CS 480 M01 Fall 2022 - Homework Assignment #2

Assignment:

In your report / assignment submission and for each exercise below and whenever applicable explain what you did to accomplish the task. Make sure that you list and discuss all steps made, commands used together with their options, and problems encountered

1. 25 points
   Read man page (from sections 1 , 5, or 8) for every command / program / config file / ... listed below (try the commands while reading) and in a short paragraph and in your own words describe what is each command / file / ... for. The paragraph should be at least 3-5 lines long and it cannot be just a copied text from the man page. Use your own words! Also, for each command listed choose an extra option (not the help nor version options) and describe a situation in which you would use it and how (another line or two in your own words per option per command). In case of the commands with long man pages and many options choose (zypper for example) at least two options and describe situations in which you would use them.
   
   1. bzip2
   2. find
   3. grep
   4. kill ( command )
   5. man
   6. reboot
   7. rpm
   8. scp
   9. script
   10. shutdown
   11. ssh
   12. su
   13. sudo
   14. sudoers
   15. tar
   16. tune2fs
   17. visudo
   18. yast
   19. zypper
2. 4 points
   Disable online software repositories and install missing man pages
   • Use zypper command to see what online repositories are configured at the moment.
     Your listing should look similar to this:

     # | Alias                       | Name                               | Enabled | GPG Check | Refresh | Priority | Type | URI                                                                                  | Service
     --+-----------------------------+------------------------------------+---------+-----------+---------+----------+------+--------------------------------------------------------------------------------------+--------
      1| openSUSE-Leap-15.4-1        | openSUSE-Leap-15.4-1               | Yes     | (r ) Yes  | No      |   99     |rpm-md| cd:/?devices=/dev/disk/by-id/ata-VMware_Virtual_IDE_CDROM_Drive_10000000000000000001 | 
      2| repo-backports-debug-update | Update repository with updates ... | No      | ----      | ----    |   99     | NONE | http://download.opensuse.org/update/leap/15.4/backports_debug/                       | 
      3| repo-backports-update       | Update repository of openSUSE B... | Yes     | ( p) Yes  | Yes     |   99     | NONE | http://download.opensuse.org/update/leap/15.4/backports/                             | 
      4| repo-debug                  | Debug Repository                   | No      | ----      | ----    |   99     | NONE | http://download.opensuse.org/debug/distribution/leap/15.4/repo/oss/                  | 
      5| repo-debug-non-oss          | Debug Repository (Non-OSS)         | No      | ----      | ----    |   99     | NONE | http://download.opensuse.org/debug/distribution/leap/15.4/repo/non-oss/              | 
      6| repo-debug-update           | Update Repository (Debug)          | No      | ----      | ----    |   99     | NONE | http://download.opensuse.org/debug/update/leap/15.4/oss/                             | 
      7| repo-debug-update-non-oss   | Update Repository (Debug, Non-OSS) | No      | ----      | ----    |   99     | NONE | http://download.opensuse.org/debug/update/leap/15.4/non-oss/                         | 
      8| repo-non-oss                | Non-OSS Repository                 | Yes     | ( p) Yes  | Yes     |   99     | NONE | http://download.opensuse.org/distribution/leap/15.4/repo/non-oss/                    | 
      9| repo-oss                    | Main Repository                    | Yes     | ( p) Yes  | Yes     |   99     | NONE | http://download.opensuse.org/distribution/leap/15.4/repo/oss/                        | 
     10| repo-sle-debug-update       | Update repository with debuginf... | No      | ----      | ----    |   99     | NONE | http://download.opensuse.org/debug/update/leap/15.4/sle/                             | 
     11| repo-sle-update             | Update repository with updates ... | Yes     | ( p) Yes  | Yes     |   99     | NONE | http://download.opensuse.org/update/leap/15.4/sle/                                   | 
     12| repo-source                 | Source Repository                  | No      | ----      | ----    |   99     | NONE | http://download.opensuse.org/source/distribution/leap/15.4/repo/oss/                 | 
     13| repo-update                 | Main Update Repository             | Yes     | ( p) Yes  | Yes     |   99     | NONE | http://download.opensuse.org/update/leap/15.4/oss/                                   | 
     14| repo-update-non-oss         | Update Repository (Non-Oss)        | Yes     | ( p) Yes  | Yes     |   99     | NONE | http://download.opensuse.org/update/leap/15.4/non-oss/                               | 
     			

     What command options did you use to see them all and listed with the URI included?
     Remove all repositories that have URI starting with "http".
   • Download (scp) perl-doc RPM package for the missing Perl man pages from lbc(csvm3) currently in the /tmp/CS480 directory and install it into your cs480 virtual machine. Test it by running   man perldata   and   man perlfunc .
3. 15 points
   Create two entries for the sudoers configuration file:
   1. One entry that allows users jim and joe   adjust tunable filesystem parameters on ext2/ext3/ext4 filesystems.
      These two users (and only them) can run command /sbin/tune2fs   through sudo on your own machine and also on the machine named lbc  
      The same sudoers   file
      copied onto another machine (other then lbc) will not allow jim and joe to run needed command with elevated privileges.
   2. One entry that allows bob, bill, and barbara to kill jobs on all 192.168.8.x/24 hosts and reboot them.

