Units 05-07 Assignments (RHEL9)

(1) Explain what a file descriptors do in Linux.

A process uses numbered channels called file descriptors to get input and send output.

(7) Define the following terms from Chapter 5:

a. stdin

b. stdout

c. stderr

d. redirection

e. pipeline

f. pipe

g. tee

a. Standard input

b. Standard output

c. Standard error

d. Sends standard output to files or gets standard input from files

e. A sequence of one or more commands separated by |, the pipe character

f. Connects the standard output of the first command to the standard input of the next command

g. In a pipeline, the tee command copies its standard input to its standard output and also redirects its standard output to the files named as arguments to the command.

(6) What do the following redirection operators do?

a. > file

b. >> file

c. > file 2> file2

d. 2> /dev/null

e. &> file

f. &>> file

a. Redirect stdout to overwrite a file

b. Redirect stdout to append to a file

c. Redirect stderr to overwrite a file

d. Discard stderr error messages by redirecting them to /dev/null

e. Redirect stdout and stderr to overwrite the same file

f. Redirect stdout and stderr to append to the same file

(8) Editing from a command prompt:

a. What is vim?

b. What is the difference between vi and vim?

c. Define the three modes of vim?

d. What is the default mode in vim?

e. What is the keystroke enter insert mode?

f. What is the keystroke to go from insert mode to command mode?

g. What is the keystroke to enter visual mode for a block of text?

h. What is the keystroke to save your files and exit vim?

a. Used to create and edit text files from the command line

b. An improved version of the vi editor distributed with Linux and UNIX systems

c. Edit, command, and visual

d. Command

e. i

f. Esc

g. Ctrl+v

h. :wq

(2) Define and compare what a shell variable is versus an environment variable.

A shell variable is used to help run commands or to modify the behavior of the shell.

An environment variable is automatically copied to programs run from that shell when they start.

(1) How do you expand a bash shell variable?

Use the $ key.

(12) Define these files, directories, variables, and commands?

a. PS1

b. EDITOR

c. HOME

d. LANG

e. PATH

f. env

g. set

h. export

i. unset

j. unexport

k. .bashrc

l. /etc/profile.d

a. A shell variable that controls the appearance of the shell prompt

b. The EDITOR environment variable specifies the program you want to use as your default text editor for command-line programs.

c. Used to help programs determine where to save files

d. Sets the locale

e. Contains a list of colon-separated directories that contain programs

f. Used to list all the environment variables for a particular shell

g. Used to list all shell variables that are currently set

h. Used to make any variable defined in the shell into an environment variable by marking it for export

i. Used to unset and unexport a variable entirely

j. Used to unexport a variable without unsetting it

k. Used to make a change to your user account that affects all your interactive shell prompts at startup

l. The best way to adjust settings that affect all user accounts is by adding a file with a name ending in .sh containing the changes to the /etc/profile.d directory.

(2) In your own words paraphrase Chapter 6 where it asks "What is a user?"

A user is an account that creates security boundaries between people and programs that run commands, with each user having a username and a unique user ID (UID).

There are three main types of users: the superuser (root) who has full access, system users used by services or daemons, and regular users who have limited access for daily tasks.

(7) Explain how to use the following commands from Chapter 6:

a. groupadd

b. id

c. passwd

d. ps au

e. su

f. sudo

g. usermod

a. Used to create groups

b. Used to show information about the currently logged-in user

c. The passwd username command sets the initial password or changes the existing password of username.

d. Used to view the user associated with a process

e. Allows a user to switch to a different user account

f. Allows a user to be permitted to run a command as root, or as another user, based on settings in the /etc/sudoers file

g. Used to modify an account

(7) There are seven fields in the /etc/passwd file for each record. Define them in the proper order:

a. Field 1

b. Field 2

c. Field 3

d. Field 4

e. Field 5

f. Field 6

g. Field 7

a. Username for this user (user01)

b. The user's password used to be stored here in encrypted format. That has been moved to the /etc/shadow file. This field should always be x.

c. The UID for this user account (1000)

d. The GID number for this user account's primary group (1000)

e. The real name for this user (User One)

f. The home directory for this user (/home/user01). This is the initial working directory when the shell starts and contains the user's data and configuration settings.

g. The default shell program for this user, which runs on ligin (/bin/bash). For a regular user, this is normally the program that provides the user's command-line prompt. A system user might use /sbin/nologin if interactive logins are not allowed for that user.

(2) Explain the difference between primary groups and secondary groups.

Every user has one primary group that owns new files they create.

Users can also belong to supplementary groups that give extra access to shared files or resources.

(1) What is a Red Hat User Private Group?

A new group with the same name as that user is created.

(4) Define the four fields found in each record of the /etc/group file.

a. Field 1

b. Field 2

c. Field 3

d. Field 4

a. Group name for this group (group1)

b. Obsolete group password field. This field should always be x.

c. The GID number for this group (10000)

d. A list of users who are members of this group as a supplementary group (user01, user02, user03)

(9) There are nine fields in the /etc/shadow file for each record. Define them in the proper order:

a. Field 1

b. Field 2

c. Field 3

d. Field 4

e. Field 5

f. Field 6

g. Field 7

h. Field 8

i. Field 9

a. Username of the account this password belongs to

b. The encrypted password of the user

c. The day on which the password was last changed. This is set in days since 1970- 01-01, and is calculated in the UTC time zone.

d. The minimum number of days that have to elapse since the last password change before the user can change it again

e. The maximum number of days that can pass without a password change before the password expires. An empty field means it does not expire based on time since the last change.

f. Warning period. The user will be warned about an expiring password when they login for this number of days before the deadline.

g. Inactivity period. Once the password has expired, it will still be accepted for login for this many days. After this period has elapsed, the account will be locked.

h. The day on which the password expires. This is set in days since 1970-01-01, and is calculated in the UTC time zone. An empty field means it does not expire on a particular date.

i. The last field is usually empty and is reserved for future use.

