Browse Source

linux_server_setup -> linux-server-setup

master
Fincer 6 years ago
parent
commit
217d4518f9
8 changed files with 113 additions and 113 deletions
  1. +8
    -8
      README.md
  2. +19
    -19
      exercises/h1.md
  3. +18
    -18
      exercises/h2.md
  4. +10
    -10
      exercises/h3.md
  5. +14
    -14
      exercises/h4.md
  6. +26
    -26
      exercises/h5.md
  7. +5
    -5
      exercises/h6.md
  8. +13
    -13
      exercises/h7.md

+ 8
- 8
README.md View File

@ -25,18 +25,18 @@ Administration of Linux server/client environment
## Table of contents ## Table of contents
- [Exercise 1 - Installation & getting familiar with a Linux OS](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md)
- [Exercise 1 - Installation & getting familiar with a Linux OS](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md)
- [Exercise 2 - Simple log analysis](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md)
- [Exercise 2 - Simple log analysis](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md)
- [Exercise 3 - Setting up Apache & PHP environments](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md)
- [Exercise 3 - Setting up Apache & PHP environments](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md)
- [Exercise 4 - Apache web development environment configuration for a regular user](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h4.md)
- [Exercise 4 - Apache web development environment configuration for a regular user](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md)
- [Exercise 5 - SSH and Linux system statistics](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md)
- [Exercise 5 - SSH and Linux system statistics](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md)
- [Exercise 6 - Hello World](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h6.md)
- [Exercise 6 - Hello World](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h6.md)
- [Exercise 7 - Laboratory test](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md)
- [Exercise 7 - Laboratory test](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md)
- [Exam structure](https://github.com/Fincer/linux_server_setup/blob/master/exercises/exam.md)
- [Exam structure](https://github.com/Fincer/linux-server-setup/blob/master/exercises/exam.md)

+ 19
- 19
exercises/h1.md View File

@ -9,39 +9,39 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
*Table of contents:* *Table of contents:*
-------------- --------------
- [a) **Linux LiveUSB** Create your own Linux USB live stick. Try it out on a non-school computer. This section does not require installation of Linux. However, if you decided to install Linux, you should take proper backups first.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#a-create-your-own-linux-usb-live-stick-try-it-out-on-a-non-school-computer-this-section-does-not-require-installation-of-linux-however-if-you-decided-to-install-linux-you-should-take-proper-backups-first)
- [a) **Linux LiveUSB** Create your own Linux USB live stick. Try it out on a non-school computer. This section does not require installation of Linux. However, if you decided to install Linux, you should take proper backups first.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#a-create-your-own-linux-usb-live-stick-try-it-out-on-a-non-school-computer-this-section-does-not-require-installation-of-linux-however-if-you-decided-to-install-linux-you-should-take-proper-backups-first)
- [Alternative 1 - Rufus (Windows, GUI-based)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#alternative-1---rufus-windows-gui-based)
- [Alternative 1 - Rufus (Windows, GUI-based)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#alternative-1---rufus-windows-gui-based)
- [Comparing checksums](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#comparing-checksums)
- [Comparing checksums](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#comparing-checksums)
- [Alternative 2 - dd command (Linux, CLI-based)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#alternative-2---dd-command-linux-cli-based)
- [Alternative 2 - dd command (Linux, CLI-based)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#alternative-2---dd-command-linux-cli-based)
- [b) **Hardware components** List hardware components of your new Linux computer (sudo lshw -short -sanitize).](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#b-list-hardware-components-of-your-new-linux-computer-sudo-lshw--short--sanitize)
- [b) **Hardware components** List hardware components of your new Linux computer (sudo lshw -short -sanitize).](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#b-list-hardware-components-of-your-new-linux-computer-sudo-lshw--short--sanitize)
- [c) **Program installation** Install three new programs which are new to you. Try them out in their main target environment and primary use.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#c-install-three-new-programs-which-are-new-to-you-try-them-out-in-their-main-target-environment-and-primary-use)
- [c) **Program installation** Install three new programs which are new to you. Try them out in their main target environment and primary use.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#c-install-three-new-programs-which-are-new-to-you-try-them-out-in-their-main-target-environment-and-primary-use)
- [Thunar](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#thunar)
- [Thunar](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#thunar)
- [Gedit](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#gedit)
- [Gedit](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#gedit)
- [GParted](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#gparted)
- [GParted](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#gparted)
- [Installation via official package repositories](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#installation-via-official-package-repositories)
- [Installation via official package repositories](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#installation-via-official-package-repositories)
- [Installation via local packages or from source code](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#installation-via-local-packages-or-from-source-code)
- [Installation via local packages or from source code](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#installation-via-local-packages-or-from-source-code)
- [Uninstallation of packages](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#uninstallation-of-packages)
- [Uninstallation of packages](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#uninstallation-of-packages)
- [Differences between Linux distributions](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#differences-between-linux-distributions)
- [Differences between Linux distributions](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#differences-between-linux-distributions)
- [d) **Licenses** Which licenses have been used in the programs of your choice? Explain briefly which kind of rights and duties these licenses have.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#d-which-licenses-have-been-used-in-the-programs-of-your-choice-explain-briefly-which-kind-of-rights-and-duties-these-licenses-have)
