path: root/README.md

# COMP-325 Assignment 3 - System Administration
Author: mo khan (3431709)

The artifacts used to produce the final result for this assigment can be found
at https://gitlab.com/xlgmokha/comp-325. The latest docker image for this
assigment can be run using the following command:

```bash
$ docker run -it registry.gitlab.com/xlgmokha/comp-325:latest /bin/bash
```

## Lab 1

1. Research several Linux distributions (CentOS, Debian, Fedora, Gentoo, Mandriva, OpenSUSE, RedHat, Slackware, TurboLinux, Ubuntu, and so on) and recommend a distribution for each of the following applications. Explain your choice.

  a. A single user working in a home office

  For a single user working in a home office, I prefer Ubuntu or Fedora. Both
  distributions offer a version that is compatible for use in a desktop
  environment. They ship with common software that a user may want to work in
  a home office such as LibreOffice. They also make it easy to install
  proprietary software that may be needed for working with or viewing
  different types of multimedia. Both of these distrubutions have different
  support cycles for their software and typically run on newer versions of the
  Linux kernel. This means that the driver support is usually more up to date
  for newer devices and hardware and newer versions of software packages are
  usually available.

  Fedora is a RHEL based distribution and Ubuntu is a Debian based
  distribution. People who are more familiar with `yum` or `Gnome` will likely prefer 
  Fedora. People who are more familiar with `apt` or `Unity` will likely
  prefer Ubuntu.

  Both Ubuntu and Fedora appear to have large communities. Support
  for both distributions is available through community forums, mailing lists,
  IRC and community websites.

  b. A university computer science lab

  In a university computer science lab, I think there is less of a need for a
  graphical user interface. OpenBSD is a good choice because it is known
  as a security focused BSD. This is useful in a university lab
  setting where multiple users work within the lab. OpenBSD supports
  running the XOrg X window system if the need for a minimal GUI is needed.

  c. A corporate web server

  A corporation may prefer to use either RedHat Enterprise Linux (RHEL) or
  CentOS. RHEL is an open source operating system but a license must be
  purchased for the specific flavour of this distribution. The pricing and
  options are available [here](https://www.redhat.com/en/store/linux-platforms).

  For a corporate web server I recommend the [Red Hat Enterprise Linux
  Server](https://www.redhat.com/en/store/red-hat-enterprise-linux-server#?sku=RH00005).
  A purchase includes different levels of support that is helpful in a
  corporate environment. Depending on the corporation, they may not need the
  support that a RHEL purchase provides because they have engineers
  that can support the web server. In that case, they may choose to use
  CentOS. [CentOS](https://centos.org) is the Community Enterprise OS, which is a binary compatible
  distribution of RHEL without the cost or support.

  Both distributations ship with stable versions of the Linux kernel.
  This stability is important for key pieces of infrastructure, such as a corporate web server.
  These operating systems also ship with default yum repos that provide regular security updates.
  RHEL has the advantage of releasing security patches earlier but CentOS
  usually [catches up within 24 - 72 hours](https://wiki.centos.org/FAQ/General#head-cea9337e6513cc1567c4d05afbd693f1f7038ccb).

  RHEL based distros ship with the Security Enhanced (SELinux) Linux modules
  that provides mechanisms for better management of access controls. To ensure
  that different users of the system have the appropriate access controls to
  be able to manage the server.

2. What is the current status of Linux kernel development? What are the hot issues? Who are some of the key players? How is the project managed?

  The current latest stable Linux kernel is [5.2.13](https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.13).
  The current mainline is [5.3-rc7](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/rawdiff/?id=v5.3-rc7&id2=v5.2). The current list of maintained kernel versions are:

  * [4.19.71](https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.71)
  * [4.14.142](https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.142)
  * [4.9.191](https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.191)
  * [4.4.191](https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.191)
  * [3.16.73](https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.73)

  The current Linux kernel merge window is closed. [5.3-rc7](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/rawdiff/?id=v5.3-rc7&id2=v5.2)
  is being stabilized so that a new stable version can be released. Once `5.3`
  is stabilized and released, the next merge window will open. Once the merge
  window is open, new feature can be added.

  [The Big Picture](https://www.kernel.org/doc/html/v5.2/process/2.Process.html#the-big-picture) describes the following process for Kernel development.

