Telnet. After connecting to Telnet, the student will be placed into their home directory. Create a file there now that will be easy to recognize later. Type: touch /home/mchavez/testfile or use the directory corresponding to your users name.

57 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 3: Editing the internet daemon configuration file The Telnet service is not listed in this file in the standard Knoppix OS. A line must be added. 1. If not already root, login with the root account and open up a terminal emulator window. From the terminal window, type the following command. cd /etc This will change the user to the directory where the internet daemon configuration file is located. Verify that the file is present. Type: ls inetd* Does the output show the file inetd.conf? ___________

The file /etc/inetd.conf. Note that there is no line for telnet. 2. Use the vi Editor to change this internet daemon configuration file. Type: vi inetd.conf Navigate to the line below these ones:
#:STANDARD: These are standard services. ftp stream tcp nowait root /usr/sbin/tcpd Press i to go into insert mode. type this line: telnet stream tcp nowait root /usr/sbin/tcpd Press ESC, then :wq to save and exit /usr/sbin/in.ftpd /usr/sbin/in.telnetd

58 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 4: Creating a dummy ssl certificate This is a workaround, because the Knoppix telnet daemon requires a ssl certificate file to be present on the server (a dummy one will do), before it will run the login program that accepts a username and password. In addition, the certificate works when only the first field (Country Name) is filled in. The other fields should be left empty by putting a dot in them. In the following output, openssl is a command. The rest of the text is issued by that command. Notice that each line ends with a dot, which is typed by the student. Country Name ends with US, or any other country abbreviation.
root@0[sbin]# cd /usr/lib/ssl/certs root@0[certs]# openssl req -new -x509 -nodes -out telnetd.pem -keyout telnetd.pem Generating a 1024 bit RSA private key .......++++++ ...++++++ writing new private key to 'telnetd.pem' ----You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:. Locality Name (eg, city) []:. Organization Name (eg, company) [Internet Widgits Pty Ltd]:. Organizational Unit Name (eg, section) []:. Common Name (eg, YOUR name) []:. Email Address []:. root@0[certs]#

Step 5: Starting the internet daemon (inetd) Most daemons have start, stop and restart commands. If the internet daemon has not been started previously during this Knoppix session, start is used. If it is running, and you want it to re-read some altered configuration files, restart is used. Login with the root account. The internet daemon can only be started with the root account. Type: /etc/init.d/inetd start or restart, if you have previously started it during this session.

Restarting the internet daemon.

59 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 6: Testing Telnet Access to the Localhost 1. To test the Telnet service, type: telnet localhost This will use the system to access the Telnet services on the same system. At this point the system will attempt to make a Telnet to the system through the local loopback address, 127.0.0.1. It will prompt the user to enter a username and password. 2. A user cannot login to a remote site with the root account. Use the student account you created earlier to log on and test the Telnet configuration. If a connection to the system is established, then the Knoppix server has been successfully configured for Telnet access. Here is sample output of a successful connection to Telnet. root@0[certs]# telnet localhost Trying 127.0.0.1... Connected to Knoppix. Escape character is '^]'. Debian GNU/Linux 3.1 Knoppix Knoppix login: mchavez Password: Welcome to Knoppix! mchavez@1[~]$ pwd /home/mchavez mchavez@1[~]$ ls Desktop GNUstep testfile tmp mchavez@1[~]$ exit Connection closed by foreign host. root@0[certs]# 3. What directory are you in? To find out, type: pwd In the space below, write down the current working directory: ______________________________________________________________

_______________________________________________________________
4. Type: ls Do you see testfile, that you created earlier in this lab? ______________

60 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 7: Connecting to Other Systems via Telnet (optional) To connect to the Knoppix Telnet server from another system, another configuration file must be edited, and the NIC must be configured. 1. Using vi, edit the file /etc/hosts.allow, that has these contents.
# /etc/hosts.allow: list of hosts that are allowed to access the system. # See the manual pages hosts_access(5), hosts_options(5) # and /usr/doc/netbase/portmapper.txt.gz # # Example: ALL: LOCAL @some_netgroup # ALL: .foobar.edu EXCEPT terminalserver.foobar.edu # # If you're going to protect the portmapper use the name "portmap" for the # daemon name. Remember that you can only use the keyword "ALL" and IP # addresses (NOT host or domain names) for the portmapper. See portmap(8) # and /usr/doc/netbase/portmapper.txt.gz for further information. # ssh sshd : ALL@ALL : ALLOW ALL : 127.0.0.1 LOCAL : ALLOW ALL : ALL@ALL : DENY

As root, type: vi /etc/hosts.allow Navigate down to the last line:


ALL : ALL@ALL : DENY Move the cursor to the D of DENY. Press x four times to remove the word DENY. Press i to enter insert mode. Type ALLOW in uppercase. ALL : ALL@ALL : ALLOW Press ESC to exit insert mode. Type :wq to exit and save the file.

