unix 1
TRANSCRIPT
Experiment No 1
Aim: To study basic & user status Unix/Linux Commands.
Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or
512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation
takes about 3GB (will all desktop applications, like Open Office).
Procedure:
Unix
Command
Description
ls List directory contents
cp Copy files
rm Remove directory entries
file Determine file type
find Walk a file hierarchy
which Locate a program file in the user’s
path
whereis Locate programs
gcc, g++ GNU project C and C++ Compiler
gdb The GNU Debugger
less View the contents of a text file
diff Find differences between two files
cmp Compare two files
vi Text editor
chmod Change file modes
man Display the on-line manual pages
mv Move and rename files
ispell Interactive spelling checker
biff Be notified if mail arrives and who it is
from
lpr Print a file
lpq Show the print queue
ftp Transfer a file to another Unix system
logout Quit using the system
pwd Print working directory name
cd Change working directory
ln Make a file link
mkdir Make directories
rmdir Remove directories
chmod Change file modes
quota Display disk usage and limits
history Display a list of recent commands
ps Show the status of processes
kill Stop a running processes
passwd Change your password
alias Create a command alias
unalias Delete a command alias
export Set an environment variable
script Record your terminal session to a file
bg Send a job to the background
fg Bring a job to the foreground
jobs Print a list of current jobs
User Status Command
Finger command is used to lookup information about an user.
2 finger Examples
1. View detail about a particular user
finger command will display login, username, home directory, shell information about a
particular user as shown below.
$ Finger sathiya
Login: sathiya Name: (null)
Directory: /home/sathiya Shell: /bin/bash
On since Mon Nov 1 18:45 (IST) on :0 (messages off)
On since Mon Nov 1 18:46 (IST) on pts/0 from :0.0
New mail received Fri May 7 10:33 2010 (IST)
Unread since Sat Jun 7 12:59 2008 (IST)
No Plan.
2. View login details and Idle status about an user
Can use finger -s option to view the login detail for a particular user.
$ finger -s root
Login Name Tty Idle Login Time Office Office Phone
root root *1 19d Wed 17:45
root root *2 3d Fri 16:53
root root *3 Mon 20:20
root root *ta 2 Tue 15:43
root root *tb 2 Tue 15:44
Syntax and Options
Short Option
Option Description
-s
Display the user’s login name, real name, terminal name and write status
idle time, login time, and either
office location and office phone number, or the remote host.
-p
Prevent the -l option of finger from displaying the contents of
the .forward, .plan, .project and .pubkey
files.
-m
Prevent matching of user names. User is usually a login name; however,
matching will also be done on the users’
real names, unless the -m option is supplied.Display the user’s login name,
real name, terminal name and write
status idle time, login time, and either office location and office phone
number, or the remote host.
-o
When used in conjunction with the -s option, the office location and office
phone information is displayed
instead of the name of the remote host.
Result: Basic & user status commands are known.
Experiment No 2
Aim: Create a file called wlcc.txt with some lines & display how many lines, words &
characters are present in that file.
Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or
512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation
takes about 3GB (will all desktop applications, like OpenOffice).
Procedure:Algorithm:
1. Input the name of the file.
2. Count the words of the given file.
3. Count the characters of the given file.
4. Count the lines of the given file.
5. Print the result.
Coding:echo Enter the filename
read wlcc.txt
w= ‘cat $wlcc.txt | wc –w’
c= ‘cat $wlcc.txt | wc –c’
l= ‘grep –c “.” $wlcc.txt’
echo Number of characters in $wlcc,txt is $c
echo Number of words in $wlcc,txt is $w
echo Number of lines in $wlcc,txt is $l
Result: Lines, words & characters of given file is known now.
Experiment No 3
Aim: Create a program to find out the inode number of any desired file.
Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or
512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation
takes about 3GB (will all desktop applications, like OpenOffice).
Procedure:Algorithm:
1. Input the name of the file.
2. Count the inode number of the file.
3. Display the result.
Coding:
read fname #file name to be searched.
p=`pwd`
cd /
l=`find -name $fname`
l=`echo $l | ls -i`
set $l
echo "inode is $1"
cd $p
Result: Inode number of a given file is known now.
Experiment No 4
Aim: Study & use of the command for changing file permissions.
Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or
512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation
takes about 3GB (will all desktop applications, like OpenOffice).
Procedure:
Every file or folder in UNIX has access permissions. There are three types of
permissions (what allowed to do with a file):
read access
write access
execute access
Permissions are defined for three types of users:
the owner of the file
the group that the owner belongs to
other users
Thus, UNIX file permissions are nine bits of information (3 types x 3 type of users), each
of them may have just one of two values: allowed or denied.
Simply put, for each file it can be specified who can read or write from/to the file. For
programs or scripts it also can be set if they are allowed to be executed.