  1. Stable version is released.
  2. Merge window for next release opens. (approximate for 2 weeks)
  3. New features, patches are merged. The items that are chosen to be merged
     into mainline are vetted by several subsystem maintainers. The patches
     accepted by maintainers are then reviewed and merged into mainline by Linus
     Torvalds.
  4. RC-1 is cut and the merge window closes. Only changes that help stabilize
     the release candidate are merged during this time.
  5. Approximately, 7-9 release candidates are released before a new stable
     release is cut and released. Go to step 1.

  One of the most recent pieces of news about Linux kernel development is about [memory optimization in the slab memory controller](https://lkml.org/lkml/2019/9/5/1132).
  This proposed change has been tested in production at Facebook with memory savings of:

  1. web frontend, 650-700 Mb, ~42% of slab memory
  2. database cache, 750-800 Mb, ~35% of slab memory
  3. dns server, 700 Mb, ~36% of slab memory

  The Linux kernel is supported by volunteers, RedHat, Packet, Fastly, Google,
  The Linux Foundation and many other organizations. These organizations donate
  money, engineers, patches, drivers to help support Linux kernel development.
      
3. Draw a dependency graph that shows which daemons must be started before other daemons on your Linux system.

  Since 2015, most Linux distributations have moved away from `UNIX System V` to `systemd`.

  [systemd](https://en.wikipedia.org/wiki/Systemd) provides:

  1. A system and service manager.
  1. A software platform.
  1. A bridge between applications and the kernel via interfaces that expose Kernal API's.

  ```bash
  $ systemd-analyze critical-chain
  The time when unit became active or started is printed after the "@" character.
  The time the unit took to start is printed after the "+" character.

  graphical.target @9.797s
  └─multi-user.target @9.796s
    └─docker.service @6.941s +2.557s
      └─network-online.target @6.938s
        └─NetworkManager-wait-online.service @3.580s +3.357s
          └─NetworkManager.service @3.529s +49ms
            └─network-pre.target @3.527s
              └─firewalld.service @2.099s +1.427s
                └─polkit.service @2.671s +406ms
                  └─basic.target @2.095s
                    └─dbus-broker.service @2.135s +212ms
                      └─dbus.socket @2.087s
                        └─sysinit.target @2.085s
                          └─sys-fs-fuse-connections.mount @15.058s +5ms
                            └─systemd-journald.socket
                              └─-.mount
                                └─system.slice
                                  └─-.slice
  ```

  Or we can plot the dependencies between all known target units.

  ```bash
  $ systemd-analzye dot --to-pattern='*.target' --from-pattern='*.target' | dot -Tsvg > systemd.svg
  ```

![systemd](systemd.svg)


## Lab 2

Linux installation can happen smoothly and automatically, but sometimes there are problems to be solved.
Write a professional report on the installation process of Linux/UNIX on your system.
Include as much of the following as is relevant to your installation.
There may be many other issues not listed below that you had to deal with.
Include those as well.
Your report should include advice to other people attempting to do the same.

1. List required hardware and the hardware provided by your system. In particular, the 
  * CPU
  * floppy disk drive
  * bootable CD drive
  * RAM
  * space allocated on the hard disk drive
2. Indicate software requirements according to the system you have used: 
  * Windows
  * stand-alone Linux
  * separate partition
  * dedicated hard disk
  * resized Windows partition
3. Provide details of CD ROM, hard disk, and mouse information: 
  * SCSI CD-ROM
  * swap partition
  * mouse model
  * time zone
  * the port that the mouse uses
4. Provide video and monitor details:
  * monitor manufacturer and model
  * X-windows configuration
  * chipset used by the video
  * the vertical refresh rate
5. Include network configuration:
  * DHCP server
  * computer name
  * domain name
  * IP address
  * the netmask
  * the broadcast address g. the NIS domain
  * the Samba server

  ### Installing Fedora Workstation

  To install the latest Fedora 30 workstation operating system your computer
  must meet the following mimimum system requirements.

  1. CPU: 1GHz
  1. Floppy disk drive: Not required 
  1. Bootable CD drive: Not required
  1. RAM: 1GB
  1. HDD: 10GB unallocated
  1. USB: Minimum of 1 USB 2.0 port is recommended

  For this installation a USB flash drive is required.
  This installation will describe how to setup a stand-alone Linux environment.
  Dual boot is possible but will not be covered in this document.

