Reference no: EM132205216
Task
In this assignment, you will develop simple scripts to manage the user and file system whilst developing some expertise in managing a complex file system.
Part 1: Automated Account Management
You have been asked by your boss to prepare two shell scripts which manage user information:
1. You are to prepare a simple shell script which reads a text file called backup.txt. The file is in the form
allen /home/allen Allen John
jeff /home/jeff Jeff Jackson
chandana /home/chandana Chandana Withana
anto /home/anto Antonio Buck
and creates these users on the system without any interactive input by run script one time only. To do this you will need to use the adduser(1) and passwd(1) commands. You will need to randomly produce the password and report this to the administrator.
You can assume the fields being username, home directory and GCOS string are separated by a single white space.
You can assume all users are in the same group. The program should output the username and generated password once created.
2. Management of users is important particularly an account to change the password in every 60 days. Write a shell
(.sh) script that takes a single argument being a username, looks for the account in /etc/passwd, force the accounts above to change their password in every 60 days, and archives their home directory into a systemdate.tar.gz file. You will receive more marks if you avoid using the standard user management tools. systemdate should be mmddhhmmyyyy at the time of the script run.
Part 2: Designing File Systems
Using the internet to research and provide the best possible ways to back up your Linux data storage to Google Engine or AWS S3. The design should include a diagram, programming environment that may need such as Python or Perl, the actual commands to copy the data from local Linux folder to your predefined cloud buckets' folder. Document this accordingly along with a suitable rationale for your design.
Part 3: Implementing the Filesystem with Ubuntu
Given the strategy defined in part two, your job is to implement the storage system.
With your Ubuntu Linux to setup ZFS pools of storage are created to meet the above requirements including redundancy and backups. To achieve this, use the mirroring and snapshot features of ZFS. Each addition HDD should contain at least 5 GB for this demonstration.
Document the steps taken.
Part 4: Making the File System accessible and robust using both CentOS and Ubuntu
In this task, you need set an NFS filesharing storage. Either CentOS or Ubuntu can act as NFS server or client. The implementation should include install NFS server and client, /etc/exports file configuration, mounting shared folder from server to client NFS, and finally any changed at client mounted folder should able to see from server shared folder.
Document the steps taken.
Part 5: File System Management with Scripts
Now that you have a plan for the storage there are a few housekeeping matters to take care of because users tend to be somewhat liberal with their storage.
1. Write a script to make sure that user home directories and files are owned and only accessible by the owner. The script should be run by root only.
2. Finally, write a script which takes as an argument the filesystem name e.g. /home and looks for objects which larger than 1 MB then delete them and send all deleted files to a deleted.txt and this file to be located in /home/user_home_folder/mmddhhyyyy.deleted.txt. For instance, for user john would have /home/john/mmddhhyyyy.deleted.txt
When these files are found a summary should be produced including where they are and the size. The script should also remove the files.
Assessment item - Managing Services and Security
Task
Your job in this assignment is to create two Virtual machines each running a different but the latest distribution of Linux Ubuntu Server and CentOS. Each of these VM's is to offer services to a user base.
The Virtual Machines can be implemented using any hypervisor e.g. VMWare Player, Virtual Box or anything else you think is appropriate.
You can use bridged or host-only networking when setting up these Virtual Machines. When implementing the Virtual Machines, rather than obtaining an address from the Hypervisors DHCP server you should ensure the addresses used are static and assigned from your network. YOU WILL NEED TO WORK OUT WHAT ADDRESS SPACE YOU ARE USING AND HOW IT WILL IMPACT YOUR LAN.
Part 1: Virtual Machine One - DNS & SSH Server
The first Virtual Machine should be installed and have the BIND (DNS) server installed on it. While you do not own any address space/ namespace your name server should manage the following domains:
your_last_name.net.au
The name server should answer queries for this domain. In addition to the your_last_name.net.au zone, a zone should be set up for the reverse zone - the reverse zone would be whatever the address range is of your virtual machine. You should do some research on how Bind handles reverse zones.
You should set up the your_last_name.net.au zone with the usual information including SOA, NS and other records where appropriate. The address used for this should be the address of the virtual machine. You should give this Virtual Machine an A record with the name Ubuntu Linux. You should also create an A record for CentOS.
In addition to this, you should create a CNAME record with the name www. When a user does a lookup on www.your_last_name.net.au - the address returned should be that of the CentOS.
Be sure to create the appropriate reverse (PTR) records for the machines and to help other administrators be sure to put in place appropriate TXT records.
Once complete, you should fine-tune your DNS Servers Virtual machine. Do this by disabling services that were installed but are not required. Be very careful not to break anything here. As a tip, you will want to keep both DNS, SSH, database and web services active. Ensure DNS, SSH, database and web services are invoked at startup.
Finally, harden this two Linux using a firewall. Set up filters which allow access to the services possibly being access to your Linux from anywhere for DNS, web and restrict SSH and database only accessible from your two Linux servers only. You can assume this incoming traffic can come from anywhere. You will need to make sure these rules always take affect at boot.
Your resolve test result should able to query from any of your server.
Document the entire process and challenges you experienced. You can install BIND from source or using your package manager.
Part 2: Virtual Machine Two - Web and Database servers
Once complete set up this Virtual Machine to host a website using the Apache Web Server and database server using MySQL or MariaDB. Ensure PHP is enabled with Apache and database services and able to show proof from phpinfo().
The Virtual Machine should have a statically assigned address which matches that specified in the A record for host www. Test your Apache Server Virtual Machine by using a web browser on another host and trying to browse the website www.your_last_name.net.au.
Finally, harden this host so that only services being used can be accessed by other machines. You will need to use iptables for CentOS or ufw for Ubuntu.
Part 3: Remote File Access
Provide two methods to transfer files to any of Linux server from remote. At least one is secured and another non-secure file transfer method.
Document the entire process and challenges you experienced.
Part 4: Simple Web Services
In Virtual Machine Two you set up a web server for the DNS student.your_last_name.net.au. The server is implemented using the HTTP protocol listening on port 80. Your challenge is to make the same site accessible using the HTTPS protocol. To do this set up SSL with a self-signed certificate for the site.
Once configured correctly you should be able to access your_last_name.net.au on both HTTP/HTTPS ports. Naturally, you will need to make appropriate changes to your firewall rules.
Attachment:- linux assignment.rar