Assignment title: Information
csc3412 Assignment 2
Semester 1, 2016
Due Date: 11:55pm 9 May 2016, AEST
This assignment consists of 3 questions each of equal value. They consist of common tasks required of a system administrator—tasks I have
had to do at some time in the past.
Clear Layout
It is vitally important that your assignment is clearly laid out with questions and parts of questions clearly defined. It must be a straight forward matter for the examiner to determine that you have completed
each exercise satisfactorily. We want quality not quantity. Poorly organised submissions will be rejected or receive a poor mark.
A text file or PDF/A document typeset using vanilla L ATEX are preferred
over a document produced by a word-processor. If you must use Microsoft Word please export your document as PDF/A1 not PDF.
Command Output
When answering these questions you will have to run commands under
Linux—whenever a command is run you will need to:
a. explain in your own words the purpose of the command in the
context of the assignment question. (Please do not just copy the
"Description" section from the man page!) Also, you need to explain in your own words all terminology used—as if you were explaining to an average user! (Please show you understand what
you are doing!)
b. show that the command worked—either from its output or the
output from another command. For example
prompt> dd if=/dev/zero of=Crypt.fs bs=1M count=32
32+0 records in
32+0 records out
33554432 bytes (34 MB) copied, 0.109063 s, 308 MB/s
1 PDF/A is an archival format of PDF that embeds all fonts used in the document within
the PDF file. To ensure PDF/A format in Word check "ISO-19005-compliant (PDF/A)"
under "Options" when saving a file as PDF.
prompt> ls -l Crypt.fs
-rw-r--r-- 1 user user 33554432 2010-02-25 10:18 Crypt.fs
c. To capture text output from programs you will have to redirect
the output to a file or use the command script. If you are using the command script turn off the tty escape sequences that
change the colour of console text—the escape sequences will appear in output file and make it impossible to read.
Late Submission of Assignments
Students can apply for an extension of time to submit an assignment at
any time up to the deadline. Students are advised to make a request for
an extension as soon as their need becomes apparent. Delay in making
a request involves the risk of losing marks if the request is refused.
The examiner may grant a short extension of the deadline for submission of an assignment. Extensions are usually granted only in cases of
Compassionate and Compelling Circumstances in accordance with the
Assessment of Compassionate and Compelling Circumstances Procedure. Generally, extensions will be limited to a maximum of five University Business Days. A Student requiring an extension for a period of
time in excess of this should consider applying for a Deferred Assessment as per section 4.4 of the assessment procedure.
Applications for extensions must be made via email or USQAssist to the
examiner together with accompanying documentation as specified in
the Assessment of Compassionate and Compelling Circumstances Procedure.
An assignment submitted after the deadline without an approved extension of time will be penalised. The penalty for late submission without
a pre-approved extension is a reduction by 5% of the maximum mark
applicable for the assignment, for each University Business Day or part
business day that the assignment is late. An assignment submitted more
than ten University business days after the deadline will have a Mark
of zero recorded for that assignment.
The Examiner may refuse to accept assignments for assessment purposes after marked assignments and/or feedback have been released.
Please consult the USQ Assessment Procedure for the complete USQ
policy on assessment.
Non-submission of Assignments
As per the USQ Assessment Procedure — for a student who has failed to
achieve a passing final grade by 5% or less of the total weighted marks,
the Examiner, in agreement with the Moderator, will consider recommending to the Board of Examiners the undertaking of Supplementary
Assessment by the Student. This offer will normally only be made if
the Student has undertaken all of the required Summative Assessment
2
Items for the Course—that is, submitted all of the assignments!
Student Responsibilities
The assessment procedure also outlines the following student responsibilities:
• If requested, Students must be capable of providing a copy of Assignments submitted. Copies should be despatched to the University within 24 hours of receipt of a request being made.
• Students are responsible for submitting the correct Assignment.
• Assignment submissions must contain evidence of student effort
to address the requirements of the Assignment. In the absence
of evidence of Student effort to address the requirements of the
assignment, no Mark will be recorded for that Assessment Item.
• A Student may re-submit an Assignment at any time up to the
deadline. A request to re-submit after the deadline is dealt with in
accordance with section 4.4 'Deferred, Supplementary and Varied
Assessment and Special Consideration' of these procedures.
Academic Misconduct
Academic misconduct is unacceptable and includes plagiarism, collusion and cheating:
plagiarism : involves the use of another person's work without full and clear
referencing and acknowledgement;
cheating : involves presenting another student's work as your own;
collusion : is a specific type of cheating, that occurs when two or more students fail to abide by directions from the examiner regarding the
permitted level of collaboration on an assessment.
All are seen by the University as acts of misconduct for which you can
be penalised. For further details go to the Library's site on What is
Plagiarism.