  * Download the latest Fedora 30 DVD ISO from https://getfedora.org/en/workstation/download/
  * Verify the download by verifying the checksum of the downloaded image. https://getfedora.org/en/security/
  * Write the DVD ISO to a flash drive.
    ```bash
    $ dd if=/path/to/image.iso of=/dev/sdX bs=8M # use lsblk to identify the usb flash storage device
    ```
  * After the ISO is written to the flash drive you will need to reboot the
     machine with the flash drive inserted. You might need to tweak the boot
     settings to boot from the flash drive before the hard disk. Accessing the
     BIOS configuration is dependent on the device. On my machine pressing F2
     during startup will take me to the boot configuration menu.
  * Once the system boots from the USB flash drive follow the on screen
     instructions for installing Fedora 30.
  * After installation is complete, remove the USB flash storage device and
     restart the computer.
  * Use the credentials created during the setup process to login.
  * Open a terminal and type:

    ```bash
    $ sudo yum update
    $ sudo yum upgrade
    ```

  Your system is now ready and up to date.

  The system that I am using to prepare this document has the following configuration:

  ### System information

  * CPU
    ```bash
    モ lscpu
    Architecture:        x86_64
    CPU op-mode(s):      32-bit, 64-bit
    Byte Order:          Little Endian
    Address sizes:       36 bits physical, 48 bits virtual
    CPU(s):              8
    On-line CPU(s) list: 0-7
    Thread(s) per core:  2
    Core(s) per socket:  4
    Socket(s):           1
    NUMA node(s):        1
    Vendor ID:           GenuineIntel
    CPU family:          6
    Model:               58
    Model name:          Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
    Stepping:            9
    CPU MHz:             1604.968
    CPU max MHz:         3900.0000
    CPU min MHz:         1600.0000
    BogoMIPS:            7021.40
    Virtualization:      VT-x
    L1d cache:           32K
    L1i cache:           32K
    L2 cache:            256K
    L3 cache:            8192K
    NUMA node0 CPU(s):   0-7
    Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca
    cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp
    lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid
    aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm
    pcid sse4_1 sse4_2 popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm
    cpuid_fault epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid
    fsgsbase smep erms xsaveopt dtherm ida arat pln pts md_clear flush_l1d
    ```
  * PCI
    ```bash
    モ lspci
    00:00.0 Host bridge: Intel Corporation Xeon E3-1200 v2/3rd Gen Core processor DRAM Controller (rev 09)
    00:01.0 PCI bridge: Intel Corporation Xeon E3-1200 v2/3rd Gen Core processor PCI Express Root Port (rev 09)
    00:14.0 USB controller: Intel Corporation 7 Series/C210 Series Chipset Family USB xHCI Host Controller (rev 04)
    00:16.0 Communication controller: Intel Corporation 7 Series/C216 Chipset Family MEI Controller #1 (rev 04)
    00:19.0 Ethernet controller: Intel Corporation 82579V Gigabit Network Connection (rev 04)
    00:1a.0 USB controller: Intel Corporation 7 Series/C216 Chipset Family USB Enhanced Host Controller #2 (rev 04)
    00:1b.0 Audio device: Intel Corporation 7 Series/C216 Chipset Family High Definition Audio Controller (rev 04)
    00:1c.0 PCI bridge: Intel Corporation 7 Series/C216 Chipset Family PCI Express Root Port 1 (rev c4)
    00:1c.2 PCI bridge: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 3 (rev c4)
    00:1c.3 PCI bridge: Intel Corporation 7 Series/C216 Chipset Family PCI Express Root Port 4 (rev c4)
    00:1c.4 PCI bridge: Intel Corporation 82801 PCI Bridge (rev c4)
    00:1c.6 PCI bridge: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 7 (rev c4)
    00:1c.7 PCI bridge: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 8 (rev c4)
    00:1d.0 USB controller: Intel Corporation 7 Series/C216 Chipset Family USB Enhanced Host Controller #1 (rev 04)
    00:1f.0 ISA bridge: Intel Corporation Z77 Express Chipset LPC Controller (rev 04)
    00:1f.2 SATA controller: Intel Corporation 7 Series/C210 Series Chipset Family 6-port SATA Controller [AHCI mode] (rev 04)
    00:1f.3 SMBus: Intel Corporation 7 Series/C216 Chipset Family SMBus Controller (rev 04)
    01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere [Radeon RX 470/480/570/570X/580/580X/590] (rev e7)
    01:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] Ellesmere HDMI Audio [Radeon RX 470/480 / 570/580/590]
    03:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller
    04:00.0 SATA controller: ASMedia Technology Inc. ASM1062 Serial ATA Controller (rev 01)
    05:00.0 PCI bridge: ASMedia Technology Inc. ASM1083/1085 PCIe to PCI Bridge (rev 03)
    07:00.0 Network controller: Qualcomm Atheros AR9485 Wireless Network Adapter (rev 01)
    08:00.0 USB controller: ASMedia Technology Inc. ASM1042 SuperSpeed USB Host Controller
    ```
  * Memory
    ```bash
    モ lsmem | tail -n3
    Memory block size:       128M
    Total online memory:      32G
    Total offline memory:      0B
    ```
  * USB devices
    ```bash
    モ lsusb
    Bus 002 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
    Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    Bus 008 Device 004: ID 2109:0812 VIA Labs, Inc. VL812 Hub
    Bus 008 Device 003: ID 2109:0812 VIA Labs, Inc. VL812 Hub
    Bus 008 Device 002: ID 2109:0812 VIA Labs, Inc. VL812 Hub
    Bus 008 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
    Bus 007 Device 007: ID 045e:00db Microsoft Corp. Natural Ergonomic Keyboard 4000 V1.0
    Bus 007 Device 005: ID 2109:2812 VIA Labs, Inc. VL812 Hub
    Bus 007 Device 006: ID 045e:0029 Microsoft Corp. IntelliMouse Optical
    Bus 007 Device 004: ID 2109:2812 VIA Labs, Inc. VL812 Hub
    Bus 007 Device 003: ID 046d:085c Logitech, Inc. C922 Pro Stream Webcam
    Bus 007 Device 002: ID 2109:2812 VIA Labs, Inc. VL812 Hub
    Bus 007 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    Bus 006 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
    Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
    Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
    Bus 003 Device 002: ID 0a5c:21e8 Broadcom Corp. BCM20702A0 Bluetooth 4.0
    Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    ```
  * Block devices
    ```bash
    モ lsblk
    NAME                            MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
    sda                               8:0    0 931.5G  0 disk
    └─sda1                            8:1    0 931.5G  0 part
    sdb                               8:16   0 232.9G  0 disk
    ├─sdb1                            8:17   0     1G  0 part /boot
    └─sdb2                            8:18   0 231.9G  0 part
      ├─fedora_localhost--live-root 253:0    0    70G  0 lvm  /
      ├─fedora_localhost--live-swap 253:1    0  15.7G  0 lvm  [SWAP]
      └─fedora_localhost--live-home 253:2    0 146.2G  0 lvm  /home
    ```
  * Time and date settings
    ```bash
    モ timedatectl
                  Local time: Sat 2019-09-28 15:12:16 MDT
              Universal time: Sat 2019-09-28 21:12:16 UTC
                    RTC time: Sat 2019-09-28 21:12:16
                    Time zone: America/Edmonton (MDT, -0600)
    System clock synchronized: yes
                  NTP service: active
              RTC in local TZ: no
    ```
  * Hostname
    ```bash
    モ hostname
    localhost.localdomain
    ```
  * Network addresses
    ```bash
    モ ip addr show
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
          valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host
          valid_lft forever preferred_lft forever
    2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
        link/ether 10:bf:48:7c:c8:9b brd ff:ff:ff:ff:ff:ff
        inet 192.168.128.58/24 brd 192.168.128.255 scope global dynamic noprefixroute eno1
          valid_lft 583485sec preferred_lft 583485sec
        inet6 fe80::bdb7:fce0:3736:ce93/64 scope link noprefixroute
          valid_lft forever preferred_lft forever
    3: wlp7s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
        link/ether ce:77:3a:58:2c:0a brd ff:ff:ff:ff:ff:ff
    4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
        link/ether 52:54:00:ce:7b:4d brd ff:ff:ff:ff:ff:ff
        inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
          valid_lft forever preferred_lft forever
    5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
        link/ether 52:54:00:ce:7b:4d brd ff:ff:ff:ff:ff:ff
    6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
        link/ether 02:42:44:ef:dc:62 brd ff:ff:ff:ff:ff:ff
        inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
          valid_lft forever preferred_lft forever
        inet6 fe80::42:44ff:feef:dc62/64 scope link
          valid_lft forever preferred_lft forever
    ```
  * Full hardware report
    ```bash
    モ sudo lshw -short
    H/W path               Device      Class          Description
    =============================================================
                                        system         System Product Name (SKU)
    /0                                 bus            P8Z77-V PRO
    /0/0                               memory         64KiB BIOS
    /0/4                               processor      Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
    /0/4/5                             memory         32KiB L1 cache
    /0/4/6                             memory         256KiB L2 cache
    /0/4/7                             memory         8MiB L3 cache
    /0/1                               memory         32GiB System memory
    /0/1/0                             memory         8GiB DIMM DDR3 Synchronous 1333 MHz (0.8 ns)
    /0/1/1                             memory         8GiB DIMM DDR3 Synchronous 1333 MHz (0.8 ns)
    /0/1/2                             memory         8GiB DIMM DDR3 Synchronous 1333 MHz (0.8 ns)
    /0/1/3                             memory         8GiB DIMM DDR3 Synchronous 1333 MHz (0.8 ns)
    /0/100                             bridge         Xeon E3-1200 v2/3rd Gen Core processor DRAM Controller
    /0/100/1                           bridge         Xeon E3-1200 v2/3rd Gen Core processor PCI Express Root Port
    /0/100/1/0                         display        Ellesmere [Radeon RX 470/480/570/570X/580/580X/590]
    /0/100/1/0.1                       multimedia     Ellesmere HDMI Audio [Radeon RX 470/480 / 570/580/590]
    /0/100/14                          bus            7 Series/C210 Series Chipset Family USB xHCI Host Controller
