Experiment No 1

Aim: To study basic & user status Unix/Linux Commands. Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked, however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like Open Office). Procedure: Unix Command ls cp rm file find which List directory contents Copy files Remove directory entries Determine file type Walk a file hierarchy Locate a program file in the users path whereis gcc, g++ gdb less diff cmp vi chmod man Locate programs GNU project C and C++ Compiler The GNU Debugger View the contents of a text file Find differences between two files Compare two files Text editor Change file modes Display the on-line manual pages Description

mv ispell biff

Move and rename files Interactive spelling checker Be notified if mail arrives and who it is from

lpr lpq ftp logout pwd cd ln mkdir rmdir chmod quota history ps kill passwd alias unalias export script bg fg jobs

Print a file Show the print queue Transfer a file to another Unix system Quit using the system Print working directory name Change working directory Make a file link Make directories Remove directories Change file modes Display disk usage and limits Display a list of recent commands Show the status of processes Stop a running processes Change your password Create a command alias Delete a command alias Set an environment variable Record your terminal session to a file Send a job to the background Bring a job to the foreground Print a list of current jobs

User Status Command Finger command is used to lookup information about an user.

2 finger Examples 1. View detail about a particular user finger command will display login, username, home directory, shell information about a particular user as shown below. $ Finger sathiya Login: sathiya Directory: /home/sathiya Name: (null) Shell: /bin/bash

On since Mon Nov 1 18:45 (IST) on :0 (messages off) On since Mon Nov 1 18:46 (IST) on pts/0 from :0.0 New mail received Fri May 7 10:33 2010 (IST) Unread since Sat Jun 7 12:59 2008 (IST) No Plan. 2. View login details and Idle status about an user Can use finger -s option to view the login detail for a particular user. $ finger -s root Login root root root root root Name root root root root root *1 *2 *3 *ta *tb Tty 19d Wed 17:45 3d Fri 16:53 Mon 20:20 2 Tue 15:43 2 Tue 15:44 Idle Login Time Office Office Phone

Syntax and Options Short Option Option Description Display the users login name, real name, terminal name and write status -s idle time, login time, and either office location and office phone number, or the remote host.

Prevent the -l option of finger from displaying the contents of -p the .forward, .plan, .project and .pubkey files. Prevent matching of user names. User is usually a login name; however, matching will also be done on the users real names, unless the -m option is supplied.Display the users login name, -m real name, terminal name and write status idle time, login time, and either office location and office phone number, or the remote host. When used in conjunction with the -s option, the office location and office -o phone information is displayed instead of the name of the remote host.

Result: Basic & user status commands are known.

Experiment No 2
Aim: Create a file called wlcc.txt with some lines & display how many lines, words & characters are present in that file.

Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked, however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like OpenOffice). Procedure: Algorithm:
1. 2. 3. 4. 5.

Input the name of the file. Count the words of the given file. Count the characters of the given file. Count the lines of the given file. Print the result.

Coding: echo Enter the filename read wlcc.txt w= cat $wlcc.txt | wc w c= cat $wlcc.txt | wc c l= grep c . $wlcc.txt echo Number of characters in $wlcc,txt is $c echo Number of words in $wlcc,txt is $w echo Number of lines in $wlcc,txt is $l

Result: Lines, words & characters of given file is known now.

Experiment No 3
Aim: Create a program to find out the inode number of any desired file. Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked,

however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like OpenOffice). Procedure: Algorithm:
1. 2. 3.

Input the name of the file. Count the inode number of the file. Display the result.

Coding: read fname #file name to be searched. p=`pwd` cd / l=`find -name $fname` l=`echo $l | ls -i` set $l echo "inode is $1" cd $p

Result: Inode number of a given file is known now.

Experiment No 4
Aim: Study & use of the command for changing file permissions. Hardware Requirement: Desktop requirements are higher, but 600MHz with 256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked, however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like OpenOffice).

Procedure: Every file or folder in UNIX has access permissions. There are three types of permissions (what allowed to do with a file): read access write access execute access Permissions are defined for three types of users: the owner of the file the group that the owner belongs to other users Thus, UNIX file permissions are nine bits of information (3 types x 3 type of users), each of them may have just one of two values: allowed or denied. Simply put, for each file it can be specified who can read or write from/to the file. For programs or scripts it also can be set if they are allowed to be executed. 2. File permissions notation 2.1. Textual representation like "-rwxr--r--" It is used in UNIX long directory listings. It consists of 10 characters. The first character shows the file type. Next 9 characters are permissions, consisting of three groups: owner, group, others. Each group consists of three symbols: rwx (in this order), if some permission is denied, then a dash "-" is used instead. Example: -rwxr--r-0123456789 Symbol in the position 0 ("-")is the type of the file. It is either "d" if the item is a directory, or "l" if it is a link, or "-" if the item is a regular file. Symbols in positions 1 to 3 ("rwx") are permissions for the owner of the file. Symbols in positions 4 to 6 ("r--") are permissions for the group. Symbols in positions 7 to 9 ("r--") are permissions for others.