2. File permissions notation
2.1. Textual representation like "-rwxr--r--"
It is used in UNIX long directory listings. It consists of 10 characters. The first character
shows the file type. Next 9 characters are permissions, consisting of three groups:
owner, group, others. Each group consists of three symbols: rwx (in this order), if some
permission is denied, then a dash "-" is used instead. Example:
-rwxr--r--
0123456789
Symbol in the position 0 ("-")is the type of the file. It is either "d" if the item is a
directory, or "l" if it is a link, or "-" if the item is a regular file.
Symbols in positions 1 to 3 ("rwx") are permissions for the owner of the file.
Symbols in positions 4 to 6 ("r--") are permissions for the group.
Symbols in positions 7 to 9 ("r--") are permissions for others.
r Read access is allowed
w Write access is allowed
x Execute access is allowed
- Replaces "r", "w" or "x" if according access type is denied
2.1.1. Examples
-rwxr-xr-x
File,
owner has read, write, execute permissions,
group: only read and execute permissions,
others: only read and execute permissions.
dr-x------
Directory,
owner has read and execute access,
group and others have no access
2.2. Numeric (octal) representation like "644"
If a numeric representation is used (like in chmod command, for example), then it is
in the octal format (with the base of 8), and digits involved are 0 to 7. Octal format is
used for the simplicity of understanding: every octal digit combines read, write and
execute permissions together. Respective access rights for owner, group and others
(in this order) are the last three digits of the numeric file permissions representation.
Example: "0644". Here the second digit ("6" in the example) stands for rights of the
owner, the third digit ("4" in the example) stands for rights of the group, the fourth digit
("4" in the example) stands for rights of others.
This table shows what numeric values mean:
Octal digit Text equivalent Binary value Meaning
0 --- 000 All types of access are denied
1 --x 001 Execute access is allowed only
2 -w- 010 Write access is allowed only
3 -wx 011 Write and execute access are allowed
4 r-- 100 Read access is allowed only
5 r-x 101 Read and execute access are allowed
6 rw- 110 Read and write access are allowed
7 rwx 111 Everything is allowed
We see that "1" stands for execute only, "2" stands for write only, "4" stands for read
only. To combine the permissions you can simply add 1, 2 and 4 to get a needed
combination. For instance, to get read and write permissions, you add 4 (read) and 2
(write), thus getting 6 (read and write). To get read and execute permissions, you add 4
(read) and 1 (execute), thus getting 5 (read and execute).
2.2.1. Examples
644owner: read and write permissions,
group: only read permissions,
others: only read permissions.
755owner: read, write and execute permissions,
group: read and execute permissions,
others: read and execute permissions.
2.2.2. Why there is a leading zero?
In programming, for instance, in C language, leading zero means that the value is in the
octal format. Basically, it can be omitted. Owner, group and others rights are the last
three digits of the permissions.
2.2.3. Four meaningful digits like "4755"
There are cases when you may come across four non-zero digits, in this case the first
meaningful (non-zero) digit combines the following bits (in this order, high to low): SUID,
SGID, sticky bit. We also know that the last three are for owner, group and others.
See this table for more information about SUID and so on.
3. Difference in access permissions for files and folders
Access permissions for files and folders mean different things from the user standpoint.
The table below shows the difference.
Access type
File Folder
ReadIf the file contents can be
readIf the directory listing can be obtained
Write
If user or process can
write to the file (change
its contents)
If user or process can change directory contents
somehow: create new or delete existing files in
the directory or rename files.
Execute If the file can be executed
If user or process can access the directory, that
is, go to it (make it to be the current working
directory)
4. Permissions required for web server
Web server assigns the rights of the web-server-specific user, typically user "nobody",
to the connected web client, as if "nobody" is connected to the web server. "Nobody"
doesn't belong to your group and thus it inherits permissions that "others" have to your
files.
For generic files such as html or images, etc you usually need to set 644
permissions. It is because "nobody" needs to read the file, and thus the file
should be readable by others, hence 4 (read only) permissions for both group
and others. For yourself you need a right to read and write (hence 6) to the file.
For scripts you need 755 rights. The script should be executable by "nobody".
The script file should also be readable by "nobody", as the file is interpreted
by an interpreter such as Perl and therefore must be readable. Thus it must
combine read and execute permissions for "others", as "nobody" belongs
to "others" group. For yourself you need to have also write access, getting 755 as
a result.
5. Permissions set for FTP-uploaded files
When upload files to your web hosting accounts, you become the owner of the files.
Usually, by default files get 644 permissions, and depending on provider's FTP server
configuration they may get different permissions in different situations. Also can change
the file permissions with FTP client or by executing a chmod command in telnet.
6. Set user ID, set group ID, sticky bit
In addition to the basic permissions discussed above, there are also three bits of
information defined for files in UNIX:
SUID or setuid: change user ID on execution. If setuid bit is set, when the file
will be executed by a user, the process will have the same rights as the owner of
the file being executed.