    /0/100/14/0            usb3        bus            xHCI Host Controller
    /0/100/14/0/1                      generic        BCM20702A0
    /0/100/14/1            usb4        bus            xHCI Host Controller
    /0/100/16                          communication  7 Series/C216 Chipset Family MEI Controller #1
    /0/100/19              eno1        network        82579V Gigabit Network Connection
    /0/100/1a                          bus            7 Series/C216 Chipset Family USB Enhanced Host Controller #2
    /0/100/1a/1            usb1        bus            EHCI Host Controller
    /0/100/1a/1/1                      bus            Integrated Rate Matching Hub
    /0/100/1b                          multimedia     7 Series/C216 Chipset Family High Definition Audio Controller
    /0/100/1c                          bridge         7 Series/C216 Chipset Family PCI Express Root Port 1
    /0/100/1c.2                        bridge         7 Series/C210 Series Chipset Family PCI Express Root Port 3
    /0/100/1c.2/0                      bus            ASM1042 SuperSpeed USB Host Controller
    /0/100/1c.2/0/0        usb5        bus            xHCI Host Controller
    /0/100/1c.2/0/1        usb6        bus            xHCI Host Controller
    /0/100/1c.3                        bridge         7 Series/C216 Chipset Family PCI Express Root Port 4
    /0/100/1c.3/0          scsi6       storage        ASM1062 Serial ATA Controller
    /0/100/1c.3/0/0        /dev/sda    disk           1TB ST31000340AS
    /0/100/1c.3/0/0/1      /dev/sda1   volume         931GiB EXT4 volume
    /0/100/1c.3/0/1        /dev/sdb    disk           250GB Samsung SSD 840
    /0/100/1c.3/0/1/1      /dev/sdb1   volume         1GiB EXT4 volume
    /0/100/1c.3/0/1/2      /dev/sdb2   volume         231GiB Linux LVM Physical Volume partition
    /0/100/1c.4                        bridge         82801 PCI Bridge
    /0/100/1c.4/0                      bridge         ASM1083/1085 PCIe to PCI Bridge
    /0/100/1c.6                        bridge         7 Series/C210 Series Chipset Family PCI Express Root Port 7
    /0/100/1c.6/0          wlp7s0      network        AR9485 Wireless Network Adapter
    /0/100/1c.7                        bridge         7 Series/C210 Series Chipset Family PCI Express Root Port 8
    /0/100/1c.7/0                      bus            ASM1042 SuperSpeed USB Host Controller
    /0/100/1c.7/0/0        usb7        bus            xHCI Host Controller
    /0/100/1c.7/0/0/1                  bus            USB2.0 Hub
    /0/100/1c.7/0/0/1/1                multimedia     C922 Pro Stream Webcam
    /0/100/1c.7/0/0/1/2                bus            USB2.0 Hub
    /0/100/1c.7/0/0/1/2/1              input          Microsoft IntelliMouse
    /0/100/1c.7/0/0/1/3                bus            USB2.0 Hub
    /0/100/1c.7/0/0/1/3/1              input          Natural
    /0/100/1c.7/0/1        usb8        bus            xHCI Host Controller
    /0/100/1c.7/0/1/1                  bus            USB3.0 Hub
    /0/100/1c.7/0/1/1/2                bus            USB3.0 Hub
    /0/100/1c.7/0/1/1/3                bus            USB3.0 Hub
    /0/100/1d                          bus            7 Series/C216 Chipset Family USB Enhanced Host Controller #1
    /0/100/1d/1            usb2        bus            EHCI Host Controller
    /0/100/1d/1/1                      bus            Integrated Rate Matching Hub
    /0/100/1f                          bridge         Z77 Express Chipset LPC Controller
    /0/100/1f.2                        storage        7 Series/C210 Series Chipset Family 6-port SATA Controller [AHCI mod
    /0/100/1f.3                        bus            7 Series/C216 Chipset Family SMBus Controller
    /0/2                               system         PnP device PNP0c01
    /0/3                               system         PnP device PNP0c02
    /0/5                               system         PnP device PNP0b00
    /0/6                               generic        PnP device INT3f0d
    /0/7                               system         PnP device PNP0c02
    /0/8                               system         PnP device PNP0c02
    /0/9                               system         PnP device PNP0c02
    /1                                 power          To Be Filled By O.E.M.
    /2                     docker0     network        Ethernet interface
    /3                     virbr0-nic  network        Ethernet interface
    /4                     virbr0      network        Ethernet interface
    ```
  * Monitor information
    ```bash
    モ edid-decode /sys/class/drm/card0-HDMI-A-1/edid
    Extracted contents:
    header:          00 ff ff ff ff ff ff 00
    serial number:   4c 2d cc 08 52 4e 34 5a 23 16
    version:         01 03
    basic params:    80 34 1d 78 2a
    chroma info:     7d d1 a4 56 50 a1 28 0f 50 54
    established:     bf ef 80
    standard:        71 4f 81 c0 81 00 81 80 95 00 a9 c0 b3 00 01 01
    descriptor 1:    02 3a 80 18 71 38 2d 40 58 2c 45 00 09 25 21 00 00 1e
    descriptor 2:    01 1d 00 72 51 d0 1e 20 6e 28 55 00 09 25 21 00 00 1e
    descriptor 3:    00 00 00 fd 00 32 4b 1e 51 11 00 0a 20 20 20 20 20 20
    descriptor 4:    00 00 00 fc 00 53 32 34 42 33 30 30 0a 20 20 20 20 20
    extensions:      01
    checksum:        03

