unix 1

Experiment No 1

Aim: To study basic & user status Unix/Linux Commands.

Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or

512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,

however, it would run, on 200MHz with 64MB of RAM, however. Typical installation

takes about 3GB (will all desktop applications, like Open Office).

Procedure:

Unix

Command

Description

ls List directory contents

cp Copy files

rm Remove directory entries

file Determine file type

find Walk a file hierarchy

which Locate a program file in the user’s

path

whereis Locate programs

gcc, g++ GNU project C and C++ Compiler

gdb The GNU Debugger

less View the contents of a text file

diff Find differences between two files

cmp Compare two files

vi Text editor

chmod Change file modes

man Display the on-line manual pages

mv Move and rename files

ispell Interactive spelling checker

biff Be notified if mail arrives and who it is

from

lpr Print a file

lpq Show the print queue

ftp Transfer a file to another Unix system

logout Quit using the system

pwd Print working directory name

cd Change working directory

ln Make a file link

mkdir Make directories

rmdir Remove directories

chmod Change file modes

quota Display disk usage and limits

history Display a list of recent commands

ps Show the status of processes

kill Stop a running processes

passwd Change your password

alias Create a command alias

unalias Delete a command alias

export Set an environment variable

script Record your terminal session to a file

bg Send a job to the background

fg Bring a job to the foreground

jobs Print a list of current jobs

User Status Command

Finger command is used to lookup information about an user.

2 finger Examples

1. View detail about a particular user

finger command will display login, username, home directory, shell information about a

particular user as shown below.

$ Finger sathiya

Login: sathiya Name: (null)

Directory: /home/sathiya Shell: /bin/bash

On since Mon Nov 1 18:45 (IST) on :0 (messages off)

On since Mon Nov 1 18:46 (IST) on pts/0 from :0.0

New mail received Fri May 7 10:33 2010 (IST)

Unread since Sat Jun 7 12:59 2008 (IST)

No Plan.

2. View login details and Idle status about an user

Can use finger -s option to view the login detail for a particular user.

$ finger -s root

Login Name Tty Idle Login Time Office Office Phone

root root *1 19d Wed 17:45

root root *2 3d Fri 16:53

root root *3 Mon 20:20

root root *ta 2 Tue 15:43

root root *tb 2 Tue 15:44

Syntax and Options

Short Option

Option Description

-s

Display the user’s login name, real name, terminal name and write status

idle time, login time, and either

office location and office phone number, or the remote host.

-p

Prevent the -l option of finger from displaying the contents of

the .forward, .plan, .project and .pubkey

files.

-m

Prevent matching of user names. User is usually a login name; however,

matching will also be done on the users’

real names, unless the -m option is supplied.Display the user’s login name,

real name, terminal name and write

status idle time, login time, and either office location and office phone

number, or the remote host.

-o

When used in conjunction with the -s option, the office location and office

phone information is displayed

instead of the name of the remote host.

Result: Basic & user status commands are known.

Experiment No 2

Aim: Create a file called wlcc.txt with some lines & display how many lines, words &

characters are present in that file.




takes about 3GB (will all desktop applications, like OpenOffice).

Procedure:Algorithm:

1. Input the name of the file.

2. Count the words of the given file.

3. Count the characters of the given file.

4. Count the lines of the given file.

5. Print the result.

Coding:echo Enter the filename

read wlcc.txt

w= ‘cat $wlcc.txt | wc –w’

c= ‘cat $wlcc.txt | wc –c’

l= ‘grep –c “.” $wlcc.txt’

echo Number of characters in $wlcc,txt is $c

echo Number of words in $wlcc,txt is $w

echo Number of lines in $wlcc,txt is $l

Result: Lines, words & characters of given file is known now.

Experiment No 3

Aim: Create a program to find out the inode number of any desired file.





Procedure:Algorithm:

1. Input the name of the file.

2. Count the inode number of the file.

3. Display the result.

Coding:

read fname #file name to be searched.

p=`pwd`

cd /

l=`find -name $fname`

l=`echo $l | ls -i`

set $l

echo "inode is $1"

cd $p

Result: Inode number of a given file is known now.

Experiment No 4

Aim: Study & use of the command for changing file permissions.





Procedure:

Every file or folder in UNIX has access permissions. There are three types of

permissions (what allowed to do with a file):

read access

write access

execute access

Permissions are defined for three types of users:

the owner of the file

the group that the owner belongs to

other users

Thus, UNIX file permissions are nine bits of information (3 types x 3 type of users), each

of them may have just one of two values: allowed or denied.

Simply put, for each file it can be specified who can read or write from/to the file. For

programs or scripts it also can be set if they are allowed to be executed.