- [d) **Licenses** Which licenses have been used in the programs of your choice? Explain briefly which kind of rights and duties these licenses have.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#d-which-licenses-have-been-used-in-the-programs-of-your-choice-explain-briefly-which-kind-of-rights-and-duties-these-licenses-have)
- [e) **Alternative open source programs** List programs you use (MS Word, for instance), purpose of these programs (for instance, text editing) and introduce equivalent open source Linux program (for instance, LibreOffice Writer). List closed source programs even if they do not have open source equivalent for Linux.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#e-list-programs-you-use-ms-word-for-example-purpose-of-these-programs-for-example-text-editing-and-introduce-equivalent-open-source-linux-program-for-instance-libreoffice-writer-list-closed-source-programs-even-if-they-do-not-have-open-source-equivalent-for-linux)
- [e) **Alternative open source programs** List programs you use (MS Word, for instance), purpose of these programs (for instance, text editing) and introduce equivalent open source Linux program (for instance, LibreOffice Writer). List closed source programs even if they do not have open source equivalent for Linux.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#e-list-programs-you-use-ms-word-for-example-purpose-of-these-programs-for-example-text-editing-and-introduce-equivalent-open-source-linux-program-for-instance-libreoffice-writer-list-closed-source-programs-even-if-they-do-not-have-open-source-equivalent-for-linux)
- [f) **File backups** Optional extra task: backup your files (you can use an external USB storage, for instance)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#f-optional-extra-task-backup-your-files-you-can-use-an-external-usb-storage-for-instance)
- [f) **File backups** Optional extra task: backup your files (you can use an external USB storage, for instance)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#f-optional-extra-task-backup-your-files-you-can-use-an-external-usb-storage-for-instance)
- [fstransform - convert existing file system to another format](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h1.md#fstransform---convert-existing-file-system-to-another-format)
- [fstransform - convert existing file system to another format](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h1.md#fstransform---convert-existing-file-system-to-another-format)
-------------- --------------
@ -352,7 +352,7 @@ where `package-name` is the package of your choice. Replace this string with the
Additionally, you can investigate required dependencies by checking any header (`.h`) files required in C/C++ source files, if the program is based on these programming languages. By tracking down required headers it is possible to figure out required dependencies in some extent. In addition, check out official websites of the program (GitHub, BitBucket or another homepage), possibly contant the developer and/or check out any supplied library files (suffix is `.so`) and their dependencies with **[ldd command](https://en.wikipedia.org/wiki/Ldd_%28Unix%29)**. On Ubuntu, you can also check out [packages.ubuntu.com](https://packages.ubuntu.com/) for dependencies if the package is available on official repositories. Additionally, you can investigate required dependencies by checking any header (`.h`) files required in C/C++ source files, if the program is based on these programming languages. By tracking down required headers it is possible to figure out required dependencies in some extent. In addition, check out official websites of the program (GitHub, BitBucket or another homepage), possibly contant the developer and/or check out any supplied library files (suffix is `.so`) and their dependencies with **[ldd command](https://en.wikipedia.org/wiki/Ldd_%28Unix%29)**. On Ubuntu, you can also check out [packages.ubuntu.com](https://packages.ubuntu.com/) for dependencies if the package is available on official repositories.
Please see my practical [example 1](https://github.com/Fincer/linux_server_setup/blob/master/scripts/compile-xcmenu-screenshot.sh) and [example 2](https://github.com/Fincer/winecfg_patch) for compiling software on Linux.
Please see my practical [example 1](https://github.com/Fincer/linux-server-setup/blob/master/scripts/compile-xcmenu-screenshot.sh) and [example 2](https://github.com/Fincer/winecfg_patch) for compiling software on Linux.
You can also apply patches directly to source code of a program by using **[diff](https://www.gnu.org/software/diffutils/manual/html_node/Example-Unified.html)** and **[patch](https://en.wikipedia.org/wiki/Patch_%28Unix%29)** commands. Patches must be applied before compiling the program. You can also apply patches directly to source code of a program by using **[diff](https://www.gnu.org/software/diffutils/manual/html_node/Example-Unified.html)** and **[patch](https://en.wikipedia.org/wiki/Patch_%28Unix%29)** commands. Patches must be applied before compiling the program.
@ -384,7 +384,7 @@ man apt-get
Manual pages in any commands are highly supported in multiple Linux distributions. The command syntax is always the same: `man my_command`. Additionally, `--help` or `-h` parameter is widely accepted by many Unix/Linux CLI programs. Manual pages in any commands are highly supported in multiple Linux distributions. The command syntax is always the same: `man my_command`. Additionally, `--help` or `-h` parameter is widely accepted by many Unix/Linux CLI programs.
**NOTE:** Although Linux distributions don't have any similar to Windows registry hell (unclean registry after software removal), keep in mind that any configuration files created **afterwards** by a Linux program are not handled by Linux package managers. In other words: package managers can't track files created afterwards by your program in your `$HOME` folder. This is mostly a case with personal configuration files in user's home directory on Linux. In addition, any backup files (file suffixes: `.old`, `~`, `.bak`, `.pacnew`...) are not included in the package according to your package manager and, therefore, they may not be uninstalled by simply removing a program. [Please see my script for tracking down those files](https://github.com/Fincer/linux_server_setup/blob/master/scripts/file-and-dirs-owner.sh)
**NOTE:** Although Linux distributions don't have any similar to Windows registry hell (unclean registry after software removal), keep in mind that any configuration files created **afterwards** by a Linux program are not handled by Linux package managers. In other words: package managers can't track files created afterwards by your program in your `$HOME` folder. This is mostly a case with personal configuration files in user's home directory on Linux. In addition, any backup files (file suffixes: `.old`, `~`, `.bak`, `.pacnew`...) are not included in the package according to your package manager and, therefore, they may not be uninstalled by simply removing a program. [Please see my script for tracking down those files](https://github.com/Fincer/linux-server-setup/blob/master/scripts/file-and-dirs-owner.sh)
#### Differences between Linux distributions #### Differences between Linux distributions