    EDID version: 1.3
    Manufacturer: SAM Model 8cc Serial Number 1513377362
    Made in week 35 of 2012
    Digital display
    Maximum image size: 52 cm x 29 cm
    Gamma: 2.20
    DPMS levels: Off
    RGB color display
    First detailed timing is preferred timing
    Display x,y Chromaticity:
      Red:   0.6416, 0.3388
      Green: 0.3154, 0.6298
      Blue:  0.1591, 0.0595
      White: 0.3125, 0.3291
    Established timings supported:
      720x400@70Hz 9:5 HorFreq: 31469 Hz Clock: 28.320 MHz
      640x480@60Hz 4:3 HorFreq: 31469 Hz Clock: 25.175 MHz
      640x480@67Hz 4:3 HorFreq: 35000 Hz Clock: 30.240 MHz
      640x480@72Hz 4:3 HorFreq: 37900 Hz Clock: 31.500 MHz
      640x480@75Hz 4:3 HorFreq: 37500 Hz Clock: 31.500 MHz
      800x600@56Hz 4:3 HorFreq: 35200 Hz Clock: 36.000 MHz
      800x600@60Hz 4:3 HorFreq: 37900 Hz Clock: 40.000 MHz
      800x600@72Hz 4:3 HorFreq: 48100 Hz Clock: 50.000 MHz
      800x600@75Hz 4:3 HorFreq: 46900 Hz Clock: 49.500 MHz
      832x624@75Hz 4:3 HorFreq: 49726 Hz Clock: 57.284 MHz
      1024x768@60Hz 4:3 HorFreq: 48400 Hz Clock: 65.000 MHz
      1024x768@70Hz 4:3 HorFreq: 56500 Hz Clock: 75.000 MHz
      1024x768@75Hz 4:3 HorFreq: 60000 Hz Clock: 78.750 MHz
      1280x1024@75Hz 5:4 HorFreq: 80000 Hz Clock: 135.000 MHz
      1152x870@75Hz 192:145 HorFreq: 67500 Hz Clock: 108.000 MHz
    Standard timings supported:
      1152x864@75Hz 4:3 HorFreq: 67500 Hz Clock: 108.000 MHz
      1280x720@60Hz 16:9
      1280x800@60Hz 16:10
      1280x1024@60Hz 5:4 HorFreq: 64000 Hz Clock: 108.000 MHz
      1440x900@60Hz 16:10 HorFreq: 55500 Hz Clock: 88.750 MHz
      1600x900@60Hz 16:9
      1680x1050@60Hz 16:10 HorFreq: 64700 Hz Clock: 119.000 MHz
    Detailed mode: Clock 148.500 MHz, 521 mm x 293 mm
                  1920 2008 2052 2200 hborder 0
                  1080 1084 1089 1125 vborder 0
                  +hsync +vsync
                  VertFreq: 60 Hz, HorFreq: 67500 Hz
    Detailed mode: Clock 74.250 MHz, 521 mm x 293 mm
                  1280 1390 1430 1650 hborder 0
                    720  725  730  750 vborder 0
                  +hsync +vsync
                  VertFreq: 60 Hz, HorFreq: 45000 Hz
    Monitor ranges (GTF): 50-75Hz V, 30-81kHz H, max dotclock 170MHz
    Monitor name: S24B300
    Has 1 extension blocks
    Checksum: 0x3 (valid)