3
Question 1 (marks 20)
An important service provided by any system is the ability to run a
process on a predetermined schedule without human intervention. The
"automation" of tasks can reduce the workload of the system administrator significantly. Unfortunately Linux currently offers not one service but potentially three—cron, anacron, and systemd timer units.
In about a page compare and contrast all three systems. Illustrate your
discussion by writing cron, anacron, and systemd timer files to
run the command date both daily and weekly.
Notes:
a. It says "compare" and "contrast"—so explain how they are the
same and how they are different.
b. Your answers must be written in your own words.
c. Any technical term used must be explained.
d. Do not discuss the package systemd-cron. Write and test the
systemd service and timer files yourself.
e. The system files /etc/anacrontab and /etc/crontab are a
good starting point for examples of configuration files.
f. One way to test a crontab file or a anacrontab file, or systemd service and timer files is to use the date command as the
command to be run. The output from the command sent to a file
effectively timestamps when it was run by your scheduler.
g. Some sources of information:
Cron:
• The text book
• man 5 crontab
Anacron:
• The text book
• man 5 anacrontab
Systemd timer unit:
• https://wiki.archlinux.org/index.php/Systemd/
Timers
• http://www.certdepot.net/rhel7-use-systemd-timers/
h. List all resources used in answering the question.
4
Question 2 (marks 20)
The web administrator of your organisation needs to login remotely to
the machine that is running the organisation's public web site.
You tell her that the only way to login is via The Secure Shell—which
she knows nothing about! Assuming she is logging in via a Linux box
write a help document for her containing the following—
a. (6 marks) A short introduction to SSH, explaining why it is the
preferred way of logging into a remote machine—this explanation
will need to discuss symmetric and asymmetric key encryption.
b. (7 marks) A discussion of the contents of the file
~/.ssh/known_hosts.
Your discussion should include (but not be limitted to):
• how the file is populated,
• how the keys in the file are used by SSH,
• a discussion of "man-in-the-middle" attacks,
• why the hostnames in the file are "hashed", and
• how individual keys can be deleted by ssh-keygen.
c. (7 marks) A description how to configure access so that no passwords are needed—that is by using user asymmetric keys. This
will require a discussion (with examples) of the command sshkeygen, the file ~/.ssh/authorized_keys, passphrase protected keys and the commands ssh-agent and ssh-add.
Notes:
a. Any technical term used must be explained.
b. Your virtual Debian has the SSH dæmon installed and running
by default—so you can SSH to it from the host system or from a
second virtual machine.
c. Your virtual machine has two network interfaces configured—a
host only interface and a NAT interface. To bring the host only
network "up" study the man pages interfaces(5), ifup(8)
and ifdown(8).
d. You must show the relevant changes/parts of any files discussed.
e. This is a help document so you must explain (in your own words)
the purpose of every file and command mentioned (plus any command line options).
f. Be very clear which key (public or private) is stored on which
machine (remote or local)
5
g. Port forwarding, SSH tunnels and firewalls need not be discussed—
they will be covered later in the course.
Question 3 (marks 20)
A user comes to you requesting that you create and implement a backup
policy for his desktop machine. What he wants, is to be able to place a
blank DVD in his Single-Sided DVD-burner at the end of the working
day on a Friday and have all the files he has been working on for the
week backed up automatically that evening to the DVD!
After a bit more questioning you find out that:
• He frequently creates/deletes and changes files on a daily basis.
• He wants to be able to recover files for any given day.
• He only wants his home directory backed up.
• His home directory contains about 2Gbytes of data.
• His desktop machine has a spare disk (mounted as /spare) that
has plenty of free space for temporary storage.
Tasks that need to be done:
a. (8 marks) Using the information above design a backup policy.
Give a detailed description and justification of your backup-policy.
b. (12 marks) Using tar, a shell script or scripts and systemd timer
and service files to implement your backup policy.
Notes:
a. Explain in your own words each operation you needed to perform
to implement your backup policy. Your descriptions of each operation need to show you understand the purpose of the operation.
b. Use /spare as a temporary storage for backup files until they
are burnt to the DVD on Friday.
c. "Temporary Storage" means just that—cleanup /spare after a
successful burn.
d. A Single-sided DVD can only hold 4.2GiB (4.2×1024×1024×1024
bytes) of data.
e. The ISO9660 file-system—is the file-system used on Optical disks.
f. To write data to an optical disk a complete ISO9660 disk image
file containing the data, must be created on the local hard disk
and then burnt to the optical disk.
g. You will need utilities for creating ISO9660 images and burning
DVDs, have a look at the following packages dvd+rw-tools,
genisoimage, wodim.
h. List all resources used in answering the question.
6