+ 18
- 18
exercises/h2.md View File

@ -9,31 +9,31 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
*Table of contents:* *Table of contents:*
-------------- --------------
- [a) **Log events** Create two different log events: One successful event and one failed or forbidden event. Analyze the log lines in detail.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#a-create-two-different-log-events-one-successful-event-and-one-failed-or-forbidden-event-analyze-the-log-lines-in-detail)
- [a) **Log events** Create two different log events: One successful event and one failed or forbidden event. Analyze the log lines in detail.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#a-create-two-different-log-events-one-successful-event-and-one-failed-or-forbidden-event-analyze-the-log-lines-in-detail)
- [Successful event example - Apache server](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#successful-event-example---apache-server)
- [Successful event example - Apache server](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#successful-event-example---apache-server)
- [Failed event example - Apache server](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#failed-event-example---apache-server)
- [Failed event example - Apache server](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#failed-event-example---apache-server)
- [Other error situations - libraries, headers & typos](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---libraries-headers--typos)
- [Other error situations - libraries, headers & typos](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---libraries-headers--typos)
- [Other error situations - unsupported Linux OS versions & broken libraries](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---unsupported-linux-os-versions--broken-libraries)
- [Other error situations - unsupported Linux OS versions & broken libraries](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---unsupported-linux-os-versions--broken-libraries)
- [Other error situations - a tricky error without clear identification](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-without-clear-identification)
- [Other error situations - a tricky error without clear identification](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-without-clear-identification)
- [Other error situations - hardware issues](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---hardware-issues)
- [Other error situations - hardware issues](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---hardware-issues)
- [Other error situations - random or unexpected errors](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---random-or-unexpected-errors)
- [Other error situations - random or unexpected errors](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---random-or-unexpected-errors)
- [Other error situations - a tricky error tracked down](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-tracked-down)
- [Other error situations - a tricky error tracked down](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-tracked-down)
- [Other error situations - A simple test case (command which succeeds as root but fails otherwise)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---a-simple-test-case-command-which-succeeds-as-root-but-fails-otherwise)
- [Other error situations - A simple test case (command which succeeds as root but fails otherwise)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---a-simple-test-case-command-which-succeeds-as-root-but-fails-otherwise)
- [b) **SSH daemon & commands** Optional task, not teached yet: Install SSH daemon. Try some of the following commands on your own SSH server: ssh-copy-id, sshfs, scp or git. (The easiest command might be scp: ‘scp foo.txt tero@example.com:’)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#b-optional-task-not-teached-yet-install-ssh-daemon-try-some-of-the-following-commands-on-your-own-ssh-server-ssh-copy-id-sshfs-scp-or-git-the-easiest-command-might-be-scp-scp-footxt-teroexamplecom)
- [b) **SSH daemon & commands** Optional task, not teached yet: Install SSH daemon. Try some of the following commands on your own SSH server: ssh-copy-id, sshfs, scp or git. (The easiest command might be scp: ‘scp foo.txt tero@example.com:’)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#b-optional-task-not-teached-yet-install-ssh-daemon-try-some-of-the-following-commands-on-your-own-ssh-server-ssh-copy-id-sshfs-scp-or-git-the-easiest-command-might-be-scp-scp-footxt-teroexamplecom)
- [c) **One-line installer** Create an apt-get command of your dreams: one single command or one-liner which installs your favorite applications.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#c-create-an-apt-get-command-of-your-dreams-one-single-command-or-one-liner-which-installs-your-favorite-applications)
- [c) **One-line installer** Create an apt-get command of your dreams: one single command or one-liner which installs your favorite applications.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#c-create-an-apt-get-command-of-your-dreams-one-single-command-or-one-liner-which-installs-your-favorite-applications)
- [d) **CLI programs** Install three new command line programs using your command line package manager. Try each of these programs in their target environment and purpose.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#d-install-three-new-command-line-programs-using-your-command-line-package-manager-try-each-of-these-programs-in-their-target-environment-and-purpose)
- [d) **CLI programs** Install three new command line programs using your command line package manager. Try each of these programs in their target environment and purpose.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#d-install-three-new-command-line-programs-using-your-command-line-package-manager-try-each-of-these-programs-in-their-target-environment-and-purpose)
-------------- --------------
@ -187,7 +187,7 @@ Bluetooth error messages: lines 7-19. Line 8 is not an error message.
**Analysis - regression test approach (journalctl)** **Analysis - regression test approach (journalctl)**
The following analysis is a part of [the above journalctl issue](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-tracked-down)
The following analysis is a part of [the above journalctl issue](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-tracked-down)
The problem seem to be widely known among Ubuntu & Arch Linux users, according to a short search in the internet. There is a [launchpad report](https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1490349) but not a simple answer is given there. There is a suggestion to downgrade bluez package on [Arch Linux forum](https://bbs.archlinux.org/viewtopic.php?id=195886). [AskUbuntu](https://askubuntu.com/) website has many threads for this issue. The problem seem to be widely known among Ubuntu & Arch Linux users, according to a short search in the internet. There is a [launchpad report](https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1490349) but not a simple answer is given there. There is a suggestion to downgrade bluez package on [Arch Linux forum](https://bbs.archlinux.org/viewtopic.php?id=195886). [AskUbuntu](https://askubuntu.com/) website has many threads for this issue.
@ -201,7 +201,7 @@ Once the problematic commit/commits are known, we can fix the code ourselves and
**Analysis - our bluez package (journalctl)** **Analysis - our bluez package (journalctl)**
The following analysis is a part of [the above journalctl issue](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-tracked-down)
The following analysis is a part of [the above journalctl issue](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md#other-error-situations---a-tricky-error-tracked-down)
In bluez error case, we should check all relevant error messages written by bluetooth daemon to STDERR output. By analysing [BlueZ source code](https://github.com/pauloborges/bluez) ([alternative link](https://git.kernel.org/pub/scm/bluetooth/bluez.git)) we can see that the message present in journalctl log snapshot can be found in source code as well. In more detail, the following source code files (C code): In bluez error case, we should check all relevant error messages written by bluetooth daemon to STDERR output. By analysing [BlueZ source code](https://github.com/pauloborges/bluez) ([alternative link](https://git.kernel.org/pub/scm/bluetooth/bluez.git)) we can see that the message present in journalctl log snapshot can be found in source code as well. In more detail, the following source code files (C code):
@ -373,13 +373,13 @@ sudo apt-get install lynx libimage-exiftool-perl fakeroot
1. Lynx (https://www.hs.fi - front page) 1. Lynx (https://www.hs.fi - front page)
![lynx_img](https://github.com/Fincer/linux_server_setup/blob/master/images/h2-lynx.png)
![lynx_img](https://github.com/Fincer/linux-server-setup/blob/master/images/h2-lynx.png)
2. Exiftool (examined CR2 file metadata) 2. Exiftool (examined CR2 file metadata)
![exiftool_img](https://github.com/Fincer/linux_server_setup/blob/master/images/h2-exiftool.png)
![exiftool_img](https://github.com/Fincer/linux-server-setup/blob/master/images/h2-exiftool.png)
3. fakeroot (asked who am i, accessed fakeroot environment, created a new file in fakeroot environment and asked who am i again. It is claimed that the current user is root although this is not true, as can be seen when exiting the fakeroot environment) 3. fakeroot (asked who am i, accessed fakeroot environment, created a new file in fakeroot environment and asked who am i again. It is claimed that the current user is root although this is not true, as can be seen when exiting the fakeroot environment)
![fakeroot_img](https://github.com/Fincer/linux_server_setup/blob/master/images/h2-fakeroot.png)
![fakeroot_img](https://github.com/Fincer/linux-server-setup/blob/master/images/h2-fakeroot.png)