    CTA extension block
    Extension version: 3
    13 bytes of CTA data
      Video data block
        VIC  16 1920x1080@60Hz 16:9 (native) HorFreq: 67500 Hz Clock: 148.500 MHz
        VIC   4 1280x720@60Hz 16:9  HorFreq: 45000 Hz Clock: 74.250 MHz
        VIC  31 1920x1080@50Hz 16:9  HorFreq: 56250 Hz Clock: 148.500 MHz
        VIC  19 1280x720@50Hz 16:9  HorFreq: 37500 Hz Clock: 74.250 MHz
        VIC  18 720x576@50Hz 16:9  HorFreq: 31250 Hz Clock: 27.000 MHz
        VIC   3 720x480@60Hz 16:9  HorFreq: 31469 Hz Clock: 27.000 MHz
      Vendor-specific data block, OUI 000c03 (HDMI)
        Source physical address 1.0.0.0
    Underscans PC formats by default
    Supports YCbCr 4:4:4
    Supports YCbCr 4:2:2
    1 native detailed modes
    Detailed mode: Clock 74.250 MHz, 521 mm x 293 mm
                  1280 1720 1760 1980 hborder 0
                    720  725  730  750 vborder 0
                  +hsync +vsync
                  VertFreq: 50 Hz, HorFreq: 37500 Hz
    Detailed mode: Clock 27.000 MHz, 521 mm x 293 mm
                    720  732  796  864 hborder 0
                    576  581  586  625 vborder 0
                  -hsync -vsync
                  VertFreq: 50 Hz, HorFreq: 31250 Hz
    Detailed mode: Clock 27.000 MHz, 521 mm x 293 mm
                    720  736  798  858 hborder 0
                    480  489  495  525 vborder 0
                  -hsync -vsync
                  VertFreq: 59 Hz, HorFreq: 31468 Hz
    Checksum: 0x51 (valid)
    ```