(1) What does the hyphen do in the su - command?

It starts a login shell.

(2) What is found in the /etc/sudoers file? How does it work?

The main configuration file for sudo is /etc/sudoers.

To avoid problems if multiple administrators try to edit it at the same time, it should only be edited with the special visudo command.

(2) Explain the differences between the root user and all other users on a Linux server.

Root is the superuser with full access to everything.

Regular users have limited access and can only do what they're allowed to.

(6) Explain what the following options do when used on the useradd command:

a. -a

b. -G

c. -g

d. -L

e. -s

f. -U

a. Used with the -G option to add the supplementary groups to the user's current set of group memberships instead of replacing the set of supplementary groups with a new set

b. Specify a comma-separated list of supplementary groups for the user account

c. Specify a primary group for the user account

d. Lock the user account

e. Specify a particular login shell for the user account

f. Unlock the user account

(1) What is significant about UID numbers above 1000?

In RHEL7, 8, and 9, the useradd command assigns new users the first free UID greater than or equal to 1000, unless you explicitly specify one using the-u option.

(4) What four things are defaults in the user password policy for a RHEL/CentOS user (hint: /etc/login.defs):

PASS_MAX_DAYS

PASS_MIN_DAYS

PASS_WARN_AGE

UID Range for Regular Users

(3) There are three pieces of information stored in a modern password hash. What are they?

The hashing algorithm used for the password

The salt used to encrypt the password. This is originally chosen at random.

The encrypted hash of the user's password. The salt and the unencrypted password are combined and encrypted to generate the encrypted hash of the password.

(6) Explain what the following options do when used on the chage command:

a. -d

b. -E

c. -I

d. -m

e. -M

f. -W

a. Last change date

b. Password expiration date

c. Inactive days

d. Min days

e. Max days

f. Warm days

(1) What is /sbin/nologin?

Used to block login access for accounts that don't need to log in.

(3) Define and explain the three permissions used in Linux to control access to files (excluding directories).

r(read) - File contents can be read.

w(write) - File contents can be changed.

x(execute) - Files can be executed as commands.

(3) Define and explain the three permissions used in Linux to control access to directories.

If a user only has read access on a directory, the names of the files in it can be listed, but no other information, including permissions or time stamps, are available, nor can they be accessed.

If a user only has exec access on a directory, they cannot list the names of the files in the directory, but if they already know the name of a file which they have permission to read, then they can access the contents of that file by explicitly specifying the file name.

A file may be removed (deleted) by anyone who has writepermission to the directory in which the file resides, regardless of the ownership or permissions on the file itself.

(3) Refer to these permissions and ownerships:

Users and their groups:

lucy lucy,ricardo

ricky ricky,ricardo

ethel ethel,mertz

fred fred,mertz

File attributes (permissions, user & group ownership, name):

drwxrwxr-x ricky ricardo dir (which contains the

following files)

-rw-rw-r-- lucy lucy lfile1

-rw-r--rw- lucy ricardo lfile2

-rw-rw-r-- ricky ricardo rfile1

-rw-r----- ricky ricardo rfile2

a. What are ethel's file permissions?

b. What is lucy's access permissions to rfile1?

c. Let's assume Sheldon has an account on this Linux server and is not a member of any of these groups, what access does Sheldon have to 1file2 and rfile2?

a. Ethel does not own any of these files, nor do ethel's groups (ethel, mertz) have ownership. Therefore, ethel gets the 'other' permissions:

ethel can read lfile1 and rfile1

ethel can read/write lfile2

ethel has no access to rfile2. It can be listed because the other permissions on the directory are r-x, but ethel cannot open the file.

b. lucy is in the ricardo group which owns rfile1. Therefore lucy has read/write permission on rfile1.

c. Sheldon is not the owner of those files, and not in the ricardo group. Therefore, Sheldon has other privileges:

Sheldon can read rfile1

Sheldon has no access to rfile2

(1) What is the command to add write permissions to all group owners below /var/www/html/ist190/ on a Linux webserver, including directories and files? Follow the suggestion in the chapter.

chmod -R g+w /var/www/html/ist190/

(1) What is the command using octal notation to changer the permissions on /var/www/html/ist190/index.html so that the user owner has RWX, the group has RX, and the world has R?

chmod 754 /var/www/html/ist190/index.html

(1) What is the most efficient and fastest way to change the user owner to ist190student and the group owner to wheel for all files and directories under /var/www/html/ist190/ on a Linux webserver?

chown -R ist190student:wheel /var/www/html/ist190/

(1) You have been asked to setup a collaborative directory for all members of the music group at /data/musicgroup/ on your fileserver. What is the command to set create these special permissions (sgid)?

chmod g+s /data/musicgroup/

(2) What is the purpose of the sticky bit? How do you set it?

The sticky bit restricts deletion of a file to the owner or root.

chmod +t directory_name

(3) What is an umask and how does it work? Show examples of how changing the umask affects files and directories.

An octal bitmask that is used to clear the permissions of new files and directories that are created by the process.

The previous umask, 0002, clears the write bit for other users.

A umask of 077 clears all the group and other permissions of newly created files.

(2) What file has to be modified to change the default umask for ALL users who log in to your Linux server? Give an example.

/etc/profile and /etc/bashrcfiles.

Add umask 022 to /etc/profile