+ 10
- 10
exercises/h3.md View File

@ -9,15 +9,15 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
*Table of contents:* *Table of contents:*
-------------- --------------
- [a) **Installation of HTTP server environment** Install Apache web server and set up a working web environment for each system user (http://example.com/~tero). Test the correct functionality with a sample website.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md#a-install-apache-web-server-and-set-up-a-working-web-environment-for-each-system-user-httpexamplecomtero-test-the-correct-functionality-with-a-sample-website)
- [a) **Installation of HTTP server environment** Install Apache web server and set up a working web environment for each system user (http://example.com/~tero). Test the correct functionality with a sample website.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md#a-install-apache-web-server-and-set-up-a-working-web-environment-for-each-system-user-httpexamplecomtero-test-the-correct-functionality-with-a-sample-website)
- [b) **HTTP server logs** Browse and explore the websites on your local host. Find out any hints of successful (200 ok) website load events and failed load events (for instance, 404 not found). Analyse the relevant lines.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md#b-browse-and-explore-the-websites-on-your-local-host-find-out-any-hints-of-successful-200-ok-website-load-events-and-failed-load-events-for-instance-404-not-found-analyse-the-relevant-lines)
- [b) **HTTP server logs** Browse and explore the websites on your local host. Find out any hints of successful (200 ok) website load events and failed load events (for instance, 404 not found). Analyse the relevant lines.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md#b-browse-and-explore-the-websites-on-your-local-host-find-out-any-hints-of-successful-200-ok-website-load-events-and-failed-load-events-for-instance-404-not-found-analyse-the-relevant-lines)
- [c) **HTTP server error event** Create a purposeful error in any code line which is executed by Apache web server (PHP or Python, for instance). Find out any relevant log lines and analyse them in detail.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md#c-create-a-purposeful-error-in-any-code-line-which-is-executed-by-apache-web-server-php-or-python-for-instance-find-out-any-relevant-log-lines-and-analyse-them-in-detail)
- [c) **HTTP server error event** Create a purposeful error in any code line which is executed by Apache web server (PHP or Python, for instance). Find out any relevant log lines and analyse them in detail.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md#c-create-a-purposeful-error-in-any-code-line-which-is-executed-by-apache-web-server-php-or-python-for-instance-find-out-any-relevant-log-lines-and-analyse-them-in-detail)
- [e) **Database management** Install and try out PhpMyAdmin or similar out-of-the-box web-based database management solution.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md#e-install-and-try-out-phpmyadmin-or-similar-out-of-the-box-web-based-database-management-solution)
- [e) **Database management** Install and try out PhpMyAdmin or similar out-of-the-box web-based database management solution.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md#e-install-and-try-out-phpmyadmin-or-similar-out-of-the-box-web-based-database-management-solution)
- [f) **Web application** Create a web application which executes a simple calculation for the user (BMI calculator, for instance)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md#f-create-a-web-application-which-executes-a-simple-calculation-for-the-user-bmi-calculator-for-instance)
- [f) **Web application** Create a web application which executes a simple calculation for the user (BMI calculator, for instance)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md#f-create-a-web-application-which-executes-a-simple-calculation-for-the-user-bmi-calculator-for-instance)
-------------- --------------
@ -171,7 +171,7 @@ xdg-open http://example.com/~$(whoami)/
**Answer:** **Answer:**
**NOTE!** My detailed answer to this assignment is in the previous exercise 2, section a) (successful & failed event + analysing them). Link: [Exercise 2](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h2.md)
**NOTE!** My detailed answer to this assignment is in the previous exercise 2, section a) (successful & failed event + analysing them). Link: [Exercise 2](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h2.md)
In my answer I have analysed Apache web server log lines. The logic is exactly same than required in this assignment. Apache logs each event when a client (web browser, for instance) try to access a file or location in server. In my answer I have analysed Apache web server log lines. The logic is exactly same than required in this assignment. Apache logs each event when a client (web browser, for instance) try to access a file or location in server.
@ -343,7 +343,7 @@ Default syntax for Apache log files follow the layout which is described [here](
**Answer:** **Answer:**
**NOTE!** We assume that the established Linux system has a working Apache HTTP daemon web server and PHP 5.0 or PHP 7.0 script language packages installed as Apache modules (see tasks [a)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md#a-install-apache-web-server-and-set-up-a-working-web-environment-for-each-system-user-httpexamplecomtero-test-the-correct-functionality-with-a-sample-website) and [c)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md#c-create-a-purposeful-error-in-any-code-line-which-is-executed-by-apache-web-server-php-or-python-for-instance-find-out-any-relevant-log-lines-and-analyse-them-in-detail) above).
**NOTE!** We assume that the established Linux system has a working Apache HTTP daemon web server and PHP 5.0 or PHP 7.0 script language packages installed as Apache modules (see tasks [a)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md#a-install-apache-web-server-and-set-up-a-working-web-environment-for-each-system-user-httpexamplecomtero-test-the-correct-functionality-with-a-sample-website) and [c)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md#c-create-a-purposeful-error-in-any-code-line-which-is-executed-by-apache-web-server-php-or-python-for-instance-find-out-any-relevant-log-lines-and-analyse-them-in-detail) above).
**1.** [phpMyAdmin](https://en.wikipedia.org/wiki/PhpMyAdmin) requires MySQL/MariaDB database back-end server. Let's install MySQL database server with its runtime dependencies on Debian-based distribution (Ubuntu 16.04.3 LTS in this case). **1.** [phpMyAdmin](https://en.wikipedia.org/wiki/PhpMyAdmin) requires MySQL/MariaDB database back-end server. Let's install MySQL database server with its runtime dependencies on Debian-based distribution (Ubuntu 16.04.3 LTS in this case).
@ -457,11 +457,11 @@ If the installation has been successful, the web browser view should look like t
**10.** If successfully logged in, the web browser view should be as follows (phpMyAdmin - Front page): **10.** If successfully logged in, the web browser view should be as follows (phpMyAdmin - Front page):
![phpmyadmin-frontpage](https://github.com/Fincer/linux_server_setup/blob/master/images/phpmyadmin-resized.png)
![phpmyadmin-frontpage](https://github.com/Fincer/linux-server-setup/blob/master/images/phpmyadmin-resized.png)
phpMyAdmin - Database configuration sample: phpMyAdmin - Database configuration sample:
![phpmyadmin-dbconfpage](https://github.com/Fincer/linux_server_setup/blob/master/images/phpmyadmin-2-resized.png)
![phpmyadmin-dbconfpage](https://github.com/Fincer/linux-server-setup/blob/master/images/phpmyadmin-2-resized.png)
**f)** Create a web application which executes a simple calculation for the user (BMI calculator, for instance) **f)** Create a web application which executes a simple calculation for the user (BMI calculator, for instance)
-------------- --------------
@ -490,4 +490,4 @@ xdg-open http://example.com/~$(whoami)/rainfall.php
Result: Result:
![php-sample-image-1](https://github.com/Fincer/linux_server_setup/blob/master/images/php-example-rainfall.png)
![php-sample-image-1](https://github.com/Fincer/linux-server-setup/blob/master/images/php-example-rainfall.png)