Step 8: Configuring the NIC In order to make a connection to the Knoppix server, its NIC, called eth0, must be configured and enabled. Select an IP address, network mask and broadcast address for your Knoppix server that is compatible with the other hosts on the network. Ask your instructor if you have questions. Then type: ifconfig eth0 192.168.0.3 netmask 255.255.255.0 broadcast 192.168.0.255 up Use numbers that are appropriate to your system. Remember to type the word up at the end of the line. That enables the eth0 card. The Knoppix server should now accept Telnet logins from remote hosts. Step 9: Restarting the internet daemon See step 5 for details. Type /etc/init.d/inetd restart

61 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 10: Testing network access to the Knoppix Telnet server 1. To test the Telnet service, type: telnet 192.168.0.3 or use your address The Knoppix telnet server will prompt the user to enter a username and password. There will be some delay, because Knoppix runs from the CD, and there is probably some processing involving the dummy ssl certificate. Note: The student can use a MS Windows computer or a Linux computer to Telnet to the Knoppix server. 2. A user cannot login to a remote site with the root account. Use the student account you created earlier to log on and test the Telnet configuration. If a connection to the system is established, then the Knoppix server has been successfully configured for Telnet access.

Example of a successful connection to Telnet from Windows XP 3. What directory are you in? To find out, type: pwd In the space below, write down the current working directory: ______________________________________________________________

_______________________________________________________________
4. Type: ls Do you see testfile, that you created earlier in this lab? ______________ Troubleshooting Configuring services like Telnet for a Linux operating system can be somewhat confusing to the inexperienced user. Editing the configuration files can be a difficult task, so it is important to remember where these files are located and how to navigate to them. Telnet can be a useful troubleshooting tool, which will allow access to the system from virtually any operating system that has an Internet connection. As a system administrator, this can help with troubleshooting efforts. Reflection 1. What security risks does enabling Telnet pose to a system?

________________________________________________________
2. What are some precautions that would allow an administrator to provide security while having Telnet access enabled on a system?

____________________________________________
3. Which daemon is used for the Telnet service? ______________________________________________________________

62 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Creating a Samba Server in Knoppix v.3


Estimated Time: 60 minutes Objective In this lab, the student will start the samba service in Knoppix, allowing transfer of files to and from a Windows XP computer on the network. Equipment The following equipment is required for this exercise: A computer with Knoppix 3.9 running. A computer on the same network with Windows XP running. Scenario The users of the companys workstations need to share files between Linux or Knoppix computers and Windows computers. The easiest way to do this is with a samba connection. Procedures In the first steps of this lab, the student, as root will create a user account and will also enable that user as a samba user with a samba password. Root will then turn on the samba service. The student will create a user account on the Windows computer and create a shared folder and a test file for viewing. The student will, from the Knoppix computer, view the contents of the Windows shared folder. The student will copy the test file to the Knoppix computer. After file transfer in this direction is verified, the student will view the Knoppix users folder from Windows Explorer. A test file from the Knoppix computer will be copied onto the Windows computer. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. If you do not currently have a user account, create one now, based on your name. For example, Maria Chavez could create a user account like this: useradd m s /bin/bash mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. Step 1: Configure the network connection Login with the root account for the first part of this lab. Use the root shell, which should already be open, as the terminal window. Type netcardconfig This GUI application will guide the student through the process of setting up the IP address for the NIC. If there are questions about the proper addresses to use, ask the instructor.

63 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 2: Add a samba user Type smbpasswd a mchavez New SMB password: net@ccess1 Retype new SMB password: net@ccess1 NOTE: The password must be complex for SMB to accept it: 8 characters long and a mix of uppercase, lowercase, numbers, and symbols. This command adds the user mchavez as a samba user by placing an entry in the file /etc/samba/smbpasswd. It also assigns the samba password net@ccess1 to that user. Notice that root can do this without the samba server being started. The user mchavez had to exist on the system (with an entry in /etc/passwd) before mchavez can be added as a samba user. Put a test file in the home directory of mchavez. It will be viewed later from the Windows computer. Type touch /home/mchavez/file2 Step 3: Start the Samba server Still as root, type /etc/init.d/samba start Starting Samba daemons: nmbd smbd The samba server is now running.

is the output.

Step 4: Prepare the Windows XP computer for the Samba connection -- Add User 1. On the Windows XP computer, use Control Panel to add a user and password that matches the samba user you created on the Knoppix machine (mchavez and net@ccess1 respectively). 2. At the Windows computer, log in with the name of the samba user with which you want to connect. Step 5: Prepare the Windows XP computer for the Samba connection -- Create Share 1. On the Windows XP computer, turn off 'Simple File Sharing': Go to 'My Computer' and double click on 'Local Disk C'. Then select 'Folder Options' under the 'Tools' menu. 2. Under 'Folder Options' find the 'View' tab. Go the bottom of the list under 'Advanced Settings' and clear the check box next to 'Use simple file sharing (Recommended)' then click 'OK' 3. In Explorer window on the C: drive, go to File -> New -> Folder and name the new folder share 4. Right click on the folder and select 'Sharing and Security'

64 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

5. Select the 'Security' tab and click on 'Add'

6. Type 'Everyone' in the box titled 'Enter the object names to select' and click on 'OK'

65 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

66 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

8. Select the 'Sharing' tab, select 'Share this folder' and type in the name 'share' then click on OK

9. The 'share' folder will appear with a hand beneath to indicate that the computer has shared the folder with the network.

Verify that the share is available by either typing 'net view \\machinename' in a command window or clicking 'Start' -> Run and typing \\machinename. Replace 'machinename' with either the IP address or the Computer name of the machine you are working on.

67 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

10. Using Notepad, add a file named file1.txt in the 'share' folder. Type at least one line of text into this file. (for example, your name and school: Fred Flintstone Bedrock High School )

11. Verify the share: Click on Start*Run and type '\\127.0.0.1\share'

The next window should show the file1.txt

68 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 6: Mount the remote computer in the Knoppix file system Login as root. Type cd /mnt mkdir samba-conn This creates a directory where the remote Windows computer will appear. In the following example, the Windows computer has the name windows-machine. In the screenshot, the Windows computer was called HP-xp Type mount t smbfs //windows-machine/share /mnt/samba-conn Step 7: Verify the samba connection from the Knoppix side The shared folder on the Windows computer should be visible under the mount point. Type cd /mnt/samba-conn ls The contents of the shared folder on the Windows computer should appear in the output. You should see the file called file1. Copy the test file to your local home directory. Type cp file1 /home/mchavez Verify that you can view the local copys contents. Type cd /home/mchavez more file1 Do you see the text that you originally created in the file file1 in the Windows computer? ___________ The following image shows typical output. The Windows computer name was HP-xp. In this example, the test file was called file1.txt.

Step 8: Verify the samba connection from the Windows side At the Windows computer, log in with the name and password of the samba user that you created in Step 4 above. Using My Network Places, navigate to Entire Network, Microsoft Windows Network, Workgroup. Under Workgroup, a computer called Knoppix should appear. Under that computer, the home folder of the samba user should appear, mchavez for the example in this lab. Do you see the test file, file2 that you created on the Knoppix computer in Step 2? _______ You should be able to drag a copy of it to another folder on the Windows computer. Now you have a samba server running on your network. You can transfer files between it and any Windows machine that can connect to it.

69 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Writing a Script File in Knoppix


Estimated Time: 30 minutes Objective Upon completion of this lab, the student will be able to create a script file and run it in the Linux environment. Equipment The following equipment is required for this exercise: A computer system with Knoppix 3.9 or greater running. Scenario The members of the Engineering Department are working on some important documents that need to be backed up frequently. This involves a repetitive process that requires them to type a long list of commands every time they need to perform a backup. Instead of typing all these different commands individually each time, a script file can be written to execute all of them with one command. Procedures Basic knowledge of the command line and the vi editor will be utilized in this lab. In the first step of this lab the student will log on to the system with the root account and create the script. In the second step of the lab, the student will assign permissions on the script so that only the specified users can execute it. Then in the third step of this lab, the student will log in a user account and execute the script. Background on the Linux .tar and .gz Extensions The .tar (tape archive) file extension indicates that someone has bundled two or more files together (usually for backup purposes). When a .gz extension is seen, the file has been compressed (similar to the .zip extension in DOS). For example, to archive a folder of WordPerfect files from a wp directory, use the tar command: tar cvf mywpdocs.tar wp/ To see all the files, use the following command: tar tvf mywpdocs.tar (the t will list all the files, a table of contents) To extract all the files, use the following command: tar xvf mywpdocs.tar (the x extracts the contents) The following is a list of switches that are used with the tar command: -c Create a new archive -t List the contents of an archive -x Extract the contents -f Write the archive to file -M Span multiple floppies if the archive is too big for one floppy -v List the files as they are being processed -u Add files to the archive -z Compress or decompress automatically The gzip and gunzip commands: It is very common for files to be compressed when a tar archive is created. gzip mywpdocs.tar will create a compressed file called mywpdocs.tar.gz and the original file will be deleted. gunzip mywpdocs.tar.gz will decompress the file.

70 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Now, create a user account, based on your name. For example, root could create an account for Maria Chavez like this: useradd m mchavez As root, assign your new account a password in this way. For Marias case, she would type (while logged in as root): passwd mchavez Changing password for user mchavez. Enter new UNIX password: Retype new UNIX password: Type it twice and it will be accepted. In Knoppix, passwords are locked by default. That is why mchavez couldnt create her own password immediately after her user account was created. Root has to do it. Step 1: Creating the Script 1. Login as root and navigate to the home directory. mchavez will be used as an example in this lab. At the command prompt, type: mkdir mybkup cd mybkup touch file1 file2 file3 This will create a small subdirectory in the /home directory called mybkup and it will contain three files. Verify the creation of the three files with the ls command: ls Were file1, file2, file3 created in the mybkup directory? Y/N __________________ Return to the home directory: cd Verify that you are in the users home directory. Type pwd 2. Create a vi script that will automate the backup process. From the command line, type: vi backup This will launch the vi text editor and a file called backup will be created and eventually saved in the home directory. 3. After the vi Editor is open, type the letter i on the keyboard to enter the text insert mode. 4. Type the following text into the text editor: #!/bin/sh # ls -R mybkup tar cvf mybkup.tar mybkup ls l # To exit and save the file, press the ESC key and on the keyboard and type: :wq

71 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

5. To verify that the backup script exists, at the command prompt type: ls Does the file backup exist in this directory? Y/N __________________ 6. To verify that the contents of the backup script, at the command prompt type: cat backup Do the contents of the backup file match step 4 above? Y/N __________________ Step 2: Assigning Permissions 1. For a script to be executable, the file permissions need to be changed. At the command prompt, type: chmod 700 backup 2. To check the permissions of the backup file, type: ls l backup Write the results in the space below:

____________________________________________________
Is the file now executable? How can this be verified?

Step 3: Executing the Script 1. At the command prompt, execute the script by typing: /home/mchavez/backup or ./backup Note: Usually, an absolute path needs to be specified to run a script. 2. To verify that a new file was created after the script was executed, type: ls Does a file called mybkup.tar now exist in the home directory? Y/N _________ Step 4: Delete and recover the mybkup directory 1. From the /home/mchavez directory, locate the original mybkup directory. Type ls Is the directory mybkup there? Y/N ________________ 2. To delete the mybkup directory, type: rm fr mybkup 3. To verify that the mybkup directory has been deleted, type: ls Is the directory gone? Y/N ________________ 4. To recover the mkbkup directory with the tar command, type: tar xvf mybkup.tar 5. To verify that the original directory has been restored with the backup, type: ls R mybkup 6. Is the directory there and are file1, file2 and file3 there? Y/N. _________ In the space below list the directories and files in the home directory:

_______________________________________________________________ _______________________________________________________________ _______________________________________________________________ Did the student get the directory and files back? Y/N ______________________

72 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Backing up with Knoppix


Estimated Time: 20 Minutes Objective To use the Backup utilities provided by the Knoppix operating system to perform a backup of directories and files. Equipment The following equipment is required for this exercise: A computer system with Knoppix 3.9 or greater running. Scenario The System Administrator for the XYZ Company needs to back up some of the files on the server. These files are important to the company and losing these files would damage the company. It is the System Administrators job to perform backups as preventative maintenance and to back up important files as required. Procedures Use the Knoppix commands to perform a backup procedure on the files that must be backed up. First, make a directory and create some sample files in that directory. Then back up the files and verify that the action was successful. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated. Step 1: Creating the directories and files 1. Login as the root user and open a terminal window, or use the root shell window if it is open. 2. At the command prompt, type mkdir bkupdir and then press Enter. This will create the directory in which to create the files. Verify with the ls command. Is the dir bkupdir there? Y/N _______ 3. Next type cd bkupdir and then press Enter. 4. Type touch file_A file_B file_C and then press Enter. The touch command will create three files. Verify with the ls command. Are the three files there? Y/N _________ 5. Type cd and then press Enter to get back to the home directory. 6. Next type ls -R bkupdir and then press Enter. This will show the directory and the files just created within the directory.

