System Administration HW5 - Micro Computer Center. yihshih / lctseng

Similar documents
Network Information Service

Sharing System Files

SRT210. The Pragmetic art of Administration. NIS Server. Raymond Chan

Project #3: Implementing NIS

IT341 Introduction to System Administration Project II Configuring and Using a LAN

About Backup and Restore, on page 1 Supported Backup and Restore Procedures, on page 3

Configuration Management - Using Puppet. lctseng / Liang-Chi Tseng

Cluster Computing Spring 2004 Paul A. Farrell 4/25/2006. Dept of Computer Science Kent State University 1. Configuring & Tuning Cluster Networks

Maintenance of /etc/fstab in large network Crashed NFS server will make operation blocked

User Management. lctseng

FreeBSD Security Advisories

Installing Applications in FreeBSD. wengyc

Network Protocols What is a stateless Network Protocol?

Computer Center, CS, NCTU. Outline. FreeBSD version 9.0-RELEASE 9.1-RC1. Installing FreeBSD. From CD-ROM From USB

Computer System Administration Homework 3 File Server. fchsieh / zswu

FreeBSD Security Advisories

OPS535. NFS Servers and Clients. Advanced TCP/IP Network Administration. Raymond Chan Seneca College of Applied Technology

Network File System Andrew File System NetWare Core Protocol Server Message Block Common Internet File System

Computer Center, CS, NCTU

Lab #9: Configuring A Linux File Server

Parallel Panther Beowulf Cluster

Some Practical Matters. Introduction to Unix. What's Our Goal? Linux!= UNIX

If you had a freshly generated image from an LCI instructor, make sure to set the hostnames again:

Aliases are set manually or in a login script. Aliases that were set manually will be gone the next time you login.

The Network File System

Bull. AIX 5L Network Information Services (NIS and NIS+) Guide AIX ORDER REFERENCE 86 A2 56EM 01

DELL EMC UNITY: DR ACCESS AND TESTING. Dell EMC Unity OE 4.5

ITDUMPS QUESTION & ANSWER. Accurate study guides, High passing rate! IT dumps provides update free of charge in one year!

RedHat Certified Engineer

BPPM Patrol Agent Installation Steps on Linux and Automation Integration

Linux Essentials Objectives Topics:

Technical White Paper NetBackup 8.1 and later. NetBackup in the AWS Cloud: Required setup to use Amazon EFS as the NetBackup CloudCatalyst cache

LAB #7 Linux Tutorial

User & Group Administration

DELL EMC UNITY: DR ACCESS AND TESTING. Dell EMC Unity OE 4.3

Users, Groups and Permission in Linux

Introduction to the Linux Command Line

ITDumpsKR. IT 인증시험한방에패스시키는최신버전시험대비덤프

Mounting and Unmounting the CD-ROM

Computer Systems and Architecture

Chapter 6 Adding New Users

Getting Started Guide. Installation and Setup Instructions. For version Copyright 2009 Code 42 Software, Inc. All rights reserved

CompTIA Linux Course Overview. Prerequisites/Audience. Course Outline. Exam Code: XK0-002 Course Length: 5 Days

System Administration HW3

Welcome to getting started with Ubuntu Server. This System Administrator Manual. guide to be simple to follow, with step by step instructions

Centurion Technologies

HANDS UP IF YOU DON T HAVE A VM OR IF YOU DON T REMEMBER YOUR PASSWORDS. Or something broke

Outline. UNIX security ideas Users and groups File protection Setting temporary privileges. Examples. Permission bits Program language components

Introduction to FreeBSD (Additional Material)

FreeBSD Security Advisories (1)

LENS Server Maintenance Guide JZ 2017/07/28

Display Modules (DL-DM) Application Developer's Guide

The Network File System

Manually Mount Samba Share Ubuntu Server Automount

Network Monitoring & Management. A few Linux basics

CS197U: A Hands on Introduction to Unix

1. Add these options in kernel configuration file and recompile the kernel

AppWizard Installation/Upgrade Guide (v.4.00)

Linux Administration

HP-UX System Administration

Exercise Sheet 2. (Classifications of Operating Systems)

The TinyHPC Cluster. Mukarram Ahmad. Abstract

Commands are in black

Solaris 9 Mount Cdrom Manually

Project #4: Implementing NFS

SUN SOLARIS. Course Catalog

Univa Grid Engine Troubleshooting Quick Reference

1Z Oracle Linux Fundamentals (Oracle Partner Network) Exam Summary Syllabus Questions

SSSD. Client side identity management. LinuxDays 2012 Jakub Hrozek

SA2 v6 Linux System Administration II Net Configuration, Software, Troubleshooting

HYPER-UNIFIED STORAGE. Nexsan Unity

Using RANCID. Contents. 1 Introduction Goals Notes Install rancid Add alias Configure rancid...