+ 14
- 14
exercises/h4.md View File

@ -9,17 +9,17 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
*Table of contents:* *Table of contents:*
-------------- --------------
- [a) **Websites on the server** Make it possible to create home pages with normal user privileges in your virtual server environment.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h4.md#a-make-it-possible-to-create-home-pages-with-normal-user-privileges-in-your-virtual-server-environment)
- [a) **Websites on the server** Make it possible to create home pages with normal user privileges in your virtual server environment.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#a-make-it-possible-to-create-home-pages-with-normal-user-privileges-in-your-virtual-server-environment)
- [EXTRA: Deleting Server field from HTTP header by updating Apache source code on Debian-based Linux distributions](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h4.md#extra-deleting-server-field-from-http-header-by-updating-apache-source-code-on-debian-based-linux-distributions)
- [EXTRA: Deleting Server field from HTTP header by updating Apache source code on Debian-based Linux distributions](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#extra-deleting-server-field-from-http-header-by-updating-apache-source-code-on-debian-based-linux-distributions)
- [b) **Default website** Set user default website to be the default website for Apache in your virtual server environment.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h4.md#b-set-user-default-website-to-be-the-default-website-for-apache-in-your-virtual-server-environment)
- [b) **Default website** Set user default website to be the default website for Apache in your virtual server environment.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#b-set-user-default-website-to-be-the-default-website-for-apache-in-your-virtual-server-environment)
- [c) **Short penetration analysis** Find clues of possible penetration attempts to your web server. You can find more information about suspicious IP address without connecting them by using commands ipcalc, geoiplookup and whois, for instance.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h4.md#c-find-clues-of-possible-penetration-attempts-to-your-web-server-you-can-find-more-information-about-suspicious-ip-address-without-connecting-them-by-using-commands-ipcalc-geoiplookup-and-whois-for-instance)
- [c) **Short penetration analysis** Find clues of possible penetration attempts to your web server. You can find more information about suspicious IP address without connecting them by using commands ipcalc, geoiplookup and whois, for instance.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#c-find-clues-of-possible-penetration-attempts-to-your-web-server-you-can-find-more-information-about-suspicious-ip-address-without-connecting-them-by-using-commands-ipcalc-geoiplookup-and-whois-for-instance)
- [d) **Transferring website files** Create a set of websites on your local computer and copy the sites to your web server with scp command.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h4.md#d-create-a-set-of-websites-on-your-local-computer-and-copy-the-sites-to-your-web-server-with-scp-command)
- [d) **Transferring website files** Create a set of websites on your local computer and copy the sites to your web server with scp command.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#d-create-a-set-of-websites-on-your-local-computer-and-copy-the-sites-to-your-web-server-with-scp-command)
- [e) **PHP website** Set up a simple PHP webpage on your web server. For instance, you can print a remote address of the user ( $_SERVER['REMOTE_ADDR'] ) etc. Be careful if you use input forms of any kind.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h4.md#e-set-up-a-simple-php-webpage-on-your-web-server-for-instance-you-can-print-a-remote-address-of-the-user--_serverremote_addr--etc-be-careful-if-you-use-input-forms-of-any-kind)
- [e) **PHP website** Set up a simple PHP webpage on your web server. For instance, you can print a remote address of the user ( $_SERVER['REMOTE_ADDR'] ) etc. Be careful if you use input forms of any kind.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h4.md#e-set-up-a-simple-php-webpage-on-your-web-server-for-instance-you-can-print-a-remote-address-of-the-user--_serverremote_addr--etc-be-careful-if-you-use-input-forms-of-any-kind)
-------------- --------------
@ -84,7 +84,7 @@ newuser@goauldhost:~$ sudo apt-get install apache2 && sudo ufw allow 80/tcp
newuser@goauldhost:~$ sudo a2enmod userdir newuser@goauldhost:~$ sudo a2enmod userdir
``` ```
**5.** Some PHP and userdir module related configurations seem to be predefined in packages provided on DigitalOcean server environment (such as `#` symbols in `/etc/apache2/mods-enabled/php7.0.conf` in order to enable PHP for user sites), unlike stated in [Exercise 3](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h3.md).
**5.** Some PHP and userdir module related configurations seem to be predefined in packages provided on DigitalOcean server environment (such as `#` symbols in `/etc/apache2/mods-enabled/php7.0.conf` in order to enable PHP for user sites), unlike stated in [Exercise 3](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h3.md).
**6.** Restart Apache HTTP daemon (HTTPD) after enabling `userdir` module: **6.** Restart Apache HTTP daemon (HTTPD) after enabling `userdir` module:
@ -164,7 +164,7 @@ monkey@goauldhost:~$ mkdir public_html
Therefore we have created a new home site folder for the user `monkey`. Contents of this folder should be available like shown in the following picture: Therefore we have created a new home site folder for the user `monkey`. Contents of this folder should be available like shown in the following picture:
![monkeysite-samplepic](https://github.com/Fincer/linux_server_setup/blob/master/images/apina-site.png)
![monkeysite-samplepic](https://github.com/Fincer/linux-server-setup/blob/master/images/apina-site.png)
**NOTE:** As you can see, Apache doesn't give any server information in the website view, thanks for the configurations done in step 8 above. **NOTE:** As you can see, Apache doesn't give any server information in the website view, thanks for the configurations done in step 8 above.
@ -272,7 +272,7 @@ newuser@goauldhost:~$ mkdir -p ./source_codes/apache2 && cd ./source_codes/apach
newuser@goauldhost:~/source_codes/apache2$ apt-get source apache2 newuser@goauldhost:~/source_codes/apache2$ apt-get source apache2
``` ```
After which add [source code patch file](https://github.com/Fincer/linux_server_setup/blob/master/patches/patch_apache_servertokens.patch) into created `$HOME/source_codes/apache2` folder.
After which add [source code patch file](https://github.com/Fincer/linux-server-setup/blob/master/patches/patch_apache_servertokens.patch) into created `$HOME/source_codes/apache2` folder.
**NOTE:** I have personally created the patch file with Unix tool `diff`. The patch file is not downloaded from any suspicious website. You can always check & analyse the patch file code yourself if still hesitating. **NOTE:** I have personally created the patch file with Unix tool `diff`. The patch file is not downloaded from any suspicious website. You can always check & analyse the patch file code yourself if still hesitating.
@ -445,7 +445,7 @@ xdg-open http://174.138.2.190:80
The opening view should be as follows: The opening view should be as follows:
![emptypage-sample](https://github.com/Fincer/linux_server_setup/blob/master/images/empty-page-sample.png)
![emptypage-sample](https://github.com/Fincer/linux-server-setup/blob/master/images/empty-page-sample.png)
**2.** Create a new file `index.html` in the directory `$HOME/public_html` of user `monkey` (where `$HOME is folder path `/home/monkey/`) **2.** Create a new file `index.html` in the directory `$HOME/public_html` of user `monkey` (where `$HOME is folder path `/home/monkey/`)
@ -539,7 +539,7 @@ It is understandable that line `RewriteEngine on` doesn't need to be determined
I have had a Debian-based web server (LAMP) environment in the past years. I have included Apache `/var/log/apache/access.log` parts of that web server environment here (year 2014): I have had a Debian-based web server (LAMP) environment in the past years. I have included Apache `/var/log/apache/access.log` parts of that web server environment here (year 2014):
[Apache - access.log, example](https://github.com/Fincer/linux_server_setup/blob/master/other/apache-log-sample)
[Apache - access.log, example](https://github.com/Fincer/linux-server-setup/blob/master/other/apache-log-sample)
The log file reveals many suspicious connection attempts from Thailand and Netherlands, for instance. The log file reveals many suspicious connection attempts from Thailand and Netherlands, for instance.
@ -584,7 +584,7 @@ newuser@goauldhost:~$ unzip website_1.03_fincer.zip
**4.** It should be possible to open the website using URL `174.138.2.190`, and the website should look like the following: **4.** It should be possible to open the website using URL `174.138.2.190`, and the website should look like the following:
![website-sample](https://github.com/Fincer/linux_server_setup/blob/master/images/pekkahh-website.png)
![website-sample](https://github.com/Fincer/linux-server-setup/blob/master/images/pekkahh-website.png)
**5.** Let's copy another website sample into folder `$HOME/public_html/` of user `monkey`: **5.** Let's copy another website sample into folder `$HOME/public_html/` of user `monkey`:
@ -611,7 +611,7 @@ monkey@goauldhost:~/public_html$ rm -Rf ./{server_site,server_site.tar.xz}
The deployed website can be viewed in URL address `http://174.138.2.190:80/~monkey`, and they look as follows (this example is a work time // wage calculator): The deployed website can be viewed in URL address `http://174.138.2.190:80/~monkey`, and they look as follows (this example is a work time // wage calculator):
![workprice-samplesite](https://github.com/Fincer/linux_server_setup/blob/master/images/workprice-site_example.png)
![workprice-samplesite](https://github.com/Fincer/linux-server-setup/blob/master/images/workprice-site_example.png)
**NOTE:** There are differences in the URL due to language reasons (`~apina` translates from finnish to english as `~monkey`) **NOTE:** There are differences in the URL due to language reasons (`~apina` translates from finnish to english as `~monkey`)
@ -635,7 +635,7 @@ The following image demonstrates a web browser view of URL address `174.138.2.19
- On the right side: server-side "raw" PHP source code which is not seen by the client program, our web browser in this case (PHP code = server-side execution, i.e. only web server sees the code, JavaScript code = client-side execution, i.e. client can see the code, too) - On the right side: server-side "raw" PHP source code which is not seen by the client program, our web browser in this case (PHP code = server-side execution, i.e. only web server sees the code, JavaScript code = client-side execution, i.e. client can see the code, too)
![bmicalc-sample](https://github.com/Fincer/linux_server_setup/blob/master/images/bmicalc-sample.png)
![bmicalc-sample](https://github.com/Fincer/linux-server-setup/blob/master/images/bmicalc-sample.png)
**Edit** The following changes has been done after answering the assignment: **Edit** The following changes has been done after answering the assignment:


+ 26
- 26
exercises/h5.md View File

@ -9,45 +9,45 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
*Table of contents:* *Table of contents:*
-------------- --------------
- [a) **SSH Daemon** Install SSH server daemon](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#a-install-ssh-server-daemon)
- [a) **SSH Daemon** Install SSH server daemon](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#a-install-ssh-server-daemon)
- [b) **Firewall** Establish a firewall protection to the server computer (Note: allow SSH traffic before that)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#b-establish-a-firewall-protection-to-the-server-computer-note-allow-ssh-traffic-before-that)
- [b) **Firewall** Establish a firewall protection to the server computer (Note: allow SSH traffic before that)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#b-establish-a-firewall-protection-to-the-server-computer-note-allow-ssh-traffic-before-that)
- [UFW configuration](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#ufw-configuration)
- [UFW configuration](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#ufw-configuration)
- [iptables configuration](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#iptables-configuration)
- [iptables configuration](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#iptables-configuration)
- [Other firewall solutions](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#other-firewall-solutions)
- [Other firewall solutions](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#other-firewall-solutions)
- [EXTRA - root account: more restrictions](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#extra---root-account-more-restrictions)
- [EXTRA - root account: more restrictions](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#extra---root-account-more-restrictions)
- [c) **File transfer** Transfer files using SSH protocol](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#c-transfer-files-using-ssh-protocol)
- [c) **File transfer** Transfer files using SSH protocol](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#c-transfer-files-using-ssh-protocol)
- [d) **SSH auto-login** Automate SSH login with public key method](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#d-automate-ssh-login-with-public-key-method)
- [d) **SSH auto-login** Automate SSH login with public key method](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#d-automate-ssh-login-with-public-key-method)
- [EXTRA: Modifying welcome banner](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#extra-modifying-welcome-banner)
- [EXTRA: Modifying welcome banner](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#extra-modifying-welcome-banner)
- [e) **Analysis of server processes** Install, configure and start sysstat. Use sar command to confirm whether the sysstat package services have been enabled (for instance, log entry "Linux reboot..." exists). Run sysstat a day or two. Afterwards, check computer workload history with sysstat commands sar, iostat, pidstat etc. Analyze the results, i.e. explain the results in detail.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#e-install-configure-and-start-sysstat-use-sar-command-to-confirm-whether-the-sysstat-package-services-have-been-enabled-for-instance-log-entry-linux-reboot-exists-run-sysstat-a-day-or-two-afterwards-check-computer-workload-history-with-sysstat-commands-sar-iostat-pidstat-etc-analyze-the-results-ie-explain-the-results-in-detail)
- [e) **Analysis of server processes** Install, configure and start sysstat. Use sar command to confirm whether the sysstat package services have been enabled (for instance, log entry "Linux reboot..." exists). Run sysstat a day or two. Afterwards, check computer workload history with sysstat commands sar, iostat, pidstat etc. Analyze the results, i.e. explain the results in detail.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#e-install-configure-and-start-sysstat-use-sar-command-to-confirm-whether-the-sysstat-package-services-have-been-enabled-for-instance-log-entry-linux-reboot-exists-run-sysstat-a-day-or-two-afterwards-check-computer-workload-history-with-sysstat-commands-sar-iostat-pidstat-etc-analyze-the-results-ie-explain-the-results-in-detail)
- [SAR - network statistics, IPv4 traffic](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#sar---network-statistics-ipv4-traffic)
- [SAR - network statistics, IPv4 traffic](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#sar---network-statistics-ipv4-traffic)
- [SAR - memory consumption statistics, RAM & Swap](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#sar---memory-consumption-statistics-ram--swap)
- [SAR - memory consumption statistics, RAM & Swap](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#sar---memory-consumption-statistics-ram--swap)
- [SAR - I/O statistics](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#sar---io-statistics)
- [SAR - I/O statistics](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#sar---io-statistics)
- [f) **SSH port configuration** (optional) Change sshd (SSH server process) port](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#f-optional-change-sshd-ssh-server-process-port)
- [f) **SSH port configuration** (optional) Change sshd (SSH server process) port](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#f-optional-change-sshd-ssh-server-process-port)
- [EXTRA - Using new port address of SSH server daemon when connecting with a client computer/program](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#extra---using-new-port-address-of-ssh-server-daemon-when-connecting-with-a-client-computerprogram)
- [EXTRA - Using new port address of SSH server daemon when connecting with a client computer/program](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#extra---using-new-port-address-of-ssh-server-daemon-when-connecting-with-a-client-computerprogram)
- [EXTRA - detecting SSH port change with port scanning techniques (nmap)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#extra---detecting-ssh-port-change-with-port-scanning-techniques-nmap)
- [EXTRA - detecting SSH port change with port scanning techniques (nmap)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#extra---detecting-ssh-port-change-with-port-scanning-techniques-nmap)
- [EXTRA - Using Port Knocking technique against port scanning](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#extra---using-port-knocking-technique-against-port-scanning)