SGID or setgid: change group ID on execution. Same as above, but inherits
rights of the group of the owner of the file. For directories it also may mean that
when a new file is created in the directory it will inherit the group of the directory
(and not of the user who created the file).
Sticky bit. It was used to trigger process to "stick" in memory after it is finished,
now this usage is obsolete. Currently its use is system dependant and it is mostly
used to suppress deletion of the files that belong to other users in the folder
where we have "write" access to.
6.1. Numeric representation
Octal digit Binary value Meaning
0 000 setuid, setgid, sticky bits are cleared
1 001 sticky bit is set
2 010 setgid bit is set
3 011 setgid and sticky bits are set
4 100 setuid bit is set
5 101 setuid and sticky bits are set
6 110 setuid and setgid bits are set
7 111 setuid, setgid, sticky bits are set
6.2. Textual representation
SUID
If set, then replaces "x" in the owner permissions to "s", if owner has execute
permissions, or to "S" otherwise. Examples:
-rws------ both owner execute and SUID are set
-r-S------ SUID is set, but owner execute is not set
SGID
If set, then replaces "x" in the group permissions to "s", if group has execute
permissions, or to "S" otherwise. Examples:
-rwxrws--- both group execute and SGID are set
-rwxr-S--- SGID is set, but group execute is not set
Sticky
If set, then replaces "x" in the others permissions to "t", if others have execute
permissions, or to "T" otherwise. Examples:
-rwxrwxrwt both others execute and sticky bit are set
-rwxrwxr-T sticky bit is set, but others execute is not set
1. What is a chmod command?
Chmod command sets UNIX file permissions. First you need to telnet or SSH to the
target computer, then in the command prompt you need to execute a chmod command.
Also can set the permissions with the help of other programs, such as FTP client.
2. Syntax and examples of the shell chmod command (telnet or SSH)
Syntax of the chmod command is the following:
prompt> chmod [options] permissions file[s]
The word "chmod" should be entered all in lowercase letters. Options can be:
-R, set permissions recursively
-f, "forced" or silent mode
-v, "verbose", show information for every file processed
-c, show information only if changes are made to the file
Permissions could be one of the following:
Octal numeric format, with a leading zero like "0644"
Octal numeric format, without a leading zero like "644"
Text form like "a+r", "u=rwx" or "o-w", you can use several comma separated text
form permissions
File[s] can be either
relative path to the file like "file.pl"
absolute path to the file like "/var/spool/mail/paul"
several space separated files like "file.pl /var/spool/mail/paul"
file name mask like "*.html" or "*"
What text permissions values mean:
uSets permissions for the owner of the file, e.g.: "u+w" allows the owner to write to the
file
gSets permissions for the group (to which owner belongs), e.g. "g-x" suppresses the
execution of the file by the group
oSets permissions for other users (that are not in group), e.g.: "o=r" allows others only
to read the file
aSets permissions for all (owner, group and others), e.g.: "a-w" disables write access to
the file for everyone
=Assigns the permissions, e.g. "a=rw", sets read and write permissions and disables
execution for all
-Removes certain thing[s] from the permissions, keeping all other (not involved)
permissions. E.g. "a-x" disables execution of the file for everyone, this example
doesn't touch read and write permissions.
+Adds certain thing[s] to the permissions, keeping all other (not involved) permissions.
E.g. "a+x" allows execution of the file for everyone, this example doesn't touch read
and write permissions.
r Sets read permissions
w Sets write permissions
x Sets execute permissions
t Sets sticky bit, e.g. "o+t" sets sticky bit for a file
s Sets SUID or SGID. E.g.: "u+s" sets SUID, "g+s" sets SGID.
2.1. Examples
Here are the examples of the chmod command. All commands do the same thing,
except that the first four set SUID & SGID and sticky bits to zero and the last two don't
touch SUID & SGID and sticky bits:
prompt> chmod 0755 script.sh
prompt> chmod 755 script.sh
prompt> chmod u=rwx,g=rx,o=rx script.sh
prompt> chmod u=rwx,go=rx script.sh
prompt> chmod u+rwx,g+rx,g-w,o+rx,o-w script.sh
prompt> chmod u+rwx,go+rx,go-w script.sh
This example performs recursive chmod for the directory:
prompt> chmod -R 755 mydirectory.
Result: File changing permissions are studied now.
Experiment No 5
Aim: Execute shell commands through vi editor.
Hardware Reuirement: Desktop requirements are higher, but 600MHz with 256 or
512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation
takes about 3GB (will all desktop applications, like OpenOffice).
Procedure:Linux is developed under the GNU Public License. This is sometimes referred to as
a "copyleft", to distinguish it from a copyright.