2. File permissions notation

2.1. Textual representation like "-rwxr--r--"

It is used in UNIX long directory listings. It consists of 10 characters. The first character

shows the file type. Next 9 characters are permissions, consisting of three groups:

owner, group, others. Each group consists of three symbols: rwx (in this order), if some

permission is denied, then a dash "-" is used instead. Example:

-rwxr--r--

0123456789

Symbol in the position 0 ("-")is the type of the file. It is either "d" if the item is a

directory, or "l" if it is a link, or "-" if the item is a regular file.

Symbols in positions 1 to 3 ("rwx") are permissions for the owner of the file.

Symbols in positions 4 to 6 ("r--") are permissions for the group.

Symbols in positions 7 to 9 ("r--") are permissions for others.

r Read access is allowed

w Write access is allowed

x Execute access is allowed

- Replaces "r", "w" or "x" if according access type is denied

2.1.1. Examples

-rwxr-xr-x

File,

owner has read, write, execute permissions,

group: only read and execute permissions,

others: only read and execute permissions.

dr-x------

Directory,

owner has read and execute access,

group and others have no access

2.2. Numeric (octal) representation like "644"

If a numeric representation is used (like in chmod command, for example), then it is

in the octal format (with the base of 8), and digits involved are 0 to 7. Octal format is

used for the simplicity of understanding: every octal digit combines read, write and

execute permissions together. Respective access rights for owner, group and others

(in this order) are the last three digits of the numeric file permissions representation.

Example: "0644". Here the second digit ("6" in the example) stands for rights of the

owner, the third digit ("4" in the example) stands for rights of the group, the fourth digit

("4" in the example) stands for rights of others.

This table shows what numeric values mean:

Octal digit Text equivalent Binary value Meaning

0 --- 000 All types of access are denied

1 --x 001 Execute access is allowed only

2 -w- 010 Write access is allowed only

http://www.zzee.com/solutions/chmod-help.shtml



3 -wx 011 Write and execute access are allowed

4 r-- 100 Read access is allowed only

5 r-x 101 Read and execute access are allowed

6 rw- 110 Read and write access are allowed

7 rwx 111 Everything is allowed

We see that "1" stands for execute only, "2" stands for write only, "4" stands for read

only. To combine the permissions you can simply add 1, 2 and 4 to get a needed

combination. For instance, to get read and write permissions, you add 4 (read) and 2

(write), thus getting 6 (read and write). To get read and execute permissions, you add 4

(read) and 1 (execute), thus getting 5 (read and execute).

2.2.1. Examples

644owner: read and write permissions,

group: only read permissions,

others: only read permissions.

755owner: read, write and execute permissions,

group: read and execute permissions,

others: read and execute permissions.

2.2.2. Why there is a leading zero?

In programming, for instance, in C language, leading zero means that the value is in the

octal format. Basically, it can be omitted. Owner, group and others rights are the last

three digits of the permissions.

2.2.3. Four meaningful digits like "4755"

There are cases when you may come across four non-zero digits, in this case the first

meaningful (non-zero) digit combines the following bits (in this order, high to low): SUID,

SGID, sticky bit. We also know that the last three are for owner, group and others.

See this table for more information about SUID and so on.

http://www.zzee.com/solutions/unix-permissions.shtml#setuid













3. Difference in access permissions for files and folders

Access permissions for files and folders mean different things from the user standpoint.

The table below shows the difference.

Access type

File Folder

ReadIf the file contents can be

readIf the directory listing can be obtained

Write

If user or process can

write to the file (change

its contents)

If user or process can change directory contents

somehow: create new or delete existing files in

the directory or rename files.

Execute If the file can be executed

If user or process can access the directory, that

is, go to it (make it to be the current working

directory)

4. Permissions required for web server

Web server assigns the rights of the web-server-specific user, typically user "nobody",

to the connected web client, as if "nobody" is connected to the web server. "Nobody"

doesn't belong to your group and thus it inherits permissions that "others" have to your

files.

For generic files such as html or images, etc you usually need to set 644

permissions. It is because "nobody" needs to read the file, and thus the file

should be readable by others, hence 4 (read only) permissions for both group

and others. For yourself you need a right to read and write (hence 6) to the file.

For scripts you need 755 rights. The script should be executable by "nobody".

The script file should also be readable by "nobody", as the file is interpreted

by an interpreter such as Perl and therefore must be readable. Thus it must

combine read and execute permissions for "others", as "nobody" belongs

to "others" group. For yourself you need to have also write access, getting 755 as

a result.

5. Permissions set for FTP-uploaded files

When upload files to your web hosting accounts, you become the owner of the files.

Usually, by default files get 644 permissions, and depending on provider's FTP server

configuration they may get different permissions in different situations. Also can change

the file permissions with FTP client or by executing a chmod command in telnet.

6. Set user ID, set group ID, sticky bit

In addition to the basic permissions discussed above, there are also three bits of

information defined for files in UNIX:

SUID or setuid: change user ID on execution. If setuid bit is set, when the file

will be executed by a user, the process will have the same rights as the owner of

the file being executed.