- [EXTRA - Using Port Knocking technique against port scanning](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#extra---using-port-knocking-technique-against-port-scanning)
- [EXTRA - ARP Scan and spoofing your MAC address](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#extra---arp-scan-and-spoofing-your-mac-address)
- [EXTRA - ARP Scan and spoofing your MAC address](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#extra---arp-scan-and-spoofing-your-mac-address)
- [g) **SSH configuration - groups** (optional) Allow SSH login only for users in group 'sshers'. Add your account to this group.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#g-optional-allow-ssh-login-only-for-users-in-group-sshers-add-your-account-to-this-group)
- [g) **SSH configuration - groups** (optional) Allow SSH login only for users in group 'sshers'. Add your account to this group.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#g-optional-allow-ssh-login-only-for-users-in-group-sshers-add-your-account-to-this-group)
- [h) **SSH remote dir mounting** (optional) Attach a remote network directory with sshfs.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#h-optional-attach-a-remote-network-directory-with-sshfs)
- [h) **SSH remote dir mounting** (optional) Attach a remote network directory with sshfs.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#h-optional-attach-a-remote-network-directory-with-sshfs)
-------------- --------------
@ -108,7 +108,7 @@ About relevance of the `-D` parameter has been discussed, for instance, on [supe
**Answer:** **Answer:**
The firewall protection is done by using Linux kernel ip_table module(s). Firewall rules can be modified in User Space with the corresponding iptables command or with the simplified Python 3 based program/script 'Uncomplicated Firewall' (`ufw`). Other firewall solutions also exists on Linux, please see ['Other firewall solutions'](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h5.md#other-firewall-solutions) below.
The firewall protection is done by using Linux kernel ip_table module(s). Firewall rules can be modified in User Space with the corresponding iptables command or with the simplified Python 3 based program/script 'Uncomplicated Firewall' (`ufw`). Other firewall solutions also exists on Linux, please see ['Other firewall solutions'](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h5.md#other-firewall-solutions) below.
We can check which loadable kernel modules have been enabled in Linux kernel with the kernel-related lsmod command. We can check which loadable kernel modules have been enabled in Linux kernel with the kernel-related lsmod command.
@ -454,7 +454,7 @@ cd
**1.** We shall connect to the server computer (running Ubuntu) and then install the required package with command sequence `sudo apt-get update && sudo apt-get install -y install sysstat` **1.** We shall connect to the server computer (running Ubuntu) and then install the required package with command sequence `sudo apt-get update && sudo apt-get install -y install sysstat`
**2.** Run [shell-based sysstat script](https://github.com/Fincer/linux_server_setup/blob/master/scripts/sysstat_command.sh) which runs `sar` and `pidstat` commands for two days with 20 second intervals.
**2.** Run [shell-based sysstat script](https://github.com/Fincer/linux-server-setup/blob/master/scripts/sysstat_command.sh) which runs `sar` and `pidstat` commands for two days with 20 second intervals.
**NOTE:** The script can be opmitized more/adapted better to suit the real requirements for the server environment (statistics interval, collection period, etc.) **NOTE:** The script can be opmitized more/adapted better to suit the real requirements for the server environment (statistics interval, collection period, etc.)
@ -531,7 +531,7 @@ Additionally, iostat command was run on the background.
**command:** `sar -n IP -f sar-stats_2018-02-24_2018-02-26.file` **command:** `sar -n IP -f sar-stats_2018-02-24_2018-02-26.file`
![sar-stats-ipv4](https://github.com/Fincer/linux_server_setup/blob/master/images/sar-stats_ipv4.png)
![sar-stats-ipv4](https://github.com/Fincer/linux-server-setup/blob/master/images/sar-stats_ipv4.png)
**Observation period:** 24.-26.02.2018 **Observation period:** 24.-26.02.2018
@ -582,7 +582,7 @@ Check also
**command:** `sar -r -f sar-stats_2018-02-24_2018-02-26.file` **command:** `sar -r -f sar-stats_2018-02-24_2018-02-26.file`
**command:** `sar -S -f sar-stats_2018-02-24_2018-02-26.file` **command:** `sar -S -f sar-stats_2018-02-24_2018-02-26.file`
![sar-stats-memusage](https://github.com/Fincer/linux_server_setup/blob/master/images/sar-stats_memusage.png)
![sar-stats-memusage](https://github.com/Fincer/linux-server-setup/blob/master/images/sar-stats_memusage.png)
**Observation period:** 24.-26.02.2018 **Observation period:** 24.-26.02.2018
@ -649,7 +649,7 @@ It may not be wise to collect Swap statistics (although Linux kernel [Swappiness
### SAR - I/O statistics ### SAR - I/O statistics
![sar-iostat](https://github.com/Fincer/linux_server_setup/blob/master/images/sar-iostats.png)
![sar-iostat](https://github.com/Fincer/linux-server-setup/blob/master/images/sar-iostats.png)
**command:** `iostat -dmtx 20` **command:** `iostat -dmtx 20`
@ -935,7 +935,7 @@ More about Port Knocking technique:
Program [arp-scan](https://www.blackmoreops.com/2015/12/31/use-arp-scan-to-find-hidden-devices-in-your-network/) can be used in limited scale to scan a MAC address (OSI model layer 2, Data Link Layer) in a network. Program [arp-scan](https://www.blackmoreops.com/2015/12/31/use-arp-scan-to-find-hidden-devices-in-your-network/) can be used in limited scale to scan a MAC address (OSI model layer 2, Data Link Layer) in a network.
Unique MAC address of a network interface (network card) can programmatically be spoofed with [these Arch Wiki instructions](https://wiki.archlinux.org/index.php/MAC_address_spoofing#Method_1:_systemd-networkd) or with my [Spoof MAC Address shell script](https://github.com/Fincer/linux_server_setup/blob/master/scripts/spoof_mac_address.sh).
Unique MAC address of a network interface (network card) can programmatically be spoofed with [these Arch Wiki instructions](https://wiki.archlinux.org/index.php/MAC_address_spoofing#Method_1:_systemd-networkd) or with my [Spoof MAC Address shell script](https://github.com/Fincer/linux-server-setup/blob/master/scripts/spoof_mac_address.sh).
Sample results of ARP Scan. Sample results of ARP Scan.