Read access is allowed

w Write access is allowed x Execute access is allowed Replaces "r", "w" or "x" if according access type is denied

2.1.1. Examples File, -rwxr-xr-x owner has read, write, execute permissions, group: only read and execute permissions, others: only read and execute permissions. Directory, dr-x-----owner has read and execute access, group and others have no access 2.2. Numeric (octal) representation like "644" If a numeric representation is used (like in chmod command, for example), then it is in the octal format (with the base of 8), and digits involved are 0 to 7. Octal format is used for the simplicity of understanding: every octal digit combines read, write and execute permissions together. Respective access rights for owner, group and others (in this order) are the last three digits of the numeric file permissions representation. Example: "0644". Here the second digit ("6" in the example) stands for rights of the owner, the third digit ("4" in the example) stands for rights of the group, the fourth digit ("4" in the example) stands for rights of others. This table shows what numeric values mean: Octal digit Text equivalent Binary value 0 1 2 ----x -w000 001 010 Meaning All types of access are denied Execute access is allowed only Write access is allowed only

3 4 5 6 7

-wx r-r-x rwrwx

011 100 101 110 111

Write and execute access are allowed Read access is allowed only Read and execute access are allowed Read and write access are allowed Everything is allowed

We see that "1" stands for execute only, "2" stands for write only, "4" stands for read only. To combine the permissions you can simply add 1, 2 and 4 to get a needed combination. For instance, to get read and write permissions, you add 4 (read) and 2 (write), thus getting 6 (read and write). To get read and execute permissions, you add 4 (read) and 1 (execute), thus getting 5 (read and execute). 2.2.1. Examples owner: read and write permissions, 644 group: only read permissions, others: only read permissions. owner: read, write and execute permissions, 755 group: read and execute permissions, others: read and execute permissions. 2.2.2. Why there is a leading zero? In programming, for instance, in C language, leading zero means that the value is in the octal format. Basically, it can be omitted. Owner, group and others rights are the last three digits of the permissions. 2.2.3. Four meaningful digits like "4755" There are cases when you may come across four non-zero digits, in this case the first meaningful (non-zero) digit combines the following bits (in this order, high to low): SUID, SGID, sticky bit. We also know that the last three are for owner, group and others. See this table for more information about SUID and so on.

3. Difference in access permissions for files and folders Access permissions for files and folders mean different things from the user standpoint. The table below shows the difference. Access type Read File If the file contents can be read If user or process can Write write to the file (change its contents) Folder

If the directory listing can be obtained If user or process can change directory contents somehow: create new or delete existing files in the directory or rename files. If user or process can access the directory, that

Execute

If the file can be executed is, go to it (make it to be the current working directory)

4. Permissions required for web server Web server assigns the rights of the web-server-specific user, typically user "nobody", to the connected web client, as if "nobody" is connected to the web server. "Nobody" doesn't belong to your group and thus it inherits permissions that "others" have to your files. For generic files such as html or images, etc you usually need to set 644 permissions. It is because "nobody" needs to read the file, and thus the file should be readable by others, hence 4 (read only) permissions for both group and others. For yourself you need a right to read and write (hence 6) to the file. For scripts you need 755 rights. The script should be executable by "nobody". The script file should also be readable by "nobody", as the file is interpreted by an interpreter such as Perl and therefore must be readable. Thus it must

combine read and execute permissions for "others", as "nobody" belongs to "others" group. For yourself you need to have also write access, getting 755 as a result. 5. Permissions set for FTP-uploaded files When upload files to your web hosting accounts, you become the owner of the files. Usually, by default files get 644 permissions, and depending on provider's FTP server configuration they may get different permissions in different situations. Also can change the file permissions with FTP client or by executing a chmod command in telnet. 6. Set user ID, set group ID, sticky bit In addition to the basic permissions discussed above, there are also three bits of information defined for files in UNIX: SUID or setuid: change user ID on execution. If setuid bit is set, when the file will be executed by a user, the process will have the same rights as the owner of the file being executed. SGID or setgid: change group ID on execution. Same as above, but inherits rights of the group of the owner of the file. For directories it also may mean that when a new file is created in the directory it will inherit the group of the directory (and not of the user who created the file). Sticky bit. It was used to trigger process to "stick" in memory after it is finished, now this usage is obsolete. Currently its use is system dependant and it is mostly used to suppress deletion of the files that belong to other users in the folder where we have "write" access to. 6.1. Numeric representation Octal digit 0 1 Binary value 000 001 Meaning setuid, setgid, sticky bits are cleared sticky bit is set