SGID or setgid: change group ID on execution. Same as above, but inherits

rights of the group of the owner of the file. For directories it also may mean that

when a new file is created in the directory it will inherit the group of the directory

(and not of the user who created the file).

Sticky bit. It was used to trigger process to "stick" in memory after it is finished,

now this usage is obsolete. Currently its use is system dependant and it is mostly

used to suppress deletion of the files that belong to other users in the folder

where we have "write" access to.

6.1. Numeric representation

Octal digit Binary value Meaning

0 000 setuid, setgid, sticky bits are cleared

1 001 sticky bit is set

http://www.zzee.com/solutions/chmod-help.shtml#ftp






2 010 setgid bit is set

3 011 setgid and sticky bits are set

4 100 setuid bit is set

5 101 setuid and sticky bits are set

6 110 setuid and setgid bits are set

7 111 setuid, setgid, sticky bits are set

6.2. Textual representation

SUID

If set, then replaces "x" in the owner permissions to "s", if owner has execute

permissions, or to "S" otherwise. Examples:

-rws------ both owner execute and SUID are set

-r-S------ SUID is set, but owner execute is not set

SGID

If set, then replaces "x" in the group permissions to "s", if group has execute

permissions, or to "S" otherwise. Examples:

-rwxrws--- both group execute and SGID are set

-rwxr-S--- SGID is set, but group execute is not set

Sticky

If set, then replaces "x" in the others permissions to "t", if others have execute

permissions, or to "T" otherwise. Examples:

-rwxrwxrwt both others execute and sticky bit are set

-rwxrwxr-T sticky bit is set, but others execute is not set

1. What is a chmod command?

Chmod command sets UNIX file permissions. First you need to telnet or SSH to the

target computer, then in the command prompt you need to execute a chmod command.

Also can set the permissions with the help of other programs, such as FTP client.

2. Syntax and examples of the shell chmod command (telnet or SSH)

http://www.zzee.com/solutions/unix-permissions.shtml





http://www.zzee.com/webmaster-ftp/



Syntax of the chmod command is the following:

prompt> chmod [options] permissions file[s]

The word "chmod" should be entered all in lowercase letters. Options can be:

-R, set permissions recursively

-f, "forced" or silent mode

-v, "verbose", show information for every file processed

-c, show information only if changes are made to the file

Permissions could be one of the following:

Octal numeric format, with a leading zero like "0644"

Octal numeric format, without a leading zero like "644"

Text form like "a+r", "u=rwx" or "o-w", you can use several comma separated text

form permissions

File[s] can be either

relative path to the file like "file.pl"

absolute path to the file like "/var/spool/mail/paul"

several space separated files like "file.pl /var/spool/mail/paul"

file name mask like "*.html" or "*"

What text permissions values mean:

uSets permissions for the owner of the file, e.g.: "u+w" allows the owner to write to the

file

gSets permissions for the group (to which owner belongs), e.g. "g-x" suppresses the

execution of the file by the group

oSets permissions for other users (that are not in group), e.g.: "o=r" allows others only

to read the file

aSets permissions for all (owner, group and others), e.g.: "a-w" disables write access to

the file for everyone

=Assigns the permissions, e.g. "a=rw", sets read and write permissions and disables

execution for all

-Removes certain thing[s] from the permissions, keeping all other (not involved)

permissions. E.g. "a-x" disables execution of the file for everyone, this example

doesn't touch read and write permissions.

+Adds certain thing[s] to the permissions, keeping all other (not involved) permissions.

E.g. "a+x" allows execution of the file for everyone, this example doesn't touch read

and write permissions.

r Sets read permissions

w Sets write permissions

x Sets execute permissions

t Sets sticky bit, e.g. "o+t" sets sticky bit for a file

s Sets SUID or SGID. E.g.: "u+s" sets SUID, "g+s" sets SGID.

2.1. Examples

Here are the examples of the chmod command. All commands do the same thing,

except that the first four set SUID & SGID and sticky bits to zero and the last two don't

touch SUID & SGID and sticky bits:

prompt> chmod 0755 script.sh

prompt> chmod 755 script.sh

prompt> chmod u=rwx,g=rx,o=rx script.sh

prompt> chmod u=rwx,go=rx script.sh

prompt> chmod u+rwx,g+rx,g-w,o+rx,o-w script.sh

prompt> chmod u+rwx,go+rx,go-w script.sh

This example performs recursive chmod for the directory:

prompt> chmod -R 755 mydirectory.

Result: File changing permissions are studied now.

Experiment No 5

Aim: Execute shell commands through vi editor.

Hardware Reuirement: Desktop requirements are higher, but 600MHz with 256 or




Procedure:Linux is developed under the GNU Public License. This is sometimes referred to as

a "copyleft", to distinguish it from a copyright.

Under GPL the source code is available to anyone who wants it, and can be freely

modified, developed, and so forth. There are only a few restrictions on the use of the

code. If you make changes to the programs , you have to make those changes available

to everyone. This basically means you can't take the Linux source code, make a few

changes, and then sell your modified version without making the source code available.