Under GPL the source code is available to anyone who wants it, and can be freely
modified, developed, and so forth. There are only a few restrictions on the use of the
code. If you make changes to the programs , you have to make those changes available
to everyone. This basically means you can't take the Linux source code, make a few
changes, and then sell your modified version without making the source code available.
Common vi editor command list
For this Purpose Use this vi Command Syntax
To insert new textesc + i ( You have to press 'escape' key
then 'i')
To save fileesc + : + w (Press 'escape' key then 'colon'
and finally 'w')
To save file with file name (save as) esc + : + w "filename"
To quit the vi editor esc + : + q
To quit without saving esc + : + q!
To save and quit vi editor esc + : + wq
To search for specified word in forward
direction
esc + /word (Press 'escape' key, type /word-
to-find, for e.g. to find word 'shri', type as
/shri)
To continue with search n
To search for specified word in backward
direction
esc + ?word (Press 'escape' key, type word-
to-find)
To copy the line where cursor is located esc + yy
To paste the text just deleted or copied at
the cursoresc + p
To delete entire line where cursor is located esc + dd
To delete word from cursor position esc + dw
To Find all occurrence of given word and
Replace then globally without confirmation
esc + :$s/word-to-find/word-to-replace/g
For. e.g. :$s/mumbai/pune/g
Here word "mumbai" is replace with "pune"
To Find all occurrence of given word and
Replace then globally with confirmationesc + :$s/word-to-find/word-to-replace/cg
To run shell command like ls, cp or date etc
within vi
esc + :!shell-command
For e.g. :!pwd
How Shell Locates the file
To run script, one need to have in the same directory where the creator created its
script, if he are in different directory your script will not run (because of path settings),
For e.g.. Home directory is ( use $ pwd to see current working directory) /home/vivek.
Then the creator created one script called 'first', after creation of this script he moved
to some other directory lets say /home/vivek/Letters/Personal, Now if he try to execute
its script it will not run, since script 'first' is in /home/vivek directory, to overcome this
problem there are two ways first, specify complete path of creator script when ever he
want to run it from other directories like giving following command
$ /bin/sh /home/vivek/first
Now every time you have to give all this detailed as you work in other directory, this take
time and you have to remember complete path.
There is another way, if you notice that all of our programs (in form of executable files)
are marked as executable and can be directly executed from prompt from any directory.
(To see executables of our normal program give command $ ls -l /bin ) By typing
commands like
$ bc $ cc myprg.c $ cal etc, How its possible? All our executables files are installed in directory called /bin and
/bin directory is set in your PATH setting, Now when you type name of any command
at $ prompt, what shell do is it first look that command in its internal part (called as
internal command, which is part of Shell itself, and always available to execute), if found
as internal command shell will execute it, If not found It will look for current directory,
if found shell will execute command from current directory, if not found, then Shell will
Look PATH setting, and try to find our requested commands executable file in all of the
directories mentioned in PATH settings, if found it will execute it, otherwise it will give
message "bash: xxxx :command not found", Still there is one question remain can I run
my shell script same as these executables?, Yes you can, for this purpose create bin
directory in your home directory and then copy your tested version of shell script to this
bin directory. After this you can run you script as executable file without using command
like $ /bin/sh /home/vivek/first Command to create you own bin directory.
$ cd $ mkdir bin $ cp first ~/bin $ first
Each of above commands can be explained as follows:
Each of above command Explanation
$ cd Go to your home directory
$ mkdir bin
Now created bin directory, to install your
own shell script, so that script can be run as
independent program or can be accessed
from any directory
$ cp first ~/bin copy your script 'first' to your bin directory
$ firstTest whether script is running or not (It will
run)
Now consider following command
$($ echo 'expr 6 + 3')
The command ($ echo 'expr 6 + 3') is know as Parameter substitution. When a
command is enclosed in backquotes, the command get executed and we will get output.
Mostly this is used in conjunction with other commands. For e.g.
$pwd $cp /mnt/cdrom/lsoft/samba*.rmp `pwd`
Now suppose we are working in directory called "/home/vivek/soft/artical/linux/lsst" and
I want to copy some samba files from "/mnt/cdrom/lsoft" to my current working directory,
then my command will be something like
$cp /mnt/cdrom/lsoft/samba*.rmp /home/vivek/soft/artical/linux/lsst
Instead of giving above command I can give command as follows
$cp /mnt/cdrom/lsoft/samba*.rmp `pwd`
Here file is copied to your working directory. See the last Parameter substitution of
`pwd` command, expand it self to /home/vivek/soft/artical/linux/lsst. This will save my
time. $cp /mnt/cdrom/lsoft/samba*.rmp `pwd`
Result: Shell commands are executed through vi editor.
Experiment NO: 6
Aim: To write a shell script that accepts any number of arguments and print them in reverse
order.
Hardware & Software requirement: Desktop requirements are higher, but 600MHz with
256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about
3GB (will all desktop applications, like OpenOffice).