   Create all users needed for the assignment on your cs480 virtual machine using yast.
   BUT do not to use yast for sudo configuration! Instead, use the visudo command to modify the sudoers file.
   Assume that none of the users mentioned above knows root's password. Make sure that sudo works for your users on your VM as expected without them knowing root's password
   Check the sudoers file carefully for instructions on how to disable the default (unconfigured) behavior when sudo asks for target user's password (root's password).
   Test it all!
   For example, log into the system as user barbara and test that she can kill any process.
   Remember that Barbara does not know root's password. She needs to authenticate to sudo using HER OWN password!
   

4. 10 points
   Write a PERL script that reads two files /etc/passwd and /etc/group and enumerates system's users and their groups. For each user name, print the user's UID and all the groups (group names not just group IDs) of which the user is a member. The first group listed for a user has to be his/her default group (per passwd file).

   Note: I uploaded Perl related chapter from the previous edition of our textbook to canvas.
   I believe that the chapter explains the language sufficiently for anything that we will need in our class.

   Execute the script on your cs480 virtual host and submit a transcript of the session showing the correct execution of your program.
   Example of the desired output:

   ivan@ivan:~/cs480> ./2.4.pl 
   root id=0 groups:  root
   messagebus id=499 groups:  messagebus
   systemd-network id=497 groups:  systemd-network
   ...
   sshd id=488 groups:  sshd
   ivan id=1000 groups:  users

5. 10 points
   Use the find command with the -perm option to locate five suid files on your system. For each file, explain why the setuid mechanism is necessary for the command to function properly. (Be specific! What file / device / system call / ... is used by the command / program and why / how is the root privilege needed)
6. 6 points
   Explain the relationship between a file's UID and running process's real UID and effective UID. What is the purpose of a process's effective UID?

NOTE: Your solutions to all of the exercises above must be implemented, tested, and needs to execute correctly on your cs480 virtual machine. Among your attachments (as part of the tar.bz2 file) submit also transcript file showing the correct execution of the script on your cs480 virtual machine. As shown in the example below, you can use the script command to record the session and submit the resulting files (2.4_trascript.txt for the execution of the perl script) with your homework assignment as part of your bz2 file submitted into your directory under /home/CS480.
Example:

		ivan:~/cs480 # ls -al 
		total 4
		drwxr-xr-x 1 root root  12 Aug 26 11:36 .
		drwx------ 1 root root  94 Aug 26 11:36 ..
		-rwx------ 1 root root 777 Aug 26 11:29 2.4.pl
		ivan:~/cs480 # script 2.4_trascript.txt
		Script started, output log file is '2.4_trascript.txt'.
		ivan:~/cs480 # ./2.4.pl 
		root id=0 groups:  root
		messagebus id=499 groups:  messagebus
		systemd-network id=497 groups:  systemd-network
		...
		sshd id=488 groups:  sshd
		ivan id=1000 groups:  users
		ivan:~/cs480 # exit
		exit
		Script done.
		ivan:~/cs480 # ls -al 
		total 8
		drwxr-xr-x 1 root root  46 Aug 26 11:37 .
		drwx------ 1 root root  94 Aug 26 11:36 ..
		-rwx------ 1 root root 777 Aug 26 11:29 2.4.pl
		-rw-r--r-- 1 root root 838 Aug 26 11:37 2.4_trascript.txt
	

Submitted files, overall quality, length, and feedback:

11. 5 pts : Submit all relevant files you modified during the lab (into the /home/CS480/yourcsloginname directory as part of the tar.bz2 file) . Exactly two files need to be submitted: One file being your report in PDF is to be submitted on the Blackboard. The other file is the tar.bz2 file containing everything else and it gets submitted into /home/CS480 (On you virtual machine pack the files together using tar and bzip2, and copy them using scp from your virtual computer into your cs account )
12.  10 pts - Submit your report as a PDF document through learn.nmsu.edu and all supporting documents, programs, and execution transcripts as part of the tar.bz2 file in your directory under /home/CS480. The report has to contain answers to all questions above, and for the practical problems on your computer describe in detail choices you made, difficulties you encountered, and how did you deal with them.
13. 5 pts - Feedback: In the last paragraph of your report estimate how much time you spent on this assignment. Describe what was hard, easy, interesting, boring or confusing.

Please remember the submission requirements:

Two files need to be submitted for every assignment :
1. The first file is your typed report .
   It has to be submitted through http://learn.nmsu.edu as one file / document and it has to be in the PDF format.
   No other format will be accepted. The name of the file has to contain your name and assignment/lab number separated by "_" (If your name is John Snow then the name of the document submitted for this assignment needs to be John_Snow_HW02.pdf).  
2. The second file to be submitted into your directory under /home/CS480 directory has to be a tar.bz2 file that contains all other files related to the assignment.
   It will contain all relevant files that you modified for the assignment. Everything that was done to finish the lab, modify your system, write, run and verify submitted programs and scripts used needs to be included in the submitted tar.bz2 file. That includes all your system configuration files modified for the lab/assignment as well as programs and scripts written (including complete source code, supporting shell scripts, test data input files, ...). The name of the tar.bz2 file has to contain your CS login name and the lab number separated by "_" (if your cs login name was jsnow then the file's name for this assignment will be jsnow_Lab02.tar.bz2 ).   The files submitted as part of the tar.bz2 file have to be exact copies as found on your cs480 lab system.

If you want to correct or add something to already submitted assignment than you need to do so before the deadline and resubmit the whole report again and also resubmit your new tar.bz2 file .

Please remember that late submissions are penalized 20% / day and NO submissions that are late 3 or more days will be accepted. You can be late at most 2 days to receive any points.