Common vi editor command list

For this Purpose Use this vi Command Syntax

To insert new textesc + i ( You have to press 'escape' key

then 'i')

To save fileesc + : + w (Press 'escape' key then 'colon'

and finally 'w')

To save file with file name (save as) esc + : + w "filename"

To quit the vi editor esc + : + q

To quit without saving esc + : + q!

To save and quit vi editor esc + : + wq

To search for specified word in forward

direction

esc + /word (Press 'escape' key, type /word-

to-find, for e.g. to find word 'shri', type as

/shri)

To continue with search n

To search for specified word in backward

direction

esc + ?word (Press 'escape' key, type word-

to-find)

To copy the line where cursor is located esc + yy

To paste the text just deleted or copied at

the cursoresc + p

To delete entire line where cursor is located esc + dd

To delete word from cursor position esc + dw

To Find all occurrence of given word and

Replace then globally without confirmation

esc + :$s/word-to-find/word-to-replace/g

For. e.g. :$s/mumbai/pune/g

Here word "mumbai" is replace with "pune"

To Find all occurrence of given word and

Replace then globally with confirmationesc + :$s/word-to-find/word-to-replace/cg

To run shell command like ls, cp or date etc

within vi

esc + :!shell-command

For e.g. :!pwd

How Shell Locates the file

To run script, one need to have in the same directory where the creator created its

script, if he are in different directory your script will not run (because of path settings),

For e.g.. Home directory is ( use $ pwd to see current working directory) /home/vivek.

Then the creator created one script called 'first', after creation of this script he moved

to some other directory lets say /home/vivek/Letters/Personal, Now if he try to execute

its script it will not run, since script 'first' is in /home/vivek directory, to overcome this

problem there are two ways first, specify complete path of creator script when ever he

want to run it from other directories like giving following command

$ /bin/sh /home/vivek/first

Now every time you have to give all this detailed as you work in other directory, this take

time and you have to remember complete path.

There is another way, if you notice that all of our programs (in form of executable files)

are marked as executable and can be directly executed from prompt from any directory.

(To see executables of our normal program give command $ ls -l /bin ) By typing

commands like

$ bc $ cc myprg.c $ cal etc, How its possible? All our executables files are installed in directory called /bin and

/bin directory is set in your PATH setting, Now when you type name of any command

at $ prompt, what shell do is it first look that command in its internal part (called as

internal command, which is part of Shell itself, and always available to execute), if found

as internal command shell will execute it, If not found It will look for current directory,

if found shell will execute command from current directory, if not found, then Shell will

Look PATH setting, and try to find our requested commands executable file in all of the

directories mentioned in PATH settings, if found it will execute it, otherwise it will give

message "bash: xxxx :command not found", Still there is one question remain can I run

my shell script same as these executables?, Yes you can, for this purpose create bin

directory in your home directory and then copy your tested version of shell script to this

bin directory. After this you can run you script as executable file without using command

like $ /bin/sh /home/vivek/first Command to create you own bin directory.

$ cd $ mkdir bin $ cp first ~/bin $ first

Each of above commands can be explained as follows:

Each of above command Explanation

$ cd Go to your home directory

$ mkdir bin

Now created bin directory, to install your

own shell script, so that script can be run as

independent program or can be accessed

from any directory

$ cp first ~/bin copy your script 'first' to your bin directory

$ firstTest whether script is running or not (It will

run)

Now consider following command

$($ echo 'expr 6 + 3')

The command ($ echo 'expr 6 + 3') is know as Parameter substitution. When a

command is enclosed in backquotes, the command get executed and we will get output.

Mostly this is used in conjunction with other commands. For e.g.

$pwd $cp /mnt/cdrom/lsoft/samba*.rmp `pwd`

Now suppose we are working in directory called "/home/vivek/soft/artical/linux/lsst" and

I want to copy some samba files from "/mnt/cdrom/lsoft" to my current working directory,

then my command will be something like

$cp /mnt/cdrom/lsoft/samba*.rmp /home/vivek/soft/artical/linux/lsst

Instead of giving above command I can give command as follows

$cp /mnt/cdrom/lsoft/samba*.rmp `pwd`

Here file is copied to your working directory. See the last Parameter substitution of

`pwd` command, expand it self to /home/vivek/soft/artical/linux/lsst. This will save my

time. $cp /mnt/cdrom/lsoft/samba*.rmp `pwd`

Result: Shell commands are executed through vi editor.

Experiment NO: 6

Aim: To write a shell script that accepts any number of arguments and print them in reverse

order.

Hardware & Software requirement: Desktop requirements are higher, but 600MHz with

256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,

however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about

3GB (will all desktop applications, like OpenOffice).

Theory: A shell script is a script written for the shell, or command line interpreter, of an

operating system. It is often considered a simple domain-specific programming language.

Typical operations performed by shell scripts include file manipulation, program execution, and

printing text.