Theory: A shell script is a script written for the shell, or command line interpreter, of an
operating system. It is often considered a simple domain-specific programming language.
Typical operations performed by shell scripts include file manipulation, program execution, and
printing text.
Many shell script interpreters double as command line interface, such as the various Unix
shells, Windows PowerShell or the MS-DOS COMMAND.COM. Others, such as AppleScript
or the graphical Windows Script Host (WScript.exe), add scripting capability to computing
environments without requiring a command line interface. Other examples of programming
languages primarily intended for shell scripting include DCL and. JCL.
Procedure: I. Flowchart:
(II) Algorithm: text = raw_input("Enter the string: ")
print "Reversed string: " + reverseIt(text)
def reverseIt(theStr):
revStr = "" # initially the reversed string is empty
# loop through theStr backwards, adding each character to revStr
for i in range(len(theStr)-1, -1, -1):
revStr += theStr[i]
# return the reversed string from the function
return revStr+
(III) Coding:
echo enter any number
read n
rev=0
sd=0
while [ $n -gt 0 ]
do
sd=`expr $n % 10`
rev=`expr $rev \* 10 + $sd`
n=`expr $n / 10`
done
echo "reverse number is $rev"
Result: shell script that accepts any number of arguments and print them in reverse has been
written.
Experiment NO: 7 Aim: To write a shell script to find the smallest of three numbers that are read from the
keyboard.
Hardware & Software requirement:: Desktop requirements are higher, but 600MHz with
256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about
3GB (will all desktop applications, like OpenOffice).
Theory: Shell scripts allow several commands that would be entered manually at a command
line interface to be executed automatically, and without having to wait for a user to trigger each
stage of the sequence. For example, in a directory with three C source code files, rather than
manually running the four commands required to build the final program from them, one could
instead create a C shell script, here named build and kept in the directory with them, which
would compile them automatically.The script would allow a user to save the file being edited,
pause the editor, and then just run ./build to create the updated program, test it, and then return
to the editor. Since the 1980s or so, however, scripts of this type have been replaced with
utilities like make which are specialized for building programs.
Procedure:I. Flowchart:
(II) Algorithm:Input: a,b,c
Output: small; smallest element in the sequence a,b,c
Input values
Small = a
If b < small, then small = b
If c < small, then small = c
(III) Coding:echo Enter 3 numbers with spaces in between
read a b c
s=$a
if [ $b -lt $s ]
then
s=$b
fi
if [ $c -lt $s ]
then
s=$c
fi
echo Smallest of $a $b $c is $s
Result: shell script to find the smallest of three numbers that are read from the keyboard
hasbeen written.
Experiment NO: 8 Aim: Installation,configuration and customizations of Unix/Linux
Hardware & Software requirement:: Desktop requirements are higher, but 600MHz with
256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,
however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about
3GB (will all desktop applications, like OpenOffice).
Theory: There are two types of Gridgen installations: a First Time Installation and a
Maintenance Release Installation.
• A First Time Installation involves extracting both Gridgen and its license managers from a CD
and is performed
by new users who are using Gridgen for the first time or by existing Gridgen users when a new,
major Gridgen version is released.
• A Maintenance Release Installation involves replacing your current Gridgen executable
program files with
the latest Gridgen executable files. You obtain the latest Gridgen executable either by
downloading them
from Pointwise’s ftp site or from a CD.
A typical Gridgen installation will result in the following layout of data (approximately 200
MBytes) in the
gridgen_home_path directory:
• doc/ - This directory contains the Gridgen User Manual, Glyph Reference Manual, Tutorial
Workbook,
and Gridgen Release Notes and Installation Instructions in PDF and HTML formats in the PDF/
and
Help/ subdirectories respectively. PDF files may be viewed and printed using Adobe Acrobat
Reader.
HTML files may be viewed by pressing Help within Gridgen.
• examples/ - This directory contains Gridgen (.gg), database, and Glyph script (.glf) files for
tutorials
and other examples of Gridgen usage.
hw/ - There is not a directory actually named hw. It is included here in a generic sense to
represent the specific
hardware brand(s) of computer on which you will install Gridgen and its license managers.
Instead of
hw you may see directories called sgi65, sun, hp, and linux. Hardware brand specific files for
the
license managers, library files, and executables will be contained here within subdirectories.
• licenses/ - This directory is where we strongly recommend that you install your license file.
• utils/ - This directory contains Glyph scripts that perform various utility functions.
• gridgen - This file is Gridgen’s Launch Script.
• LICENSE_CONTROL.SH - This file is Gridgen License Control Script.
Like many things in Unix, there are hundreds and hundreds of customizations you could
possibly make.
In order to make a customization, you need to first know exactly what you can change.
Dot files
Files for customization usually start with a "." (period). These files are sometimes called "dot
files." These files are checked when you log in to your account or start up a session at the Unix
shell.
