CSCI 257: Fundamental UNIX System Administration

Class Project for Spring 2003

The goal of the class project is to provide students with practical experience to administer Linux installation and administration on a computer shared with Windows.

Laboratory Assignment 6

ASSIGNMENT DUE: 12:00 NOON, April 9th, 2003.

Assignment Description:

As a system administrator, it is neccessary to manage users and groups to provide different types of access to files.  This assignment will help you to learn the concepts neccessary to do this.  It is also neccessary to write scripts to automate tasks so a scripting assignment is included.

Goal:

The goal of this assignment is to introduce students to managing users and groups to provide different types of file access and script writing.

Objectives:

• Learn how to create users and groups to manage permissions to different files.
• Write scripts to automate tasks.
  

Expected Outcome:

• TURN-IN
• Cover page with YOUR NAME and what Linux distribution and version you are using.
  
• Printout of /etc/passwd, /etc/group, and a long directory listing of the directory you set up with the files, permissions and appropriate ownership as described below.
• NOTE: IF YOUR USER ACCOUNTS DO NOT HAVE NAMES ENDING WITH YOUR INITIALS YOU WILL RECIEVE A ZERO ON THIS ENTIRE LAB ASSIGNMENT (see instructions below).
  
• Printout of text2dos script
• Printout of logr script
  

Managing Users and Groups

• Pretend you work at Corporation XYZ
• At Corp XYZ employees log on to a Linux server and need access to different files.
• Different employees need different access rights.
• Implement the following scenario on your computer
• Create user accounts for some individuals.  For user names use the convention: first initial of the first name followed by that persons last name, followed by an underscore and your initials (since my name is Todd Lisonbee for Sally Black I would create a username sblack_tl, If your name is John Doe then create sblack_jd).  Make sure home directories for all of these users get created and are listed in /etc/passwd, some systems don't do this automatically for you [Note: On Slackware Linux you might want to use the command adduser instead of useradd, on slackware adduser provides a nice script for adding users].
• Create accounts for the following individuals
  
• Sally Black is a manager and part of the sales team
• Linus Torvalds is a programmer
• Martha Stewart works in human resources
• Larry Wall is a programmer and part of the sales team.
• Also create a user called timesh which should have a home directory /home/timesh and a default shell of /sbin/nologin
  
• Now create groups for these users to be in.
• Programmers should be in a group called prog
• Human Resources will need a group called hr
• Managers will need a group called manage
• You will also need a group called sales for the sales team
  
• timesh needs its own group called timesh (this will be created by default when you create the user on some systems, others you will have to create it manually).
• Next add the users you created to the groups you created but first read the following section which describes what kind of access people need to different files.  Some users may need to be in more than one group.  ALSO, DO NOT REMOVE USERS FROM THEIR DEFAULT GROUP (on redhat each user gets a group created for them with the same name, on other systems all users might belong to a default group such as "users").
  
• Now create files in an empty directory somewhere on your filesystem for these users to share
• Create the following empty files: HRdata, prog1.c, newsletter, budget, goals, timesheet.sh, salespitch
• HRdata contains information only people in Human Resources and Management should have read/write access to.
• prog1.c contains a program that only programmers should have read/write access.  Management needs to be able to look at prog1.c to determine progress but shouldn't be able to modify it.  Beyond this it doesn't matter if other people do or don't have read access.
• newsletter is written by employees in HR but read by everyone.  Management also needs to have write access to this file in case they want to make changes.
• budget is written by management but should not be readable by anyone not in that group
• goals states the company goals, it is also written by management but needs to be readable by everyone in the company.
• timesheet.sh is an executeable script that everyone uses to record the hours they worked.  Everyone needs read/execute access to this script, and only programmers should have write access.  This script should be owned by the user timesh and the SETUID bit should be set so that this script is ran with the permissions of timesh
• salespitch should have read/write access to everyone on the sales team but should not be accessible to anyone else.
• Each file should be owned by a member of the group who is in charge of the file (in the case of programmers and the sales team take your pick).
  
• If you aren't sure you can test that everything works right by logging in as these users.
  
• TURN-IN
• Printout of /etc/passwd, /etc/group, and a long directory listing of the directory you set up with the files, permissions and appropriate ownership.
• NOTE: IF YOUR USER ACCOUNTS DO NOT HAVE NAMES ENDING WITH YOUR INITIALS YOU WILL RECIEVE A ZERO ON THIS ENTIRE LAB ASSIGNMENT
  

Text2dos Script

• Write a script called text2dos
• This will have some similarities to the addextension script found in http://www.ecst.csuchico.edu/~toddj/257/scripts/
• This script is for converting text files from unix format to dos format.  It will take one or more arguments (passed on the command line) which are the names of unix style text files and then for each argument it will run the program unix2dos and then add the file extension .txt to all of the files
• When this script is called with the -r option it will do the opposite.  For each argument it will run the command dos2unix and remove the file extension .txt if it exists. (CHANGE: 4-2-2003, I realized I haven't gone over how you could remove a file extention like .txt, you can use the following to remove a .txt extension, first put the name of the file you want to remove the .txt from in a variable called "filename" then   mv $filename ${filename%.txt}    You can see the rabbit script or bash documentation for more explanation).
• If this script is called without any options it should print a usage message.  Additionally if it was called with the -r option but without any file arguments this script should print a usage message.
• I recommend bash but you can use any of the following for implementation sh, ksh, csh, tcsh, zsh, perl.
• Include at least one line of documentation with the name of the script, what it is for, and YOUR NAME
  
• TURN-IN
• a printout of this script
  
• Hints:
• Use a for loop for dealing with a large list of arguments
• Use an IF statement to see if it was called with the -r option
• If it was called with the -r option you will want to use a shift
• Use an IF statement to see if it was called with the right number of arguments
• The JPGtojpg script found in http://www.ecst.csuchico.edu/~toddj/257/scripts/ gives an example of testing for a file extension.
• In unix you rename files with the mv command
  

A simple log rotate script

• Write a script called logr
• This script will take one or more arguments (passed on the command line).  (you have to use a for loop to 
• For each argument it will move that file to filename.1 (adds the .1 extension)
• Next it will compress that file using gzip (gzip will add the additional extension .gz).  Use for "force" option so that this script does not prompt whether or not filename.1.gz should be overwritten on subsequent invocations (read the man page).
• Finally it will create an empty file of the same name
• If this script is called without any arguments print some kind of error message.
• If this script is called with any arguments that do not exist print an error message saying so.
  
• Make sure this script works by actually running it.
• I recommend bash but you can use any of the following for implementation sh, ksh, csh, tcsh, zsh, perl.
• Include at least one line of documentation with the name of the script, what it is for, and YOUR NAME
  
• TURN-IN
• print out of this script.
  
• Some additional explanation
• If I run logr on a file named "somelog" in the same directory as somelog there would now be a file named "somelog.1.gz" and an empty file named "somelog"
• If I run logr * in a directory that contained files a, b and c.  There would now be:
• a.1.gz   (the original file compressed)
• b.1.gz   (the original file compressed)
• c.1.gz   (the original file compressed)
• a   (an empty file)
• b   (an empty file)
• c   (an empty file)
• Hints:
  
• You can use gunzip to decompress .gz files
• You can use the command touch to create empty files (for example, "touch somefile" creates an empty file named "somefile").
• The exists script found in http://www.ecst.csuchico.edu/~toddj/257/scripts/ gives an example of testing for if a file exists.
• Look at the other example scripts I've written to see how to use for loops and if statements.