====== List of Administration Tasks ====== >> Deadline: Thursday, 4/26/18, 11:59pm >> This is a growing list of mandatory system administration/configuration tasks that count toward your **Projects** grade. >> Each task must be accompanied by a detailed entry in your administration journal (See [[cs_471_assignments|Assignment 1]]). ---- ===== Linux Virtual Machine ===== - Normal user account for yourself - Normal user account for user ''jchung'' - set password for ''jchung'' and email password to jchung@monmouth.edu - //dhclient// configured to request a desired hostname - See the files ''/etc/hostname'' and ''/etc/dhcp/dhclient.conf'' - //sshd// running - Packages installed: //aptitude less links mc mutt sudo vim vlock wget// - See the [[cs_471_-_introduction_unix_installation|first week notes]] on how to install packages in the class Linux distribution. - Note which host computer in HH310 is running your Linux virtual machine, i.e. csselin06, csselin14, etc. - Packages installed: //mlocate curl// - Run //monitor471.sh// or //monitor471.pl// via //cron// on rockhopper - Journal entry includes code of //monitor471// script as well as crontab entry(s). - Install packages: //strace// - Configure your system to [[cs_471_-_processes_users_software#fork_bombs_ulimits|prevent fork bombs]], if necessary. - Install packages: [[cs_471_-_software_management#software_packagesgoogle_chrome|Google Chrome]], [[cs_471_-_software_management#software_packagesrootkit_hunter|Rootkit Hunter]], [[cs_471_-_software_management#software_packagesdrjava_and_bluej|DrJava and BlueJ]] - Install and configure the //[[cs_471_-_configuration_management_with_puppet_supplement|puppet and puppetmaster]]// packages. - Install and configure the [[cs_471_-_email_networked_file_systems_system_file_sharing#the_postfix_mta|Postfix MTA]] - Install and configure [[cs_471_-_email_networked_file_systems_system_file_sharing#network_file_system_nfs1|NFS server]]; install the //nfs-kernel-server// and //nfs-common// packages. - Install and configure [[cs_471_-_email_networked_file_systems_system_file_sharing#the_samba_network_file_system|Samba]]. - Create and use the //[[cs_471_-_security_logging_backups#the_wheel_group|wheel]]// group to restrict access to ///bin/su//. - Install and configure //[[cs_471_-_security_logging_backups?&#install_and_configure_logwatch|logwatch]]// to email yourself a report once per day. - Check your VM for vulnerability to [[cs_471_-_security_logging_backups?&#check_for_and_mitigate_meltdownspectre_vulnerability|Meltdown/Spectre]]. Install a new kernel and reboot. ===== Linux Container(s) ===== - Normal user account for yourself - Your normal user and ''jchung'' added to ''sudo'' group - Add container hostname to //monitor471.sh// or //monitor471.pl// in your ''~/bin'' directory. - Write a //[[https://docs.google.com/document/d/1S-GZoZJgHPi7Wdksuv91pyGjFPh-Z8KAQ2DW9n9-D5s/edit#bookmark=id.v1xwxovrvvbb|cssh471 script]]// to ssh to all of your Linux systems simultaneously. - Install and configure the //[[cs_471_-_configuration_management_with_puppet_supplement|puppet]]// package. - Install and configure as [[cs_471_-_email_networked_file_systems_system_file_sharing#network_file_system_nfs1|NFS client]]; install the //nfs-common// package. - Install and run //john// to [[cs_471_-_security_logging_backups?&#password_checking_with_john|audit user passwords]]. - Install and configure //rsnapshot// to perform [[cs_471_-_security_logging_backups?&#backups_with_rsnapshot|system backups]]. ----