+ 5
- 5
exercises/h6.md View File

@ -9,15 +9,15 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
*Table of contents:* *Table of contents:*
-------------- --------------
- [a) **Hello World** Write and execute "Hello world" in three code languages of your choice. Set up a necessary development environments.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h6.md#a-write-and-execute-hello-world-in-three-code-languages-of-your-choice-set-up-a-necessary-development-environments)
- [a) **Hello World** Write and execute "Hello world" in three code languages of your choice. Set up a necessary development environments.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h6.md#a-write-and-execute-hello-world-in-three-code-languages-of-your-choice-set-up-a-necessary-development-environments)
- [Perl (hello.pl)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h6.md#perl-hellopl)
- [Perl (hello.pl)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h6.md#perl-hellopl)
- [Python 3 (hello.py)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h6.md#python-3-hellopy)
- [Python 3 (hello.py)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h6.md#python-3-hellopy)
- [C (hello.c)](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h6.md#c-helloc)
- [C (hello.c)](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h6.md#c-helloc)
- [b) **Custom program** (optional) Write a simple program for some practical purpose with each language. Ideas: utilize the key benefits of your language of choice. Take an input value from a user, generate a calculation and print the output (input-processing-layout).](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h6.md#b-optional-write-a-simple-program-for-some-practical-purpose-with-each-language-ideas-utilize-the-key-benefits-of-your-language-of-choice-take-an-input-value-from-a-user-generate-a-calculation-and-print-the-output-input-processing-layout)
- [b) **Custom program** (optional) Write a simple program for some practical purpose with each language. Ideas: utilize the key benefits of your language of choice. Take an input value from a user, generate a calculation and print the output (input-processing-layout).](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h6.md#b-optional-write-a-simple-program-for-some-practical-purpose-with-each-language-ideas-utilize-the-key-benefits-of-your-language-of-choice-take-an-input-value-from-a-user-generate-a-calculation-and-print-the-output-input-processing-layout)
-------------- --------------


+ 13
- 13
exercises/h7.md View File

@ -9,23 +9,23 @@ This exercise is a part of [Linux Server Administration (ICT4TN021, spring 2018)
*Table of contents:* *Table of contents:*
-------------- --------------
- [a) **Practical lab test** Solve a previously published final major test of this school course (You can find them with DuckDuckGo or Google).](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#a-solve-a-previously-published-final-major-test-of-this-school-course-you-can-find-them-with-duckduckgo-or-google)
- [a) **Practical lab test** Solve a previously published final major test of this school course (You can find them with DuckDuckGo or Google).](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#a-solve-a-previously-published-final-major-test-of-this-school-course-you-can-find-them-with-duckduckgo-or-google)
- [Initial set-up for remote control of a server](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#initial-set-up-for-remote-control-of-a-server)
- [Initial set-up for remote control of a server](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#initial-set-up-for-remote-control-of-a-server)
- [Security set-up for a company](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#security-set-up-for-a-company)
- [Security set-up for a company](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#security-set-up-for-a-company)
- [System statistics](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#system-statistics)
- [System statistics](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#system-statistics)
- [PHP from abroad](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#php-from-abroad)
- [PHP from abroad](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#php-from-abroad)
- [iot12tools - IoT tools for users](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#iot12tools---iot-tools-for-users)
- [iot12tools - IoT tools for users](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#iot12tools---iot-tools-for-users)
- [Hello Python 3](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#hello-python-3)
- [Hello Python 3](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#hello-python-3)
- [c) **Free-will Linux usage** (optional) Use Linux outside the course scope.](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#c-optional-use-linux-outside-the-course-scope)
- [c) **Free-will Linux usage** (optional) Use Linux outside the course scope.](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#c-optional-use-linux-outside-the-course-scope)
- [About my Linux usage](https://github.com/Fincer/linux_server_setup/blob/master/exercises/h7.md#about-my-linux-usage)
- [About my Linux usage](https://github.com/Fincer/linux-server-setup/blob/master/exercises/h7.md#about-my-linux-usage)
-------------- --------------
@ -152,7 +152,7 @@ sar 2 -o $HOME/sysstat.file
The file can be analysed afterwards with `sar` command in the end of the assignment. The file can be analysed afterwards with `sar` command in the end of the assignment.
![sysstat_cpu-mem](https://github.com/Fincer/linux_server_setup/blob/master/images/sar_stats_cpu-ram.png)
![sysstat_cpu-mem](https://github.com/Fincer/linux-server-setup/blob/master/images/sar_stats_cpu-ram.png)
Short analysis, based on the picture above: Short analysis, based on the picture above:
@ -349,7 +349,7 @@ for user in mmehilal po ojaara jdo vvrij mmottone jahka hswarz mmaitopa; do xdg-
Screenshot of user-specific PHP sites on the configured server environment: Screenshot of user-specific PHP sites on the configured server environment:
![apache-php-multiple](https://github.com/Fincer/linux_server_setup/blob/master/images/apache_phpinfo_multiple.png)
![apache-php-multiple](https://github.com/Fincer/linux-server-setup/blob/master/images/apache_phpinfo_multiple.png)
Checking permissions for each `index.php` files & `public_html` directories: Checking permissions for each `index.php` files & `public_html` directories:
@ -513,9 +513,9 @@ The output is as desired, `Hello World`, indicating that we have successfully in
The following pictures demonstrate [Arch Linux ARM](https://archlinuxarm.org/platforms/armv6/raspberry-pi) running on my Raspberry Pi 1 Model B. The solution is quite rushed but it works technically: The following pictures demonstrate [Arch Linux ARM](https://archlinuxarm.org/platforms/armv6/raspberry-pi) running on my Raspberry Pi 1 Model B. The solution is quite rushed but it works technically:
![rpi1b_archlinux-1](https://github.com/Fincer/linux_server_setup/blob/master/images/rpi1b_archlinux_1.jpg)
![rpi1b_archlinux-1](https://github.com/Fincer/linux-server-setup/blob/master/images/rpi1b_archlinux_1.jpg)
![rpi1b_archlinux-2](https://github.com/Fincer/linux_server_setup/blob/master/images/rpi1b_archlinux_2.jpg)
![rpi1b_archlinux-2](https://github.com/Fincer/linux-server-setup/blob/master/images/rpi1b_archlinux_2.jpg)
- Display: [Lilliput 869GL](http://www.lilliputuk.com/monitors/hdmi/869gl/) - Display: [Lilliput 869GL](http://www.lilliputuk.com/monitors/hdmi/869gl/)


Loading…
Cancel
Save