You can find what dot files you have in your home directory by this list command:
$ ls -a
. .cshrc .history .plan cmc-html store
.. .forward .pinerc bin public_html
$
The dot files you need to change depend on which shell you are using and which application
programs you are using.
You can find out what shell you are using like this:
$ echo $SHELL
/bin/csh
$
Kinds of customizations in dot files
When you customize your account in a dot file, you usually are altering or setting the value of
some variable. These variables might be:
1. Environment variables that exist system-wide and are used by Unix to function for you.
2. Use the Unix env command to look at these.
3. You can use the Unix setenv command to set the values of these right at the shell
prompt, or you can use the setenv command within the proper dot file to set these
environment variables.
4. Check out this list of environment variables (in Appendix II, about two-thirds down the
page).
5. Variables you create, also called "aliases." These aliases are a way that you can create
shortcut names for commands or other things that you might want to use on a command
line.
(II) Algorithm:The Install Script performs many tasks:
1. Extracts Gridgen’s files from the CD
2. Extracts the license managers files from the CD
3. Generates your host ID and host name
4. Imports your Gridgen license file
5. Starts, stops, or queries the FLEXlm license server (uses the daemon lmgrd)
If you have licensed an NCR, the install script can also perform these additional tasks:
6. Generates your NCR host ID
7. Imports your NCR license file
8. Starts, stops, or queries the NCR license server
You are responsible for reporting the host ID and host name to us between tasks 3 and 4. For
users with a
licensed NCR, the NCR host ID (task 6) must be reported in addition to the Gridgen host ID and
hostname to
receive an appropriate license file.
(III) Coding: When first started the Install Script’s main menu will be displayed.
Enter key.
This first prompt is for the directory into which Gridgen will be installed. This directory is
Gridgen’s home
directory, called gridgen_home_path for short. The default installation directory is /usr/local/
gridgen
but you are free to choose any existing directory for which you have write privilege. Note: If your
server is an SGI Prism workstation, the installation directory should be created under /home.
The installation
directory must exist before you enter its name here or else the Install Script will exit.
Configuration
Company / developer GNU Project, Linus Torvalds and many
others
Programmed in Assembly language, C
OS family Unix-like
Working state Current
Source model Free and open source software
Latest stable release 2.6.39.2 (23 June 2011; 7 days ago
(2011-06-23))[2] [+/−]
Latest unstable release 3.0-rc5 (28 June 2011; 2 days ago
(2011-06-28))[3] [+/−]
Marketing target Desktops, servers, embedded devices
Available language(s) Multilingual
Available programming languages(s) Many
Supported platforms DEC Alpha, ARM, AVR32, Blackfin,
ETRAX CRIS, FR-V, H8/300, Itanium,
M32R, m68k, Microblaze, MIPS,
MN103, PA-RISC, PowerPC, s390,
S+core, SuperH, SPARC, TILE64,
Unicore32, x86, Xtensa
Kernel type Monolithic
Userland GNU and others
Default user interface Graphical (X Window System) and
command-line interface
License Various including GNU General Public
License, BSD License, Apache License,
MIT License, and others[4]
Result: Installation,configuration and customizations of Unix/Linux has been done.
Experiment NO: 9 Aim: Study and installation of Firewall and Proxy server
Hardware requirement: 1. a 486-DX66 with 32 meg of memory
2. a 250m hard disk (500 recommended)
3. network connections (LAN Cards, Serial Ports, Wireless?)
4. monitor and keyboard
With some systems by using a serial port console, you can even eliminate the monitor and
keyboard.
If you need a proxy server that will handle lots of traffic, you should get the largest system you
can afford. This is because for every user that connects to the system it will be creating another
process. If you will have 50 or more concurrent users I'm guessing you will need:
1. a Pentium II with 64meg of memory
2. a two gig hard disk to store all the logs
3. two network connections
4. monitor and keyboard
The network connections can be any type (NIC cards, ISDN, even modems).
Software requirement:● Selecting a Kernel
● Selecting a proxy server
To create a filtering firewall, you don't need any special software. Linux will do
If you want to setup a proxy server you will need one of these packages.
1. Squid
2. The TIS Firewall Toolkit (FWTK)
3. SOCKS
Theory: Internet firewalls are intended to keep the flames of Internet hell out of your private
LAN. Or, to keep the members of your LAN pure and chaste by denying them access the all the
evil Internet temptations. ;-)
The first computer firewall was a non-routing Unix host with connections to two different
networks. One network card connected to the Internet and the other to the private LAN. To
reach the Internet from the private network, you had to logon to the firewall (Unix) server. You
then used the resources of the system to access the Internet. For example, you could use X-
windows to run Netscape's browser on the firewall system and have the display on your work
station. With the browser running on the firewall it has access to both networks.
There are two types of firewalls.