Many shell script interpreters double as command line interface, such as the various Unix

shells, Windows PowerShell or the MS-DOS COMMAND.COM. Others, such as AppleScript

or the graphical Windows Script Host (WScript.exe), add scripting capability to computing

environments without requiring a command line interface. Other examples of programming

languages primarily intended for shell scripting include DCL and. JCL.

Procedure: I. Flowchart:

http://en.wikipedia.org/wiki/Programming_language





http://en.wikipedia.org/wiki/DIGITAL_Command_Language

http://en.wikipedia.org/wiki/DIGITAL_Command_Language

http://en.wikipedia.org/wiki/Job_Control_Language

http://en.wikipedia.org/wiki/Job_Control_Language

(II) Algorithm: text = raw_input("Enter the string: ")

print "Reversed string: " + reverseIt(text)

def reverseIt(theStr):

revStr = "" # initially the reversed string is empty

# loop through theStr backwards, adding each character to revStr

for i in range(len(theStr)-1, -1, -1):

revStr += theStr[i]

# return the reversed string from the function

return revStr+

(III) Coding:

echo enter any number

read n

rev=0

sd=0

while [ $n -gt 0 ]

do

sd=èxpr $n % 10`

rev=èxpr $rev \* 10 + $sd`

n=èxpr $n / 10`

done

echo "reverse number is $rev"

Result: shell script that accepts any number of arguments and print them in reverse has been

written.

Experiment NO: 7 Aim: To write a shell script to find the smallest of three numbers that are read from the

keyboard.

Hardware & Software requirement:: Desktop requirements are higher, but 600MHz with




Theory: Shell scripts allow several commands that would be entered manually at a command

line interface to be executed automatically, and without having to wait for a user to trigger each

stage of the sequence. For example, in a directory with three C source code files, rather than

manually running the four commands required to build the final program from them, one could

instead create a C shell script, here named build and kept in the directory with them, which

would compile them automatically.The script would allow a user to save the file being edited,

pause the editor, and then just run ./build to create the updated program, test it, and then return

to the editor. Since the 1980s or so, however, scripts of this type have been replaced with

utilities like make which are specialized for building programs.

Procedure:I. Flowchart:

http://en.wikipedia.org/wiki/C_shell




http://en.wikipedia.org/wiki/Make_%28software%29

http://en.wikipedia.org/wiki/Make_%28software%29

(II) Algorithm:Input: a,b,c

Output: small; smallest element in the sequence a,b,c

Input values

Small = a

If b < small, then small = b

If c < small, then small = c

(III) Coding:echo Enter 3 numbers with spaces in between

read a b c

s=$a

if [ $b -lt $s ]

then

s=$b

fi

if [ $c -lt $s ]

then

s=$c

fi

echo Smallest of $a $b $c is $s

Result: shell script to find the smallest of three numbers that are read from the keyboard

hasbeen written.

Experiment NO: 8 Aim: Installation,configuration and customizations of Unix/Linux

Hardware & Software requirement:: Desktop requirements are higher, but 600MHz with




Theory: There are two types of Gridgen installations: a First Time Installation and a

Maintenance Release Installation.

• A First Time Installation involves extracting both Gridgen and its license managers from a CD

and is performed

by new users who are using Gridgen for the first time or by existing Gridgen users when a new,

major Gridgen version is released.

• A Maintenance Release Installation involves replacing your current Gridgen executable

program files with

the latest Gridgen executable files. You obtain the latest Gridgen executable either by

downloading them

from Pointwise’s ftp site or from a CD.

A typical Gridgen installation will result in the following layout of data (approximately 200

MBytes) in the

gridgen_home_path directory:

• doc/ - This directory contains the Gridgen User Manual, Glyph Reference Manual, Tutorial

Workbook,

and Gridgen Release Notes and Installation Instructions in PDF and HTML formats in the PDF/

and

Help/ subdirectories respectively. PDF files may be viewed and printed using Adobe Acrobat

Reader.

HTML files may be viewed by pressing Help within Gridgen.

• examples/ - This directory contains Gridgen (.gg), database, and Glyph script (.glf) files for

tutorials

and other examples of Gridgen usage.

hw/ - There is not a directory actually named hw. It is included here in a generic sense to

represent the specific

hardware brand(s) of computer on which you will install Gridgen and its license managers.

Instead of

hw you may see directories called sgi65, sun, hp, and linux. Hardware brand specific files for

the

license managers, library files, and executables will be contained here within subdirectories.

• licenses/ - This directory is where we strongly recommend that you install your license file.

• utils/ - This directory contains Glyph scripts that perform various utility functions.

• gridgen - This file is Gridgen’s Launch Script.

• LICENSE_CONTROL.SH - This file is Gridgen License Control Script.

Like many things in Unix, there are hundreds and hundreds of customizations you could

possibly make.

In order to make a customization, you need to first know exactly what you can change.

