Table of Contents
CS 471: List of Projects
Project 3 - Configuration Management II
Due date: Monday, 4/23/18, 11:59pm
Project presentation: Friday, 4/27/18, 2:40pm
Using ansible roles and playbooks, complete the following tasks on both your VM and container Linux systems:
- basic role: (Add to the basic role that you should already have.)
- task
- Copy the file Atom-1.10.2-x86_64.AppImage to /usr/local/bin on the 2 target machines.
- Make sure that it is owned by root and has permission mode 0755.
- Create a symbolic link /usr/local/bin/atom that links to /usr/local/bin/Atom-1.10.2-x86_64.AppImage.
- security role: (This is a new role that you will need to create.)
- task
- Create the wheel group and use it to harden the /bin/su command.
- This task includes adding yourself (your userid) to the wheel group.
- Make sure that you append yourself to the wheel group.
- task
- Allow SSH logins to a small set of allowed users.
- Only you and user jchung should be allowed to SSH into your system.
- task
- Ensure that the package libpam-cracklib is installed to enforce the use of stronger passwords.
You will create all needed ansible config files in your student home directory, under the ~/cs471ansible directory. Dropbox a zip file cs471ansible.zip containing the directory contents.
Full documentation for this project must be included in your admin journals, which you will also dropbox. Documentation must include the contents of all ansible config files that you create or edit to complete this project.
Project 2 - Configuration Management I
Due date: Wednesday, 4/4/18, 11:59pm
This is not a group project.
Using puppet, create the users in the Project 1 sample userids and passwords list. Create the users on your puppet clients, i.e., your Linux containers. Use your VM as the puppet master. Using puppet, the users must have correct home directories created and must also be assigned the given passwords.
Full documentation for this project must be included in your admin journals, which you will dropbox. Documentation must include the contents of all puppet config files that you create or edit on the puppet master and client to complete this project.
Project 1 - Mass Account Creation
Due date: Wednesday, 2/21/18, 11:59pm
For an upcoming High School programming competition on 2/23/18, you will create a number of new accounts on the Linux computers in HH 305. You will split up into groups of 3. Each group will be responsible for a row of 6 computers. The groups and their assigned computers are as follows:
Group Computers Group Members ----- --------------------------- ------------- row 1 cssemaclin02 - cssemaclin07 Aguirre, Aly, Shober row 2 cssemaclin08 - cssemaclin13 DeRosa, Kaur, Rohn row 3 cssemaclin14 - cssemaclin19 Berry, Terracciano, Tomkus row 4 cssemaclin20 - cssemaclin25 Barbosa, Bourne, Capper
You will be given a list of userids and passwords later. In the meanwhile, do trial runs on your VMs with a sample userids and passwords list.
To create these accounts, you are required to use a command and/or a shell script. Do not try to manually create these accounts one by one.
A couple of relevant entries from my journal are at http://bit.ly/2E7YEMy.
You may also use existing account creation scripts or programs (any language), as long as you cite the source (URL).
You will document the steps in detail in your journals, including any input files and script source code. Your grade will depend on whether you've correctly created the accounts and the correctness of the documentation in your journals.
Correctly created accounts include:
- home directory created for each account with correct ownership/permissions
- shell config files (.bash*, etc) copied into home directory from
/etc/skel
When your group is ready to create the actual accounts in HH 305, you will be given sudo access to the needed commands on your designated row of computers.
- Your group is ready when all members have successfully done a trial run of your group's account-creating program on their VMs.
2/20/18: See cssegit.monmouth.edu for the final list of userids and passwords.