1. Filtering Firewalls - that block selected network packets.
2. Proxy Servers (sometimes called firewalls) - that make network connections for you.
A proxy server is one that receives requests intended for another server and that acts on the
behalf of the client (as the client proxy) to obtain the requested service. A proxy server is often
used when the client and the server are incompatible for direct connection. For example, the
client may be unable to meet the security authentication requirements of the server but may
be required to access some services. It may also be used for screening purposes to enable
the administrator to control access to undesirable sites. The proxy server may also be used for
caching purposes which enables faster access to frequently used websites. All the computers
connected to the LAN access the Internet through a single IP address which results in improved
security simply because the number of ports exposed is reduced.
Proxy servers work on the seventh layer (the Application Layer) of the OSI model thus tending
to be application dependent unlike firewalls that work at lower layers. They are also more
difficult to install and maintain than firewalls, as proxy functionality for each application protocol
like HTTP, SMTP, or SOCKS must be configured individually. However, a properly configured
proxy server improves network security and performance. Since proxy servers function at the
OSI Application layer, their filtering capabilities are relatively intelligent. For example, proxy web
servers can check the URL (Uniform Resource Locator) of outgoing requests for Web pages by
inspecting HTTP GET and POST messages. Using this feature, network administrators can bar
access to illegal domains but allow access to other sites. Ordinary firewalls, in contrast, cannot
see Web domain names inside those messages. Likewise for incoming data traffic, ordinary
routers can filter by port number or network address, but proxy servers can also filter based on
application content inside the messages.
Linux ipchains is a rewrite of the Linux IPv4 firewalling code and a rewrite of ipfwadm, which
was a rewrite of BSD's ipfw.
Procedure: (I) Flowchart:
(II) Algorithm:
1. Install the TCP/IP protocol on all systems connected to the network.
2. Run the Install Wizard. The first screen is the product registration screen which require
you to enter the product key.
3. The next two screens require information about your Internet connection. Select the type
of connection and the name of your connection.
4. Enter the username and password of the Internet connection to be used.
5. WinProxy then configures the internal and external IP addresses. It automatically
assigns a unique address to each device on the LAN as internal addresses. The IP
address assigned to the modem/router by your ISP is taken as the external address.
6. WinProxy then prompts you to disconnect from the Internet if you are already connected.
7. In the final step WinProxy works through all the steps and verifies that all operations
have been performed properly.
The operations to work on entire chains are;
1. Create a new chain (-N).
2. Delete an empty chain (-X).
3. Change the policy for a built-in chain. (-P).
4. List the rules in a chain (-L).
5. Flush the rules out of a chain (-F).
6. Zero the packet and byte counters on all rules in a chain (-Z).
There are several ways to manipulate rules inside a chain:
1. Append a new rule to a chain (-A).
2. Insert a new rule at some position in a chain (-I).
3. Replace a rule at some position in a chain (-R).
4. Delete a rule at some position in a chain (-D).
5. Delete the first rule that matches in a chain (-D).
There are a few operations for masquerading, which are in ipchains for want of a good place to
put them:
1. List the currently masqueraded connections (-M -L).
2. Set masquerading timeout values (-M -S).
There are some timing issues involved in altering firewall rules.
A simplistic approach is to do the following coding.
(III) Coding: # ipchains -I input 1 -j DENY
# ipchains -I output 1 -j DENY
# ipchains -I forward 1 -j DENY
... make changes ...
# ipchains -D input 1
# ipchains -D output 1
# ipchains -D forward 1
#
Here a duplicate of the above firewall rules in IPChains.
#!/bin/sh
#
# rc.firewall
#
## Flush everything, start from scratch
/sbin/ipchains -F input
/sbin/ipchains -F output
/sbin/ipchains -F forward
## Redirect for HTTP Transparent Proxy
#$IPCHAINS -A input -p tcp -s 192.1.2.0/24 -d 0.0.0.0/0 80 -j REDIRECT 8080
## Create your own chain
/sbin/ipchains -N my-chain
# Allow email to got to the server
/sbin/ipchains -A my-chain -s 0.0.0.0/0 smtp -d 192.1.2.10 1024:-j ACCEPT
# Allow email connections to outside email servers
/sbin/ipchains -A my-chain -s 192.1.2.10 -d 0.0.0.0/0 smtp -j ACCEPT
# Allow Web connections to your Web Server
/sbin/ipchains -A my-chain -s 0.0.0.0/0 www -d 192.1.2.11 1024: -j ACCEPT
# Allow Web connections to outside Web Server
/sbin/ipchains -A my-chain -s 192.1.2.0/24 1024: -d 0.0.0.0/0 www -j ACCEPT
# Allow DNS traffic
/sbin/ipchains -A my-chain -p UDP -s 0.0.0.0/0 dns -d 192.1.2.0/24 -j ACCEPT
## If you are using masquerading
# don't masq internal-internal traffic
/sbin/ipchains -A forward -s 192.1.2.0/24 -d 192.1.2.0/24 -j ACCEPT
# don't masq external interface direct
/sbin/ipchains -A forward -s 24.94.1.0/24 -d 0.0.0.0/0 -j ACCEPT
# masquerade all internal IP's going outside
/sbin/ipchains -A forward -s 192.1.2.0/24 -d 0.0.0.0/0 -j MASQ
## Deny everything else
/sbin/ipchains -P my-chain input DENY
Result: Study and installation of Firewall and Proxy server has been done.