Dot files

Files for customization usually start with a "." (period). These files are sometimes called "dot

files." These files are checked when you log in to your account or start up a session at the Unix

shell.

You can find what dot files you have in your home directory by this list command:

$ ls -a

. .cshrc .history .plan cmc-html store

.. .forward .pinerc bin public_html

$

The dot files you need to change depend on which shell you are using and which application

programs you are using.

You can find out what shell you are using like this:

$ echo $SHELL

/bin/csh

$

Kinds of customizations in dot files

When you customize your account in a dot file, you usually are altering or setting the value of

some variable. These variables might be:

1. Environment variables that exist system-wide and are used by Unix to function for you.

2. Use the Unix env command to look at these.

3. You can use the Unix setenv command to set the values of these right at the shell

prompt, or you can use the setenv command within the proper dot file to set these

environment variables.

4. Check out this list of environment variables (in Appendix II, about two-thirds down the

page).

5. Variables you create, also called "aliases." These aliases are a way that you can create

shortcut names for commands or other things that you might want to use on a command

line.

(II) Algorithm:The Install Script performs many tasks:

1. Extracts Gridgen’s files from the CD

2. Extracts the license managers files from the CD

3. Generates your host ID and host name

4. Imports your Gridgen license file

5. Starts, stops, or queries the FLEXlm license server (uses the daemon lmgrd)

If you have licensed an NCR, the install script can also perform these additional tasks:

6. Generates your NCR host ID

7. Imports your NCR license file

8. Starts, stops, or queries the NCR license server

You are responsible for reporting the host ID and host name to us between tasks 3 and 4. For

users with a

licensed NCR, the NCR host ID (task 6) must be reported in addition to the Gridgen host ID and

hostname to

receive an appropriate license file.

(III) Coding: When first started the Install Script’s main menu will be displayed.

Enter key.

This first prompt is for the directory into which Gridgen will be installed. This directory is

Gridgen’s home

directory, called gridgen_home_path for short. The default installation directory is /usr/local/

gridgen

but you are free to choose any existing directory for which you have write privilege. Note: If your

server is an SGI Prism workstation, the installation directory should be created under /home.

The installation

directory must exist before you enter its name here or else the Install Script will exit.

Configuration

Company / developer GNU Project, Linus Torvalds and many

others

Programmed in Assembly language, C

OS family Unix-like

Working state Current

Source model Free and open source software

Latest stable release 2.6.39.2 (23 June 2011; 7 days ago

(2011-06-23))[2] [+/−]

Latest unstable release 3.0-rc5 (28 June 2011; 2 days ago

(2011-06-28))[3] [+/−]

Marketing target Desktops, servers, embedded devices

Available language(s) Multilingual

Available programming languages(s) Many

Supported platforms DEC Alpha, ARM, AVR32, Blackfin,

ETRAX CRIS, FR-V, H8/300, Itanium,

M32R, m68k, Microblaze, MIPS,

MN103, PA-RISC, PowerPC, s390,

S+core, SuperH, SPARC, TILE64,

Unicore32, x86, Xtensa

Kernel type Monolithic

Userland GNU and others

Default user interface Graphical (X Window System) and

command-line interface

License Various including GNU General Public

License, BSD License, Apache License,

MIT License, and others[4]

Result: Installation,configuration and customizations of Unix/Linux has been done.

Experiment NO: 9 Aim: Study and installation of Firewall and Proxy server

Hardware requirement: 1. a 486-DX66 with 32 meg of memory

2. a 250m hard disk (500 recommended)

3. network connections (LAN Cards, Serial Ports, Wireless?)

4. monitor and keyboard

With some systems by using a serial port console, you can even eliminate the monitor and

keyboard.

If you need a proxy server that will handle lots of traffic, you should get the largest system you

can afford. This is because for every user that connects to the system it will be creating another

process. If you will have 50 or more concurrent users I'm guessing you will need:

1. a Pentium II with 64meg of memory

2. a two gig hard disk to store all the logs

3. two network connections

4. monitor and keyboard

The network connections can be any type (NIC cards, ISDN, even modems).

Software requirement:● Selecting a Kernel

● Selecting a proxy server

To create a filtering firewall, you don't need any special software. Linux will do

If you want to setup a proxy server you will need one of these packages.

1. Squid

2. The TIS Firewall Toolkit (FWTK)

3. SOCKS

Theory: Internet firewalls are intended to keep the flames of Internet hell out of your private

LAN. Or, to keep the members of your LAN pure and chaste by denying them access the all the

evil Internet temptations. ;-)

The first computer firewall was a non-routing Unix host with connections to two different

networks. One network card connected to the Internet and the other to the private LAN. To

reach the Internet from the private network, you had to logon to the firewall (Unix) server. You

then used the resources of the system to access the Internet. For example, you could use X-

windows to run Netscape's browser on the firewall system and have the display on your work

station. With the browser running on the firewall it has access to both networks.