Preface to the First Edition Preface to the Second Edition Acknowledgments UNIX Operating System Environment p. 1 UNIX: Past and Present p.

Getting Started with Linux

System Administration Practice Homework 1-3 : Chinese World. lctseng

Octagon Plugin Environment. using a virtual machine

Stop all processes and then reboot - same as above startx. Log in as superuser from current login exit

Introduction to Linux

Centrify's Solution for NIS Migration

Computer Center, CS, NCTU. Outline. FreeBSD version 8.2-RELEASE. Installing FreeBSD. From CD-ROM

Topics. Installation Basics of Using GNU/ Linux Administration Tools

Installation of the OS

1Z0-100 oracle.

COUCHDB - INSTALLATION

More Raspian. An editor Configuration files Shell scripts Shell variables System admin

Lab 2A> ADDING USERS in Linux

Outline. Computer Center, CS, NCTU. FreeBSD version. Installing FreeBSD. Build world and kernel. Software installation Appendix 8.

EX200 EX200. Red Hat Certified System Administrator RHCSA

CSE 390a Lecture 3. Multi-user systems; remote login; editors; users/groups; permissions

EX200 - EX200 Red Hat Certified System Administrator (RHCSA) Exam

High Availability & Fault Tolerance of the Deployment Manager using NFS on Linux

Step 3: Select This computer is part of business network,., click next

My Own Help On Unix Environment

OpenSSL Software Foundation, Inc.

example.com index.html # vim /etc/httpd/conf/httpd.conf NameVirtualHost :80 <VirtualHost :80> DocumentRoot /var/www/html/

Washington WASHINGTON UNIVERSITY IN ST LOUIS

Computer Systems and Architecture

FORTINET DOCUMENT LIBRARY FORTINET VIDEO GUIDE FORTINET BLOG CUSTOMER SERVICE & SUPPORT FORTIGATE COOKBOOK FORTINET TRAINING SERVICES

Embedded Linux Systems. Bin Li Assistant Professor Dept. of Electrical, Computer and Biomedical Engineering University of Rhode Island

USER GUIDE. Snow Inventory Agent for Unix. Version 5. Release date Document date SNOWSOFTWARE.COM

Transcription:

System Administration HW5 - Micro Computer Center yihshih / lctseng

NIS Master sa-core sahome yppush ypbind Share these files: master.passwd hosts group netgroup ypservers amd.map or auto_master NIS Client saduty ypbind sabsd NIS Slave 2 ypbind...

NFS Master saduty sa-core sahome Export /net/data (ro) /net/home (maproot=nobody) /net/admin /usr/ports nullfs 1.Sudoers 2./usr/ports sabsd Export /net/data (ro) /net/home (maproot=nobody) /usr/ports... NFS Client NFS Client 3

ssh sa-core sahome 1. Only sa-adm can login sa-core. 2. Connect to sahome only from saduty 3. Connect to sa-core only from sa-bsd sabsd ssh saduty ssh... 4

Requirements (1) - Overview Machines sahome: NFS Server, NIS Master Server, (NIS Client) saduty: NIS Slave Server, (NIS/NFS Client) sabsd: (NIS/NFS Client) Groups sysadm: can access /net/data/sata, can sudo everything but su and any shells nctucs: everyone Netgroups sa-adm: admin users, can login sa-core sa-core: core machines (sahome and saduty) sa-bsd: all freebsd machines (sahome, saduty, sabsd) 5

Requirements (2) - sahome nullfs NIS /net/home -> /vol/home /net/data -> /vol/data /net/admin -> /vol/admin Bind priority: sahome>saduty login sa-adm only Only from saduty 6