73 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 2: Performing the Backup 1. Next, backup the bkupdir directory. At the command prompt, type tar cvf bkup.tar bkupdir and then press Enter. The tar command creates the bkup.tar file from the contents of the bkupdir directory. 2. Type ls l to confirm the backup file was created. Is it there? Y/N ___________ 3. Type rm fr bkupdir and then press Enter. The rm command will delete the directory and the three files just created. 4. Type ls l and then press Enter to confirm that the directory was deleted. Is it there? Y/N __________ 5. Next, type tar xvf bkup.tar and then press Enter to restore the directories and files. The tar command will run the backup program to restore the files. 6. Type ls l and then press Enter, then type ls R bkupdir. Did the original directory and its files reappear? Y/N ________ Reflection Backing up data on a computer can be an important task, especially on servers that either have critical data that cannot be lost or on servers that are running critical services that must be running at all times. It is also to consider what might be some important factors in determining what kind of backup method is needed. For example the simple backup that was performed in this lab would be useful when a large or small amount of data needed to be achieved or backup. However a more elaborate kind of backup using an external device such as a tape drive or a RAID implementation may be needed for a backing up other kinds and data or hard drives. 1. Which tar switch will find differences between the archive and file system? _____________________________________________________________________ 2. What does a .tar extension mean? _______________________________________________________

74 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Syslog Knoppix
Estimated Time: 25 Minutes Objective To examine system log files and their uses. Equipment The following equipment is required for this exercise: A computer system with Knoppix 3.9 or greater running. Procedure The student will use Knoppix commands to look at log files in the places they are kept in the file system. Background information Log files are text files that record interesting system events. Log files contain messages about the system, kernel, services and applications. Log files are useful when troubleshooting a problem with the system or when looking for unauthorized attempts to access the system. Log files are controlled by the syslogd daemon. To see the list of log files the system maintains, examine the /etc/syslog.conf configuration file. Most log files are stored in the /var/log directory. Some applications such as apache and samba have a directory within the /var/log directory. There are multiple files in the log file directory with numbers after them. A new log file is created when they are rotated. Log files are rotated to prevent their files from becoming too large. logrotate is a program that contains a cron task for automating log file rotation. The logrotate program default settings are stored in the /etc/logrotate.conf configuration file. By default, the rotation is set for once a week and keeps four weeks of previous log files. Preliminary step for Knoppix users First, click the Knoppix Penguin icon, to get to the root shell. Assign yourself a root password with the passwd command, and enter the password twice. passwd Changing password for user root. Enter new UNIX password: Retype new UNIX password: The password will be successfully updated.

75 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

Step 1: Starting system logging Most Linux systems start system logging automatically. In Knoppix, the system logging is off by default. This can be checked by noticing that the files in /var/log remain empty. The syslogd daemon needs to be started. Type /sbin/syslogd Now, some of the log files should have contents. Check this by typing cd /var/log ls l

Some log files in /var/log, after system logging is turned on. Note that only four entries in this list have any contents. The rest have a file size of zero bytes. Step 1: Examining log files 1. Login as the root user and open a terminal window, or use the root shell window if it is open. 2. Use the ls command and the more command to locate and examine the Linux log files on your system. Where does Linux store most of its log files?

____________________________________________________
Using the more command, display and describe the log files below Log file Description /var/log/messages /var/log/syslog /var/log/lastlog /var/log/dmesg /var/log/samba/log.smbd 3. Describe the operation of the program syslog:

________________________________________________________
4. Briefly describe some of the logging options of the /etc/syslog.conf file:

____________________________________________________________________________

76 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005

5. Can the syslogd daemon be started/stopped/restarted with the services command? Is this a good idea? (Hint: see man syslogd and search for support for remote logging)

_______________________________________________________________ _______________________________________________________________
6. How often are the logs rotated? (Hint: type more /etc/logrotate.conf)

_________________________________________________________
7. For how long does Linux keep a log file? (Hint: type more /etc/logrotate.conf)

________________________________________________________
8. Run the lastlog command and briefly describe the output: 9. Using the lastlog command, who was the last user to login to your Linux system? Note: Because Knoppix is a CD-based demonstration Linux distribution, it doesnt record logins in the same way as a fullinstall Linux would, so you will probably see a report that no one has logged in, not even root.

_____________________________________________________________________

77 - 77 IT Essentials II v3 Linux Labs - Knoppix version

November 2005