CS 279 - Week 15 Lecture 1 - 2022-12-05
TODAY WE WILL
* announcements
* a few items related to UNIX/Linux system administration
* [if time] maybe another interesting UNIX utility or two
* prep for next class
* Should be working on Homework 10! Due Friday, 11:59 pm
* Please consider filling out course evaluations by 11:59 pm
on Sunday, December 11
* we'll review for the Final Exam on WEDNESDAY,
and THURSDAY's lab will be an opportunity to work
on HW 10, polish previous since-Exam-2 HW problems you are
still polishing, etc.
====
a few items related to UNIX/Linux system administration
====
* GOOD suggestion from David Tuttle:
* when you are are setting up your own Linux box:
make TWO accounts for yourself:
* you admin account
* AND your everyday use account
* LESS likely you will accidentally do something
that's more powerful/damaging than you intend!!!!!
* my more-NOVICE suggestion:
* keep a directory/file/notebook/etc/SOMETHING of notes
about STUFF-THAT-WORKS,
that you can refer to NEXT time you need to do
an important-but-not-frequent task
* (yes, it CAN save time compared just googling every time...!)
=====
sudo
=====
* David's crusade: ESS-YEW-DEW
* ...because it does stand for super user do... 8-)
* allows one to perform superuser-level actions
* one way of determining who CAN do this:
via a sudoers file
* you can see documentation giving an EXAMPLE of
such a file on nrs-projects!
/usr/share/doc/sudo-1.8.23/examples/sudoers
* https://xkcd.com/838/
* if you have the permissions,
to just BECOME a superuser for a while:
sudo su
(and enter your password when prompted)
* it is considered safer, if you just have one thing to do,
to just say "I want to do JUST this command as superuser":
sudo <desired-command>
[the first time you do this within a period of time,
you'll be prompted for your password]
sudo ls ~st10-test
* NOTE: SOMETIMES you'll need to give the FULL pathname
for a command using sudo <command>
(and sometimes you don't...!)
* remember that the which command, or find if needed,
can be helpful then
=====
NOTE THE FOLLOWING!!!!!
=====
[279test2@nrs-projects ~]$ sudo groupadd cs279
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for 279test2:
* https://xkcd.com/149/
=====
useradd
=====
* allows someone with superuser privileges the ability
to make a new user account
sudo /usr/sbin/useradd <new-username>
* you can (in theory) remove users (if you have superuser privileges)
with the userdel command
* oh -- may not remove their former home directory, however...!
* (but you can use sudo to then remove it -- carefully, of course)
=====
passwd
=====
* to set a password for your account, or,
with superuser access, another account
[I'm NOT SURE you want to this on nrs-projects for
your account there -- it is connected to the campus
authentication system, and MIGHT be issues if you
don't just stick to the Humboldt Accounts Center
for changing/syncing your password...]
=====
adding, removing users from groups
=====
* (so you have groups of users where the three middle permissions
of UNIX files are significant!)
* groupadd - lets you ADD a group
sudo groupadd cs279
* groupdel - lets you REMOVE a group
* AND how add users to that?
* there may be other ways as well --
it CAN work to go to the file /etc/group and carefully
add the users to the group name there
=====
example of another kind sysadmin task:
turning on a daemon
=====
* here, for example, on SOME kinds of systems,
is how a superuser can stop and restart
the httpd daemon, which services web page requests:
cd /etc/init.d
sudo ./httpd stop # to stop the specified daemon process
sudo ./httpd start # to start the specified daemon process
====
host
====
* a simple utility of performing DNS - Domain Name System - lookups
(typically used to convert names to IP (Internet Protocol) addresses
and vice versa
BUT you can also use it with a domain name to find out
some interesting stuff:
host humboldt.edu
* and of course it has other options as well
=====
~/.ssh/known_hosts
=====
* on some Linux systems, where systems you have said you
trust/know are noted
* if a machine you have connected to (like nrs-projects)
gets RE-created, you may need to carefully delete its
entry from this file;