There are two types of firewalls.

1. Filtering Firewalls - that block selected network packets.

2. Proxy Servers (sometimes called firewalls) - that make network connections for you.

A proxy server is one that receives requests intended for another server and that acts on the

behalf of the client (as the client proxy) to obtain the requested service. A proxy server is often

used when the client and the server are incompatible for direct connection. For example, the

client may be unable to meet the security authentication requirements of the server but may

be required to access some services. It may also be used for screening purposes to enable

the administrator to control access to undesirable sites. The proxy server may also be used for

caching purposes which enables faster access to frequently used websites. All the computers

connected to the LAN access the Internet through a single IP address which results in improved

security simply because the number of ports exposed is reduced.

Proxy servers work on the seventh layer (the Application Layer) of the OSI model thus tending

to be application dependent unlike firewalls that work at lower layers. They are also more

difficult to install and maintain than firewalls, as proxy functionality for each application protocol

like HTTP, SMTP, or SOCKS must be configured individually. However, a properly configured

proxy server improves network security and performance. Since proxy servers function at the

OSI Application layer, their filtering capabilities are relatively intelligent. For example, proxy web

servers can check the URL (Uniform Resource Locator) of outgoing requests for Web pages by

inspecting HTTP GET and POST messages. Using this feature, network administrators can bar

access to illegal domains but allow access to other sites. Ordinary firewalls, in contrast, cannot

see Web domain names inside those messages. Likewise for incoming data traffic, ordinary

routers can filter by port number or network address, but proxy servers can also filter based on

application content inside the messages.

Linux ipchains is a rewrite of the Linux IPv4 firewalling code and a rewrite of ipfwadm, which

was a rewrite of BSD's ipfw.

Procedure: (I) Flowchart:

(II) Algorithm:

1. Install the TCP/IP protocol on all systems connected to the network.

2. Run the Install Wizard. The first screen is the product registration screen which require

you to enter the product key.

3. The next two screens require information about your Internet connection. Select the type

of connection and the name of your connection.

4. Enter the username and password of the Internet connection to be used.

5. WinProxy then configures the internal and external IP addresses. It automatically

assigns a unique address to each device on the LAN as internal addresses. The IP

address assigned to the modem/router by your ISP is taken as the external address.

6. WinProxy then prompts you to disconnect from the Internet if you are already connected.

7. In the final step WinProxy works through all the steps and verifies that all operations

have been performed properly.

The operations to work on entire chains are;

1. Create a new chain (-N).

2. Delete an empty chain (-X).

3. Change the policy for a built-in chain. (-P).

4. List the rules in a chain (-L).

5. Flush the rules out of a chain (-F).

6. Zero the packet and byte counters on all rules in a chain (-Z).

There are several ways to manipulate rules inside a chain:

1. Append a new rule to a chain (-A).

2. Insert a new rule at some position in a chain (-I).

3. Replace a rule at some position in a chain (-R).

4. Delete a rule at some position in a chain (-D).

5. Delete the first rule that matches in a chain (-D).

There are a few operations for masquerading, which are in ipchains for want of a good place to

put them:

1. List the currently masqueraded connections (-M -L).

2. Set masquerading timeout values (-M -S).

There are some timing issues involved in altering firewall rules.

A simplistic approach is to do the following coding.

(III) Coding: # ipchains -I input 1 -j DENY

# ipchains -I output 1 -j DENY

# ipchains -I forward 1 -j DENY

... make changes ...

# ipchains -D input 1

# ipchains -D output 1

# ipchains -D forward 1

#

Here a duplicate of the above firewall rules in IPChains.

#!/bin/sh

#

# rc.firewall

#

## Flush everything, start from scratch

/sbin/ipchains -F input

/sbin/ipchains -F output

/sbin/ipchains -F forward

## Redirect for HTTP Transparent Proxy

#$IPCHAINS -A input -p tcp -s 192.1.2.0/24 -d 0.0.0.0/0 80 -j REDIRECT 8080

## Create your own chain

/sbin/ipchains -N my-chain

# Allow email to got to the server

/sbin/ipchains -A my-chain -s 0.0.0.0/0 smtp -d 192.1.2.10 1024:-j ACCEPT

# Allow email connections to outside email servers

/sbin/ipchains -A my-chain -s 192.1.2.10 -d 0.0.0.0/0 smtp -j ACCEPT

# Allow Web connections to your Web Server

/sbin/ipchains -A my-chain -s 0.0.0.0/0 www -d 192.1.2.11 1024: -j ACCEPT

# Allow Web connections to outside Web Server

/sbin/ipchains -A my-chain -s 192.1.2.0/24 1024: -d 0.0.0.0/0 www -j ACCEPT

# Allow DNS traffic

/sbin/ipchains -A my-chain -p UDP -s 0.0.0.0/0 dns -d 192.1.2.0/24 -j ACCEPT

## If you are using masquerading

# don't masq internal-internal traffic

/sbin/ipchains -A forward -s 192.1.2.0/24 -d 192.1.2.0/24 -j ACCEPT

# don't masq external interface direct

/sbin/ipchains -A forward -s 24.94.1.0/24 -d 0.0.0.0/0 -j ACCEPT

# masquerade all internal IP's going outside

/sbin/ipchains -A forward -s 192.1.2.0/24 -d 0.0.0.0/0 -j MASQ

## Deny everything else

/sbin/ipchains -P my-chain input DENY

Result: Study and installation of Firewall and Proxy server has been done.