Requirements (3) - saduty NFS NIS /net/home -> sahome:/vol/home (maproot=nobody) /net/data -> sahome:/vol/data (ro) /net/admin -> sahome:/vol/admin (ro) Bind priority: saduty>sahome login sa-adm only 7

Requirements (4) - sabsd NFS NIS /net/home -> sahome:/vol/home (maproot=nobody) /net/data -> sahome:/vol/data (ro) Bind priority: saduty>sahome login All 8

Requirement (5) All machines share /net/data/sudoers All user s home directory must be in /net/home except root Auto-start all services Auto-mount all folders with amd or autofs User can change password on NIS Clients 9

Rup You can run rup on all servers. 10

Ports tree Sahome exports its /usr/ports. Write /etc/make.conf DISTDIR WRKDIRPREFIX Write a program which will update its ports tree. It must be automatically executed at 1:30 A.M everyday on sahome. 11

Log server Sahome as a Log server. Write a program which will record the ssh information everyday. When Who Where Ex: Dec 14 17:26:10 hwchiu login saduty fail from 192.168.157.139 The program must be automatically executed at 11:50 P.M. everyday on sahome. 12

Log server (continue) Your program should write the result to /net/data/ssh/ The filename should follow the rule Year_Month_Day Example. 2013_Dec_13 13

Step 1 - Setup sahome as NIS Master Server Edit /etc/rc.conf nis_server, nisdomainname, yppasswdd Edit /var/yp/makefile #NOPUSH = "True" HOSTS = $(YPDIR)/hosts GROUP = $(YPDIR)/group AMDHOST = $(YPDIR)/amd.map Create /var/yp/hosts, /var/yp/group etc Edit /var/yp/master.passwd & /var/yp/group to create your accounts Edit /var/yp/hosts to fit your environment Initial and start services 14

Step 2 - Setup NIS Clients Add NIS Servers IP to /etc/hosts Edit /etc/master.passwd & /etc/group vipw Edit /etc/nsswitch.conf hosts : files nis dns Edit /etc/rc.conf nis_client, nisdomainname, ypbind Testing tools ypcat ypwhich 15

Step 3 - Setup NFS environment Nullfs (NFS Server) $ mount_nullfs /vol/home /net/home In /etc/fstab: /vol/home /net/home nullfs rw 2 2 Edit /etc/exports (NFS Server) Edit /etc/rc.conf amd or autofs (NFS Client) nfs_server, mountd (NFS Server) Edit amd.map (NIS Server) 16

Step 4 - Setup saduty as a NIS Slave Server Edit /etc/rc.conf nis_server, nisdomainname, ypxfrd Modity ypbind sequence (on every clients) Edit /var/yp/ypservers (on cshome) Initial and (re)start services 17

Step 5 - Finishing sudoers (/usr/local/etc/sudoers) Including other sudoers file from /net/data/sudoers man sudoers to see more about include. sahome:/etc/hosts.allow sa-adm only can login sahome from saduty. /net/data/sata sysadm only/ Login permissions only sa-adm can login sa-core. 18

After NIS & NFS servers. Rup. Ports tree. Log server. 19

Let s hack into the Kernel Build another kernel by yourself Make your kernel smaller by 10% ls -l /boot/kernel/kernel Make sure everything is still okay At least for this homework! 20

Help! The kernel source is missing Reinstall Freebsd and select src to install source codes Fetch from official site ftp://ftp.freebsd.org/pub/freebsd/releases/amd64/10.1- RELEASE/src.txz Download it and extract tar -C / -xzf src.txz Wait for a very long time 21

Help Go to bsd*.cs.nctu.edu.tw IRC channel #nctunasa on freenode Email ta@nasa.cs.nctu.edu.tw Goto CSCC to ask professional 3F! 22

Appendix Appendix A mount_nullfs $ man exports A host may be specified only once for each local file system on the server and there may be only one default entry for each server file system that applies to all other hosts. The command mount_nullfs <origin> <new_path> For example % mkdir /home/allhome make a directory for Real NFS Home % mkdir /home/for_nis make a directory for NFS Home exports % mount_nullfs /home/allhome /home/for_nis mount it Use it in /etc/fstab Change the fstype to nullfs For example /home/allhome /home/for_nis nullfs rw 2 2 23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback