WebSiteTemplate.org
AngelTech.US

Apple Certified Professional
Member of Apple Certification Alliance


Microsoft Certified Professional
Member of Microsoft Certified Professional

Having computer problems? Let our professionals solve them and help the poor at the same time!

Call us now (408) 916 - 3614 | support@angeltech.us

Linux/Unix

Create or delete bulk user accounts

In this example I use the two scripts create-newstudents and delete-newstudents to create and delete many student accounts every semester on Fedora 7 system. You may want to put them in the same protected folder that only you have access to. You can modify the script to fit other bulk accounts creation and deletion

create-newstudents

#!/bin/sh
NUMBER_OF_STUDENTS=2000
i=1001
NUMBER_OF_STUDENTS=$[ $i + $NUMBER_OF_STUDENTS ]
rm -f students-list.txt
while [ $i -ne $NUMBER_OF_STUDENTS ]
do
echo "student"$i":"$RANDOM$i"::501::/home/student"$i"/:/bin/bash" >> students-list.txt
i=$[ $i+1 ]
done
chmod 600 students-list.txt
newusers students-list.txt


NOTES: the above script will generate 2,000 accounts with student ID begin with "student1001". When the script finishes, you will have a students-list.txt file that contains username and password (in the passwd file format). This script uses built-in RANDOM function to generate random numbers for password; however, you can install "apg" (Automated Password Generator) rpm package and use it to generate password (you may encounter performance issues). Also, the built-in "newusers" command allow you to create/update bulk accounts in Fedora 7.

delete-newstudents

#!/bin/sh
DEL_STUDENTS="students-list.txt"

cat ${DEL_STUDENTS} | \
while read STUDENT
do
userdel -r $(echo ${STUDENT} | awk -F: '{print $1}')
done


NOTES: the above script will delete all user accounts and their home directory that generated earlier by the create-newstudents script

Configure Yum to Rollback in Time or Older Version:
The idea is to use a combination or yum and rpm commands in Fedora 7

  • Add the line tsflags=repackage to /etc/yum.conf to save yum rollback information
  • Add the lines below to /etc/rpm/macros (create 'macros' file if not existed) to save rpm rollback information
%_repackage_all_erasures 1
%_unsafe_rollbacks date_in_second                         //see this article for more details
%_repackage_dir /var/my_repackage_repository
  • When you want to rollback , perform an rpm Update with the --rollback or --oldpackage option. Examples:
rpm -Uhv --rollback '10:00 pm'
rpm -Uhv --rollback '2 hours ago'
rpm -Uhv --rollback 'july 4'
rpm -Uhv --oldpackage --nomd5 /var/my_repackage_repository/old_package.rpm

NOTES: to find date_in_second use command date --date="7/5/2005" +%s (Replace 7/5/2005 with a date that you want rpm to remember your rollback info)

How To Image Computer Disk Using dd and nc (netcat) Command:

Purpose: to replicate any Windows or Linux/Unix disk from one computer to many other computers.

Requirement:

- A Fedora LiveCD (I used Fedora 7 LiveCD as of Jun 30, 2007)
- A computer (Windows or Linux/UNIX) you want to take its image (I called it O for Original computer)
- A computer you want to replicate the image to (I called it D for Destination computer)
- A Linux/Unix computer with enough space to store the image of the O machine (I called it S for Storage machine)

Following are the steps:

  • Make the Original computer as perfect as you want before taking its image
  • Notice your Storage computer IP address (I use 192.168.1.3). Make sure its ipfilter/iptable/firewall is off. Lauch its Terminal program and type the following commands at the prompt #
# nc -l 8000 > mycomputer.img     

//basically you tell this computer to use netcat (nc) program to list on port 8000 and dump all the //content that it will receive from this port to mycomputer.img file
  • When O computer ready, boot it from the Fedora LiveCD, then lauch the Terminal program and type the following commands and the prompt #
# PATH=/bin:/sbin:$PATH     
//to set correct path so we can use some commands

# ifconfig eth0 add 192.168.1.2 netmask 255.255.255.0
//to assign the above IP address to the computer network card

# route add default gw 192.168.1.1
//to add the default gateway/router if needed (you don't have to do this)

# ping 192.168.1.3
//test to make sure you can see the Storage computer before you dump the image to it, if you can see //it, move on; if not, check your network connection

# dd if=/dev/sda bs=4k | nc -w 3 192.168.1.3 8000
//to dump Input File ("if" flag) using Block Size ("bs" flag) of 4K to the standard output (since we didn't //specify "of=path" flag) which will be piped to netcat (nc) program to tranfer to 192.168.1.3 on port //8000. Replace /dev/sda with the correct string that represents your computer hard drive that you //want to take the image
  • When the above step finishes, turn of your Original computer. You should have the O computer hard drive image in the mycomputer.img file on the S computer. Now boot the the Destination computer using the Fedora LiveCD
  • Launch the Terminal program and use the above step to set up its network, so this computer (192.168.1.2) can talk to the S computer at 192.168.1.3, then type the following command at the prompt #
# nc -l 8000 > dd of=/dev/sda
//tell netcat to listen on port 8000 and dump all the content that it will recieve from port 8000 to the dd //program where it will write to the Output File ("of" flag) /dev/sda
  • Go to the S computer and type the following command at the prompt #
# dd if=/tmp/mycomputer.img | nc 192.168.1.2 8000
//dump the mycomputer.img file content to the standard output (since we din't specify the "of" flag) which will be piped to the netcat (nc) program to transefer to 192.168.1.2 on port 8000
  • When finish, the Destination computer should has the same computer disk image as the Original computer. You can verify its partition table layout by using the following command on the D computer.
# fdisk /dev/sda
//The command allow you work with the "sda" devide, press "p" to print the partition table

 

Install and Configure FreeBSD on a Laptop

My laptop Compaq Evo N610c is powered by FreeBSD 6.0. I use it mainly for security testing on systems that I maintain at work. If you are maintaining any server OS, routingly you may want to test your servers from in and outside of your network to make sure they are not vulnerable to computer/network attacks. Many thanks to the authors/organizations of the following software:

Here are major steps that I used to build up my system:

I get FreeBSD iso from my eMac at work via ftp7.us.freebsd.org (in binary mode) make sure do md5 command to check your download. After that I use

hdiutil burn image_name.iso command to burn it to a CD

  1. Installed FreeBSD 6.0 in CUSTOM mode
  2. Do PARTITION then LABEL it
  3. Choose MINIMAL under DISTRIBUTIONS then select COMMIT to install
  4. Create a new custom kernel to best fit your computer hardware, this will help to make your system run stable. Follow the instruction here, the important thing to remember when edit the your custom kernel file is to keep entries that marks as "required" and remove any entry that irrelevant to your computer hardware. Use the Procedure 1 or Traditional way to compile your kernel.
  5. Setup wire/wireless network to access FreeBSD ftp sites to use pkg_add -r to install the latest tools that I need. To setup network you can use type sysinsall then Configure>Networking>Interfaces and so fore.
  6. Install man page, type sysinstall then select Configuration > Distributions > catman (Preformated system manual pages)
  7. pkg_add -r xorg
  8. Configure xorg using the instruction from the online FreeBSD handbook
  9. pkg_add -r xfce4
  10. Configure xfce4 desktop environment and reboot the system
  11. After login, startx to launch xfce4 desktop environment
  12. If you want nice themes: pkg_add -r xfce4-wm-themes. I like "Pills" as Windows Manager theme and "Xfce-cadmium" as User Interface theme
  13. pkg_add -r nmap (to use as a tool or enhance nessus)
  14. pkg_add -r nikto (to use as a tool or enhance nessus)
  15. pkg_add -r firefox
  16. Launch firefox and go to nessus.org to download the latest nessus tool
  17. pkg_add -r bison
  18. The above package is needed when nessus compile and install. Run "sh nessus.sh" to install the nessus.sh that I just downloaded
  19. pkg_add -r rdesktop (for remote desktop to my Windows XP computer at work via ssh tunneling)
  20. pkg_add -r ethereal
  21. pkg_add -r bsd-airtools
  22. pkg_add -r acroread7 (to read PDF file)

You may want to keep your install software up-to-date: using the two utilities below to check and to upgrade your applications:

  1. install security/portaudit
  2. portaudit -aFd
  3. portupgrade -PPR package_name
  4. portupgrade -aPPR (to do a massive network binary upgrade)
  5. pkgdb -F (to fix dependencies if any)
  6. portsclean -DCLPP (to clean unreferenced distfiles, working dirs, old shared libraries, outdated tarballs)

If you want to install the latest version of an application, you may want to download its port from freebsd website and do the following:

  • Download a port from freebsd site to a /tmp
  • tar zxvf port_application.tar.gz
  • cp -R port_name /usr/ports/port_name
  • cd /usr/ports/port_name
  • make install

Migrate to FreeBSD 6 from Solaris 8

This is how I upgraded BIND 8 to BIND 9 and also migrated from Solaris 8 on Ultra 1 to FreeBSD 6 on Ultra 10. To know about FreeBSD file systems layout, type man hier at FreeBSD command prompt

  1. Download FreeBSD 6 for Sparc64 from www.freebsd.org You only need to download disc 1 iso and burn it to a CD
  2. You need to boot your Ultra 10 from this CD. Turn on your Ultra 10, put in the CD and press Stop + A key simultaneously to get to an OK prompt, at this prompt, type boot cdrom
  3. Do steps 1 to 6 (skip step 4) above in my Personal Laptop section to install MINIMAL FreeBSD
  4. After it's done with the installation, reboot the machine. It should boot from the Ultra 10 hard drive.
  5. Logon to FreeBSD for the first time. Since we choose a minimal installation, we need to install SSH and BIND seperately.
  • Install SSH2 (this freeware is from ssh.com. If you choose openssh then substitue ssh2 with openssh)
pkg_add -r ssh2

When it's done installing ssh2, add the following lines into /etc/rc.conf to start sshd2  when the machine boot up

sshd_enable="YES"
sshd_program="/usr/local/sbin/sshd2"

  • You can configure sshd2 at /usr/local/etc/ssh2/sshd2_config. After edit run pkill -HUP sshd2 to reload the config file
  • Install BIND 9
pkg_add -r bind9
rndc-confgen -a (to generate configuration files for rndc)
 
You can restart BIND 9 using rndc (name server control utility) command after making changes to its config or zone files
 
rndc reload

When it's done installing bind9, add the following lines into /etc/rc.conf to start named (BIND) when the machine boot up

named_enable="YES"
  • We need to copy named.conf and zone files from the old BIND server to this new server. Before you do this, go to /etc/namedb and rename named.conf to named.conf.org
  • Now, logon to the old Solaris 8 and scp /etc/named/named.conf and /var/named files and directories to the new FreeBSD system location /etc/namedb
  • Now, you should have the old named.conf file on the new FreeBSD system under /etc/namedb. Edit it to make sure the "directory" variable point to the right path. Also, turn off recursive query on your DNS if you don't need it. To turn off recursive query put "recursion no;" into the OPTION section
  • If you get any error regarding permission denied when BIND is trying to update any file, make sure BIND is the owner, not ROOT.
  • Reboot your FreeBSD system then use nslookup from a computer to test the new BIND system to make sure it resolve name/ip correctly
  • When you are ready to replace the old server with the new server, unplug the network cable from the old system (or turn it off if you want) then change the host name and IP address of the new system to match the old system. To change host name and IP address on the new FreeBSD system, edit /etc/rc.conf and /etc/hosts. Make sure you reboot the new FreeBSD system after making changes.
ABOUT US > RESOURCES > Technical How To > Linux/Unix [Print Version]

Copyright 2006 - 2010 AngelTech.US