Experiment NO: 10 Aim: Implementation of DNS, LDAP services

Theory: DNS assists in assigning an IP address to one or more names and assigning a name to an IP

address. In Linux, this conversion is usually carried out by a special type of software known

as bind. The machine that takes care of this conversion is called a name server. The names

make up a hierarchical system in which each name component is separated by dots. The name

hierarchy is, however, independent of the IP address hierarchy described above.

Consider a complete name, such as earth.example.com , written in the format

hostname.domain. A full name, referred to as a fully qualified domain name (FQDN), consists of

a hostname and a domain name (example.com). The latter also includes the top level domain

or TLD (com). TLD assignment has become quite confusing for historical reasons. Traditionally,

three letter domain names are used in the USA. In the rest of the world, the two-letter ISO

national codes are the standard. In addition to that, longer TLDs were introduced in 2000 that

represent certain spheres of activity (for example, .info, .name, .museum). In the early days of

the Internet (before 1990), the file /etc/hosts was used to store the names of all the machines

represented over the Internet. This quickly proved to be impractical in the face of the rapidly

growing number of computers connected to the Internet. For this reason, a decentralized

database was developed to store the hostnames in a widely distributed manner. This database,

similar to the name server, does not have the data pertaining to all hosts in the Internet readily

available, but can dispatch requests to other name servers.

The top of the hierarchy is occupied by root name servers. These root name servers manage

the top level domains and are run by the Network Information Center (NIC). Each root name

server knows about the name servers responsible for a given top level domain. Information

about top level domain NICs is available at http://www.internic.net. DNS can do more than just

resolve hostnames. The name server also knows which host is receiving e-mails for an entire

domain—the mail exchanger (MX). For your machine to resolve an IP address, it must know

about at least one name server and its IP address. Setting up a DNS Server

One can use the named-bootconf.pl utility to convert old configuration files.

The /etc/named.boot file:

directory /var/named

cache . named.ca

primary myco.org named.myco

primary 0.0.127.in-addr.arp named.local

primary 1.168.192.in-addr.arp named.rev

The first line defines the base directory to be used. The name.ca file will contain a list of DNS

IP addresses for querying external addresses. The third line is optional and contains records for

the local LAN. The two next entries are for reverse lookups.

LDAP stands for Lightweight Directory Access Protocol. The protocol allows access to data

in a tree-like structure using attributes. LDAP can be thought of as a specialised database

which handles trees. Since directories are also trees, navigating LDAP fields is like navigating

a directory. Added to this LDAP has been designed mainly for optimal access. This clarifies the

words Directory and Access.Terminology used in DNS are

DIT The Data Information Tree

DN Distinguished Name

RDN Relative Distinguished Name

LDIF LDAP Data Interchange Format

(I) Flowchart:

(II) Algorithm:Files which should be there for creating LDAP directories.

migrate_automount.pl migrate_base.pl

CVSVersionInfo.txt migrate_common.ph

Make.rules migrate_fstab.pl

MigrationTools.spec migrate_group.pl

README migrate_hosts.pl

ads migrate_netgroup.pl

migrate_netgroup_byhost.pl migrate_aliases.pl

migrate_netgroup_byuser.pl migrate_all_netinfo_offline.sh

migrate_networks.pl migrate_all_netinfo_online.sh

migrate_passwd.pl migrate_all_nis_offline.sh

migrate_profile.pl migrate_all_nis_online.sh

migrate_protocols.pl migrate_all_nisplus_offline.sh

migrate_rpc.pl migrate_all_nisplus_online.sh

migrate_services.pl migrate_all_offline.sh

migrate_slapd_conf.pl migrate_all_online.sh

(III) Coding:

The password is generated from the command line as follows

sldappasswd

New password:

Re-enter new password:

{SSHA}XyZmHH1RlnSVXTj87UvxOAOCZA8oxNCT

We next choose the rootdn in /etc/openldap/slapd.conf to be

rootdn "cn=Manager,dc=example,dc=com"

rootpw {SSHA}XyZmHH1RlnSVXTj87UvxOAOCZA8oxNCT

The next line will update the LDAP entries

ldapmodify -f passwd.ldif -x -D “dc=example,dc=com” -W

Enter LDAP Password:

Result: Implementation of DNS, LDAP services has been done.

unix 1

Documents

text file

program file

file link

file type

file hierarchy

desired file

words characters of

changing file permissions