Experiment NO: 10 Aim: Implementation of DNS, LDAP services
Theory: DNS assists in assigning an IP address to one or more names and assigning a name to an IP
address. In Linux, this conversion is usually carried out by a special type of software known
as bind. The machine that takes care of this conversion is called a name server. The names
make up a hierarchical system in which each name component is separated by dots. The name
hierarchy is, however, independent of the IP address hierarchy described above.
Consider a complete name, such as earth.example.com , written in the format
hostname.domain. A full name, referred to as a fully qualified domain name (FQDN), consists of
a hostname and a domain name (example.com). The latter also includes the top level domain
or TLD (com). TLD assignment has become quite confusing for historical reasons. Traditionally,
three letter domain names are used in the USA. In the rest of the world, the two-letter ISO
national codes are the standard. In addition to that, longer TLDs were introduced in 2000 that
represent certain spheres of activity (for example, .info, .name, .museum). In the early days of
the Internet (before 1990), the file /etc/hosts was used to store the names of all the machines
represented over the Internet. This quickly proved to be impractical in the face of the rapidly
growing number of computers connected to the Internet. For this reason, a decentralized
database was developed to store the hostnames in a widely distributed manner. This database,
similar to the name server, does not have the data pertaining to all hosts in the Internet readily
available, but can dispatch requests to other name servers.
The top of the hierarchy is occupied by root name servers. These root name servers manage
the top level domains and are run by the Network Information Center (NIC). Each root name
server knows about the name servers responsible for a given top level domain. Information
about top level domain NICs is available at http://www.internic.net. DNS can do more than just
resolve hostnames. The name server also knows which host is receiving e-mails for an entire
domain—the mail exchanger (MX). For your machine to resolve an IP address, it must know
about at least one name server and its IP address. Setting up a DNS Server
One can use the named-bootconf.pl utility to convert old configuration files.
The /etc/named.boot file:
directory /var/named
cache . named.ca
primary myco.org named.myco
primary 0.0.127.in-addr.arp named.local
primary 1.168.192.in-addr.arp named.rev
The first line defines the base directory to be used. The name.ca file will contain a list of DNS
IP addresses for querying external addresses. The third line is optional and contains records for
the local LAN. The two next entries are for reverse lookups.
LDAP stands for Lightweight Directory Access Protocol. The protocol allows access to data
in a tree-like structure using attributes. LDAP can be thought of as a specialised database
which handles trees. Since directories are also trees, navigating LDAP fields is like navigating
a directory. Added to this LDAP has been designed mainly for optimal access. This clarifies the
words Directory and Access.Terminology used in DNS are
DIT The Data Information Tree
DN Distinguished Name
RDN Relative Distinguished Name
LDIF LDAP Data Interchange Format
(I) Flowchart:
(II) Algorithm:Files which should be there for creating LDAP directories.
migrate_automount.pl migrate_base.pl
CVSVersionInfo.txt migrate_common.ph
Make.rules migrate_fstab.pl
MigrationTools.spec migrate_group.pl
README migrate_hosts.pl
ads migrate_netgroup.pl
migrate_netgroup_byhost.pl migrate_aliases.pl
migrate_netgroup_byuser.pl migrate_all_netinfo_offline.sh
migrate_networks.pl migrate_all_netinfo_online.sh
migrate_passwd.pl migrate_all_nis_offline.sh
migrate_profile.pl migrate_all_nis_online.sh
migrate_protocols.pl migrate_all_nisplus_offline.sh
migrate_rpc.pl migrate_all_nisplus_online.sh
migrate_services.pl migrate_all_offline.sh
migrate_slapd_conf.pl migrate_all_online.sh
(III) Coding:
The password is generated from the command line as follows
sldappasswd
New password:
Re-enter new password:
{SSHA}XyZmHH1RlnSVXTj87UvxOAOCZA8oxNCT
We next choose the rootdn in /etc/openldap/slapd.conf to be
rootdn "cn=Manager,dc=example,dc=com"
rootpw {SSHA}XyZmHH1RlnSVXTj87UvxOAOCZA8oxNCT
The next line will update the LDAP entries
ldapmodify -f passwd.ldif -x -D “dc=example,dc=com” -W
Enter LDAP Password:
Result: Implementation of DNS, LDAP services has been done.