2 3 4 5 6 7

010 011 100 101 110 111

setgid bit is set setgid and sticky bits are set setuid bit is set setuid and sticky bits are set setuid and setgid bits are set setuid, setgid, sticky bits are set

6.2. Textual representation If set, then replaces "x" in the owner permissions to "s", if owner has execute permissions, or to "S" otherwise. Examples: SUID -rws------ both owner execute and SUID are set -r-S------ SUID is set, but owner execute is not set If set, then replaces "x" in the group permissions to "s", if group has execute permissions, or to "S" otherwise. Examples: SGID -rwxrws--- both group execute and SGID are set -rwxr-S--- SGID is set, but group execute is not set If set, then replaces "x" in the others permissions to "t", if others have execute permissions, or to "T" otherwise. Examples: Sticky -rwxrwxrwt both others execute and sticky bit are set -rwxrwxr-T sticky bit is set, but others execute is not set

1. What is a chmod command? Chmod command sets UNIX file permissions. First you need to telnet or SSH to the target computer, then in the command prompt you need to execute a chmod command. Also can set the permissions with the help of other programs, such as FTP client. 2. Syntax and examples of the shell chmod command (telnet or SSH)

Syntax of the chmod command is the following: prompt> chmod [options] permissions file[s] The word "chmod" should be entered all in lowercase letters. Options can be: -R, set permissions recursively -f, "forced" or silent mode -v, "verbose", show information for every file processed -c, show information only if changes are made to the file Permissions could be one of the following: Octal numeric format, with a leading zero like "0644" Octal numeric format, without a leading zero like "644" Text form like "a+r", "u=rwx" or "o-w", you can use several comma separated text form permissions File[s] can be either relative path to the file like "file.pl" absolute path to the file like "/var/spool/mail/paul" several space separated files like "file.pl /var/spool/mail/paul" file name mask like "*.html" or "*" What text permissions values mean: u Sets permissions for the owner of the file, e.g.: "u+w" allows the owner to write to the file Sets permissions for the group (to which owner belongs), e.g. "g-x" suppresses the execution of the file by the group Sets permissions for other users (that are not in group), e.g.: "o=r" allows others only to read the file Sets permissions for all (owner, group and others), e.g.: "a-w" disables write access to the file for everyone

Assigns the permissions, e.g. "a=rw", sets read and write permissions and disables execution for all Removes certain thing[s] from the permissions, keeping all other (not involved)

- permissions. E.g. "a-x" disables execution of the file for everyone, this example doesn't touch read and write permissions. Adds certain thing[s] to the permissions, keeping all other (not involved) permissions. + E.g. "a+x" allows execution of the file for everyone, this example doesn't touch read and write permissions. r Sets read permissions w Sets write permissions x Sets execute permissions t Sets sticky bit, e.g. "o+t" sets sticky bit for a file s Sets SUID or SGID. E.g.: "u+s" sets SUID, "g+s" sets SGID. 2.1. Examples Here are the examples of the chmod command. All commands do the same thing, except that the first four set SUID & SGID and sticky bits to zero and the last two don't touch SUID & SGID and sticky bits: prompt> chmod 0755 script.sh prompt> chmod 755 script.sh prompt> chmod u=rwx,g=rx,o=rx script.sh prompt> chmod u=rwx,go=rx script.sh prompt> chmod u+rwx,g+rx,g-w,o+rx,o-w script.sh prompt> chmod u+rwx,go+rx,go-w script.sh This example performs recursive chmod for the directory: prompt> chmod -R 755 mydirectory.

Result: File changing permissions are studied now.

Experiment No 5
Aim: Execute shell commands through vi editor. Hardware Reuirement: Desktop requirements are higher, but 600MHz with 256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked, however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like OpenOffice). Procedure: Linux is developed under the GNU Public License. This is sometimes referred to as a "copyleft", to distinguish it from a copyright. Under GPL the source code is available to anyone who wants it, and can be freely modified, developed, and so forth. There are only a few restrictions on the use of the code. If you make changes to the programs , you have to make those changes available to everyone. This basically means you can't take the Linux source code, make a few changes, and then sell your modified version without making the source code available. Common vi editor command list For this Purpose Use this vi Command Syntax

To insert new text

esc + i ( You have to press 'escape' key then 'i') esc + : + w (Press 'escape' key then 'colon' and finally 'w') esc + : + w "filename" esc + : + q esc + : + q! esc + : + wq esc + /word (Press 'escape' key, type /wordto-find, for e.g. to find word 'shri', type as /shri) n esc + ?word (Press 'escape' key, type wordto-find) esc + yy esc + p

To save file To save file with file name (save as) To quit the vi editor To quit without saving To save and quit vi editor To search for specified word in forward direction To continue with search To search for specified word in backward direction To copy the line where cursor is located To paste the text just deleted or copied at the cursor

To delete entire line where cursor is located esc + dd To delete word from cursor position esc + dw esc + :$s/word-to-find/word-to-replace/g To Find all occurrence of given word and For. e.g. :$s/mumbai/pune/g

Replace then globally without confirmation Here word "mumbai" is replace with "pune"

To Find all occurrence of given word and Replace then globally with confirmation To run shell command like ls, cp or date etc within vi

esc + :$s/word-to-find/word-to-replace/cg esc + :!shell-command

For e.g. :!pwd

How Shell Locates the file To run script, one need to have in the same directory where the creator created its script, if he are in different directory your script will not run (because of path settings), For e.g.. Home directory is ( use $ pwd to see current working directory) /home/vivek. Then the creator created one script called 'first', after creation of this script he moved to some other directory lets say /home/vivek/Letters/Personal, Now if he try to execute its script it will not run, since script 'first' is in /home/vivek directory, to overcome this problem there are two ways first, specify complete path of creator script when ever he want to run it from other directories like giving following command $ /bin/sh /home/vivek/first

Now every time you have to give all this detailed as you work in other directory, this take time and you have to remember complete path. There is another way, if you notice that all of our programs (in form of executable files) are marked as executable and can be directly executed from prompt from any directory. (To see executables of our normal program give command $ ls -l /bin ) By typing commands like $ bc $ cc myprg.c $ cal etc, How its possible? All our executables files are installed in directory called /bin and /bin directory is set in your PATH setting, Now when you type name of any command at $ prompt, what shell do is it first look that command in its internal part (called as internal command, which is part of Shell itself, and always available to execute), if found

as internal command shell will execute it, If not found It will look for current directory, if found shell will execute command from current directory, if not found, then Shell will Look PATH setting, and try to find our requested commands executable file in all of the directories mentioned in PATH settings, if found it will execute it, otherwise it will give message "bash: xxxx :command not found", Still there is one question remain can I run my shell script same as these executables?, Yes you can, for this purpose create bin directory in your home directory and then copy your tested version of shell script to this bin directory. After this you can run you script as executable file without using command like $ /bin/sh /home/vivek/first Command to create you own bin directory. $ cd $ mkdir bin $ cp first ~/bin $ first Each of above commands can be explained as follows: Each of above command $ cd Explanation Go to your home directory Now created bin directory, to install your $ mkdir bin own shell script, so that script can be run as independent program or can be accessed from any directory $ cp first ~/bin $ first Now consider following command $($ echo 'expr 6 + 3') The command ($ echo 'expr 6 + 3') is know as Parameter substitution. When a command is enclosed in backquotes, the command get executed and we will get output. copy your script 'first' to your bin directory Test whether script is running or not (It will run)

Mostly this is used in conjunction with other commands. For e.g. $pwd $cp /mnt/cdrom/lsoft/samba*.rmp `pwd` Now suppose we are working in directory called "/home/vivek/soft/artical/linux/lsst" and I want to copy some samba files from "/mnt/cdrom/lsoft" to my current working directory, then my command will be something like $cp /mnt/cdrom/lsoft/samba*.rmp /home/vivek/soft/artical/linux/lsst

Instead of giving above command I can give command as follows $cp /mnt/cdrom/lsoft/samba*.rmp `pwd` Here file is copied to your working directory. See the last Parameter substitution of `pwd` command, expand it self to /home/vivek/soft/artical/linux/lsst. This will save my time. $cp /mnt/cdrom/lsoft/samba*.rmp `pwd`

Result: Shell commands are executed through vi editor.

Experiment NO: 6

Aim: To write a shell script that accepts any number of arguments and print them in reverse
order.

Hardware & Software requirement: Desktop requirements are higher, but 600MHz with
256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked, however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like OpenOffice).

Theory: A shell script is a script written for the shell, or command line interpreter, of an
operating system. It is often considered a simple domain-specific programming language. Typical operations performed by shell scripts include file manipulation, program execution, and printing text. Many shell script interpreters double as command line interface, such as the various Unix shells, Windows PowerShell or the MS-DOS COMMAND.COM. Others, such as AppleScript or the graphical Windows Script Host (WScript.exe), add scripting capability to computing environments without requiring a command line interface. Other examples of programming languages primarily intended for shell scripting include DCL and. JCL.

Procedure:

I.

Flowchart:

(II) Algorithm:
text = raw_input("Enter the string: ") print "Reversed string: " + reverseIt(text)

def reverseIt(theStr): revStr = "" # initially the reversed string is empty # loop through theStr backwards, adding each character to revStr for i in range(len(theStr)-1, -1, -1): revStr += theStr[i]

# return the reversed string from the function return revStr+

(III) Coding:

echo enter any number read n rev=0 sd=0 while [ $n -gt 0 ] do sd=`expr $n % 10` rev=`expr $rev \* 10 + $sd` n=`expr $n / 10` done echo "reverse number is $rev"

Result: shell script that accepts any number of arguments and print them in reverse has been
written.

Experiment NO: 7

Aim: To write a shell script to find the smallest of three numbers that are read from the
keyboard.

Hardware & Software requirement:: Desktop requirements are higher, but 600MHz with
256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked, however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like OpenOffice).

Theory: Shell scripts allow several commands that would be entered manually at a command
line interface to be executed automatically, and without having to wait for a user to trigger each stage of the sequence. For example, in a directory with three C source code files, rather than manually running the four commands required to build the final program from them, one could instead create a C shell script, here named build and kept in the directory with them, which would compile them automatically.The script would allow a user to save the file being edited, pause the editor, and then just run ./build to create the updated program, test it, and then return to the editor. Since the 1980s or so, however, scripts of this type have been replaced with utilities like make which are specialized for building programs.

Procedure:
I.

Flowchart:

(II) Algorithm:
Input: a,b,c Output: small; smallest element in the sequence a,b,c Input values Small = a If b < small, then small = b If c < small, then small = c

(III) Coding:
echo Enter 3 numbers with spaces in between read a b c s=$a if [ $b -lt $s ] then s=$b fi if [ $c -lt $s ] then s=$c fi echo Smallest of $a $b $c is $s

Result: shell script to find the smallest of three numbers that are read from the keyboard
hasbeen written.

Experiment NO: 8

Aim: Installation,configuration and customizations of Unix/Linux Hardware & Software requirement:: Desktop requirements are higher, but 600MHz with
256 or 512MB of RAM gives comfort. It means that any recent computer will do. If tweaked, however, it would run, on 200MHz with 64MB of RAM, however. Typical installation takes about 3GB (will all desktop applications, like OpenOffice).

Theory: There are two types of Gridgen installations: a First Time Installation and a
Maintenance Release Installation. A First Time Installation involves extracting both Gridgen and its license managers from a CD and is performed by new users who are using Gridgen for the first time or by existing Gridgen users when a new, major Gridgen version is released. A Maintenance Release Installation involves replacing your current Gridgen executable program files with the latest Gridgen executable files. You obtain the latest Gridgen executable either by downloading them from Pointwises ftp site or from a CD. A typical Gridgen installation will result in the following layout of data (approximately 200 MBytes) in the gridgen_home_path directory: doc/ - This directory contains the Gridgen User Manual, Glyph Reference Manual, Tutorial Workbook, and Gridgen Release Notes and Installation Instructions in PDF and HTML formats in the PDF/ and Help/ subdirectories respectively. PDF files may be viewed and printed using Adobe Acrobat Reader. HTML files may be viewed by pressing Help within Gridgen.

 examples/ - This directory contains Gridgen (.gg), database, and Glyph script (.glf) files for tutorials and other examples of Gridgen usage. hw/ - There is not a directory actually named hw. It is included here in a generic sense to represent the specific hardware brand(s) of computer on which you will install Gridgen and its license managers. Instead of hw you may see directories called sgi65, sun, hp, and linux. Hardware brand specific files for the license managers, library files, and executables will be contained here within subdirectories. licenses/ - This directory is where we strongly recommend that you install your license file. utils/ - This directory contains Glyph scripts that perform various utility functions. gridgen - This file is Gridgens Launch Script. LICENSE_CONTROL.SH - This file is Gridgen License Control Script. Like many things in Unix, there are hundreds and hundreds of customizations you could possibly make. In order to make a customization, you need to first know exactly what you can change. Dot files Files for customization usually start with a "." (period). These files are sometimes called "dot files." These files are checked when you log in to your account or start up a session at the Unix shell. You can find what dot files you have in your home directory by this list command: $ ls -a . .. $ The dot files you need to change depend on which shell you are using and which application programs you are using. You can find out what shell you are using like this: $ echo $SHELL /bin/csh $ .cshrc .history .plan cmc-html public_html store

.forward .pinerc bin

Kinds of customizations in dot files When you customize your account in a dot file, you usually are altering or setting the value of some variable. These variables might be: 1. Environment variables that exist system-wide and are used by Unix to function for you. 2. Use the Unix env command to look at these. 3. You can use the Unix setenv command to set the values of these right at the shell prompt, or you can use the setenv command within the proper dot file to set these environment variables. 4. Check out this list of environment variables (in Appendix II, about two-thirds down the page). 5. Variables you create, also called "aliases." These aliases are a way that you can create shortcut names for commands or other things that you might want to use on a command line.

(II) Algorithm:
The Install Script performs many tasks: 1. Extracts Gridgens files from the CD 2. Extracts the license managers files from the CD 3. Generates your host ID and host name 4. Imports your Gridgen license file 5. Starts, stops, or queries the FLEXlm license server (uses the daemon lmgrd) If you have licensed an NCR, the install script can also perform these additional tasks: 6. Generates your NCR host ID 7. Imports your NCR license file 8. Starts, stops, or queries the NCR license server You are responsible for reporting the host ID and host name to us between tasks 3 and 4. For users with a licensed NCR, the NCR host ID (task 6) must be reported in addition to the Gridgen host ID and hostname to receive an appropriate license file.

(III) Coding:
When first started the Install Scripts main menu will be displayed. Enter key. This first prompt is for the directory into which Gridgen will be installed. This directory is Gridgens home directory, called gridgen_home_path for short. The default installation directory is /usr/local/ gridgen but you are free to choose any existing directory for which you have write privilege. Note: If your server is an SGI Prism workstation, the installation directory should be created under /home. The installation directory must exist before you enter its name here or else the Install Script will exit.

Configuration Company / developer GNU Project, Linus Torvalds and many others Programmed in OS family Working state Source model Latest stable release Assembly language, C Unix-like Current Free and open source software 2.6.39.2 (23 June 2011; 7 days ago (2011-06-23))[2] [+/] Latest unstable release 3.0-rc5 (28 June 2011; 2 days ago (2011-06-28))[3] [+/] Marketing target Available language(s) Available programming languages(s) Desktops, servers, embedded devices Multilingual Many

Supported platforms

DEC Alpha, ARM, AVR32, Blackfin, ETRAX CRIS, FR-V, H8/300, Itanium, M32R, m68k, Microblaze, MIPS, MN103, PA-RISC, PowerPC, s390, S+core, SuperH, SPARC, TILE64, Unicore32, x86, Xtensa

Kernel type Userland Default user interface

Monolithic GNU and others Graphical (X Window System) and command-line interface

License

Various including GNU General Public License, BSD License, Apache License, MIT License, and others[4]

Result: Installation,configuration and customizations of Unix/Linux has been done.

Experiment NO: 9

Aim: Study and installation of Firewall and Proxy server Hardware requirement:
1. a 486-DX66 with 32 meg of memory 2. a 250m hard disk (500 recommended) 3. network connections (LAN Cards, Serial Ports, Wireless?) 4. monitor and keyboard With some systems by using a serial port console, you can even eliminate the monitor and keyboard. If you need a proxy server that will handle lots of traffic, you should get the largest system you can afford. This is because for every user that connects to the system it will be creating another process. If you will have 50 or more concurrent users I'm guessing you will need: 1. a Pentium II with 64meg of memory 2. a two gig hard disk to store all the logs 3. two network connections 4. monitor and keyboard The network connections can be any type (NIC cards, ISDN, even modems).

Software requirement:
Selecting a Kernel Selecting a proxy server

To create a filtering firewall, you don't need any special software. Linux will do If you want to setup a proxy server you will need one of these packages. 1. Squid 2. The TIS Firewall Toolkit (FWTK) 3. SOCKS

Theory: Internet firewalls are intended to keep the flames of Internet hell out of your private
LAN. Or, to keep the members of your LAN pure and chaste by denying them access the all the evil Internet temptations. ;-)

The first computer firewall was a non-routing Unix host with connections to two different networks. One network card connected to the Internet and the other to the private LAN. To reach the Internet from the private network, you had to logon to the firewall (Unix) server. You then used the resources of the system to access the Internet. For example, you could use Xwindows to run Netscape's browser on the firewall system and have the display on your work station. With the browser running on the firewall it has access to both networks. There are two types of firewalls. 1. Filtering Firewalls - that block selected network packets. 2. Proxy Servers (sometimes called firewalls) - that make network connections for you.

A proxy server is one that receives requests intended for another server and that acts on the behalf of the client (as the client proxy) to obtain the requested service. A proxy server is often used when the client and the server are incompatible for direct connection. For example, the client may be unable to meet the security authentication requirements of the server but may be required to access some services. It may also be used for screening purposes to enable the administrator to control access to undesirable sites. The proxy server may also be used for caching purposes which enables faster access to frequently used websites. All the computers connected to the LAN access the Internet through a single IP address which results in improved security simply because the number of ports exposed is reduced. Proxy servers work on the seventh layer (the Application Layer) of the OSI model thus tending to be application dependent unlike firewalls that work at lower layers. They are also more difficult to install and maintain than firewalls, as proxy functionality for each application protocol like HTTP, SMTP, or SOCKS must be configured individually. However, a properly configured proxy server improves network security and performance. Since proxy servers function at the OSI Application layer, their filtering capabilities are relatively intelligent. For example, proxy web servers can check the URL (Uniform Resource Locator) of outgoing requests for Web pages by inspecting HTTP GET and POST messages. Using this feature, network administrators can bar access to illegal domains but allow access to other sites. Ordinary firewalls, in contrast, cannot see Web domain names inside those messages. Likewise for incoming data traffic, ordinary routers can filter by port number or network address, but proxy servers can also filter based on application content inside the messages. Linux ipchains is a rewrite of the Linux IPv4 firewalling code and a rewrite of ipfwadm, which was a rewrite of BSD's ipfw.

Procedure:

(I) Flowchart:

(II) Algorithm:
1. Install the TCP/IP protocol on all systems connected to the network. 2. Run the Install Wizard. The first screen is the product registration screen which require you to enter the product key. 3. The next two screens require information about your Internet connection. Select the type of connection and the name of your connection. 4. Enter the username and password of the Internet connection to be used. 5. WinProxy then configures the internal and external IP addresses. It automatically assigns a unique address to each device on the LAN as internal addresses. The IP address assigned to the modem/router by your ISP is taken as the external address. 6. WinProxy then prompts you to disconnect from the Internet if you are already connected. 7. In the final step WinProxy works through all the steps and verifies that all operations have been performed properly. The operations to work on entire chains are;

1. Create a new chain (-N). 2. Delete an empty chain (-X). 3. Change the policy for a built-in chain. (-P). 4. List the rules in a chain (-L). 5. Flush the rules out of a chain (-F). 6. Zero the packet and byte counters on all rules in a chain (-Z). There are several ways to manipulate rules inside a chain: 1. Append a new rule to a chain (-A). 2. Insert a new rule at some position in a chain (-I). 3. Replace a rule at some position in a chain (-R). 4. Delete a rule at some position in a chain (-D). 5. Delete the first rule that matches in a chain (-D). There are a few operations for masquerading, which are in ipchains for want of a good place to put them: 1. List the currently masqueraded connections (-M -L). 2. Set masquerading timeout values (-M -S). There are some timing issues involved in altering firewall rules. A simplistic approach is to do the following coding.

(III) Coding:
# ipchains -I input 1 -j DENY # ipchains -I output 1 -j DENY # ipchains -I forward 1 -j DENY ... make changes ... # ipchains -D input 1 # ipchains -D output 1 # ipchains -D forward 1 # Here a duplicate of the above firewall rules in IPChains. #!/bin/sh # # rc.firewall

# ## Flush everything, start from scratch /sbin/ipchains -F input /sbin/ipchains -F output /sbin/ipchains -F forward

## Redirect for HTTP Transparent Proxy #$IPCHAINS -A input -p tcp -s 192.1.2.0/24 -d 0.0.0.0/0 80 -j REDIRECT 8080

## Create your own chain /sbin/ipchains -N my-chain # Allow email to got to the server /sbin/ipchains -A my-chain -s 0.0.0.0/0 smtp -d 192.1.2.10 1024:-j ACCEPT # Allow email connections to outside email servers /sbin/ipchains -A my-chain -s 192.1.2.10 -d 0.0.0.0/0 smtp -j ACCEPT # Allow Web connections to your Web Server /sbin/ipchains -A my-chain -s 0.0.0.0/0 www -d 192.1.2.11 1024: -j ACCEPT # Allow Web connections to outside Web Server /sbin/ipchains -A my-chain -s 192.1.2.0/24 1024: -d 0.0.0.0/0 www -j ACCEPT # Allow DNS traffic /sbin/ipchains -A my-chain -p UDP -s 0.0.0.0/0 dns -d 192.1.2.0/24 -j ACCEPT

## If you are using masquerading # don't masq internal-internal traffic /sbin/ipchains -A forward -s 192.1.2.0/24 -d 192.1.2.0/24 -j ACCEPT # don't masq external interface direct /sbin/ipchains -A forward -s 24.94.1.0/24 -d 0.0.0.0/0 -j ACCEPT # masquerade all internal IP's going outside /sbin/ipchains -A forward -s 192.1.2.0/24 -d 0.0.0.0/0 -j MASQ

## Deny everything else /sbin/ipchains -P my-chain input DENY

Result: Study and installation of Firewall and Proxy server has been done.

Experiment NO: 10

Aim: Implementation of DNS, LDAP services

Theory:
DNS assists in assigning an IP address to one or more names and assigning a name to an IP address. In Linux, this conversion is usually carried out by a special type of software known as bind. The machine that takes care of this conversion is called a name server. The names make up a hierarchical system in which each name component is separated by dots. The name hierarchy is, however, independent of the IP address hierarchy described above. Consider a complete name, such as earth.example.com , written in the format hostname.domain. A full name, referred to as a fully qualified domain name (FQDN), consists of a hostname and a domain name (example.com). The latter also includes the top level domain or TLD (com). TLD assignment has become quite confusing for historical reasons. Traditionally, three letter domain names are used in the USA. In the rest of the world, the two-letter ISO national codes are the standard. In addition to that, longer TLDs were introduced in 2000 that represent certain spheres of activity (for example, .info, .name, .museum). In the early days of the Internet (before 1990), the file /etc/hosts was used to store the names of all the machines represented over the Internet. This quickly proved to be impractical in the face of the rapidly growing number of computers connected to the Internet. For this reason, a decentralized database was developed to store the hostnames in a widely distributed manner. This database, similar to the name server, does not have the data pertaining to all hosts in the Internet readily available, but can dispatch requests to other name servers. The top of the hierarchy is occupied by root name servers. These root name servers manage the top level domains and are run by the Network Information Center (NIC). Each root name server knows about the name servers responsible for a given top level domain. Information about top level domain NICs is available at http://www.internic.net. DNS can do more than just resolve hostnames. The name server also knows which host is receiving e-mails for an entire

domainthe mail exchanger (MX). For your machine to resolve an IP address, it must know about at least one name server and its IP address. Setting up a DNS Server One can use the named-bootconf.pl utility to convert old configuration files. The /etc/named.boot file: directory cache primary primary primary . /var/named named.ca myco.org 0.0.127.in-addr.arp named.myco

named.local

1.168.192.in-addr.arp named.rev

The first line defines the base directory to be used. The name.ca file will contain a list of DNS IP addresses for querying external addresses. The third line is optional and contains records for the local LAN. The two next entries are for reverse lookups. LDAP stands for Lightweight Directory Access Protocol. The protocol allows access to data in a tree-like structure using attributes. LDAP can be thought of as a specialised database which handles trees. Since directories are also trees, navigating LDAP fields is like navigating a directory. Added to this LDAP has been designed mainly for optimal access. This clarifies the words Directory and Access.Terminology used in DNS are DIT DN RDN LDIF The Data Information Tree Distinguished Name Relative Distinguished Name LDAP Data Interchange Format

(I) Flowchart:

(II) Algorithm:
Files which should be there for creating LDAP directories. migrate_automount.pl CVSVersionInfo.txt Make.rules MigrationTools.spec README ads migrate_netgroup_byhost.pl migrate_netgroup_byuser.pl migrate_networks.pl migrate_passwd.pl migrate_profile.pl migrate_protocols.pl migrate_rpc.pl migrate_services.pl migrate_slapd_conf.pl migrate_base.pl migrate_common.ph migrate_fstab.pl migrate_group.pl migrate_hosts.pl migrate_netgroup.pl migrate_aliases.pl migrate_all_netinfo_offline.sh migrate_all_netinfo_online.sh migrate_all_nis_offline.sh migrate_all_nis_online.sh migrate_all_nisplus_offline.sh migrate_all_nisplus_online.sh migrate_all_offline.sh migrate_all_online.sh

(III) Coding:

The password is generated from the command line as follows sldappasswd New password: Re-enter new password: {SSHA}XyZmHH1RlnSVXTj87UvxOAOCZA8oxNCT We next choose the rootdn in /etc/openldap/slapd.conf to be rootdn rootpw "cn=Manager,dc=example,dc=com" {SSHA}XyZmHH1RlnSVXTj87UvxOAOCZA8oxNCT

The next line will update the LDAP entries ldapmodify -f passwd.ldif -x -D dc=example,dc=com -W Enter LDAP Password:

Result: Implementation of DNS, LDAP services has been done.