## Lab 3

1. Study the system configuration files and answer the following questions:

  a. What startup style does your system most resemble, BSD or AT&T?

  [System V](https://en.wikipedia.org/wiki/UNIX_System_V) is the init system that evolved from [System III](https://en.wikipedia.org/wiki/UNIX_System_III).
  For quite some time many Linux distrubitions including [Fedora](https://getfedora.org) used the System V init system.

  I am running Fedora 30 Workstation which currently uses the [systemd](https://en.wikipedia.org/wiki/Systemd) [init](https://en.wikipedia.org/wiki/Init) system.
  The [systemd](https://en.wikipedia.org/wiki/Systemd) init system is meant to replace the System V and BSD init systems.

  b. Why? Give at least two reasons for your answer above. (Examples would be presence or absence of /etc/inittab, init.d scripts, etc.)

  Most of the binaries that ship with the system are stored in `/usr/bin/` and `/usr/sbin`
  instead of `/bin` and `/sbin/`. Fedora also has a `/etc/inittab` and `/etc/init.d`.
  Fedora doesn't have an `/etc/rc.conf`. An OpenBSD system has startup scripts
  defined in `/etc/rc.d`.

  ```bash
  モ tree /etc/rc.d/
  /etc/rc.d/
  ├── init.d
  │   ├── functions
  │   ├── livesys
  │   ├── livesys-late
  │   └── README
  ├── rc0.d
  │   ├── K01livesys-late -> ../init.d/livesys-late
  │   └── K99livesys -> ../init.d/livesys
  ├── rc1.d
  │   ├── K01livesys-late -> ../init.d/livesys-late
  │   └── K99livesys -> ../init.d/livesys
  ├── rc2.d
  │   ├── K01livesys-late -> ../init.d/livesys-late
  │   └── K99livesys -> ../init.d/livesys
  ├── rc3.d
  │   ├── S00livesys -> ../init.d/livesys
  │   └── S99livesys-late -> ../init.d/livesys-late
  ├── rc4.d
  │   ├── S00livesys -> ../init.d/livesys
  │   └── S99livesys-late -> ../init.d/livesys-late
  ├── rc5.d
  │   ├── S00livesys -> ../init.d/livesys
  │   └── S99livesys-late -> ../init.d/livesys-late
  └── rc6.d
      ├── K01livesys-late -> ../init.d/livesys-late
      └── K99livesys -> ../init.d/livesys

  8 directories, 18 files
  ```

  Fedora attemps to map the System V init system to the systemd, but the bulk
  of the processes that are started during init are managed by systemd.

  c. Which directory contains the rc.d (or similar file)? Explain the contents of the rc.d (or the file/s) that does the same in your setup.

  On Fedora, the `/etc/rc.d` is mostly empty. There's a couple of shell scripts but it looks like it might be used for running Fedora from a live CD.


  ```bash
  モ tree /etc/rc.d/
  /etc/rc.d/
  ├── init.d
  │   ├── functions
  │   ├── livesys
  │   ├── livesys-late
  │   └── README
  ├── rc0.d
  │   ├── K01livesys-late -> ../init.d/livesys-late
  │   └── K99livesys -> ../init.d/livesys
  ├── rc1.d
  │   ├── K01livesys-late -> ../init.d/livesys-late
  │   └── K99livesys -> ../init.d/livesys
  ├── rc2.d
  │   ├── K01livesys-late -> ../init.d/livesys-late
  │   └── K99livesys -> ../init.d/livesys
  ├── rc3.d
  │   ├── S00livesys -> ../init.d/livesys
  │   └── S99livesys-late -> ../init.d/livesys-late
  ├── rc4.d
  │   ├── S00livesys -> ../init.d/livesys
  │   └── S99livesys-late -> ../init.d/livesys-late
  ├── rc5.d
  │   ├── S00livesys -> ../init.d/livesys
  │   └── S99livesys-late -> ../init.d/livesys-late
  └── rc6.d
      ├── K01livesys-late -> ../init.d/livesys-late
      └── K99livesys -> ../init.d/livesys

  8 directories, 18 files
  ```

  The latest version of Fedora uses `systemd` for managing startup daemons. `systemd` is configured using unit files.

  ```bash
  モ tree /etc/systemd/system/
  /etc/systemd/system/
  ├── bluetooth.target.wants
  │   └── bluetooth.service -> /usr/lib/systemd/system/bluetooth.service
  ├── ctrl-alt-del.target -> /usr/lib/systemd/system/reboot.target
  ├── dbus-org.bluez.service -> /usr/lib/systemd/system/bluetooth.service
  ├── dbus-org.fedoraproject.FirewallD1.service -> /usr/lib/systemd/system/firewalld.service
  ├── dbus-org.freedesktop.Avahi.service -> /usr/lib/systemd/system/avahi-daemon.service
  ├── dbus-org.freedesktop.ModemManager1.service -> /usr/lib/systemd/system/ModemManager.service
  ├── dbus-org.freedesktop.nm-dispatcher.service -> /usr/lib/systemd/system/NetworkManager-dispatcher.service
  ├── dbus-org.freedesktop.timedate1.service -> /usr/lib/systemd/system/timedatex.service
  ├── dbus.service -> /usr/lib/systemd/system/dbus-broker.service
  ├── default.target -> /lib/systemd/system/graphical.target
  ├── dev-virtio\x2dports-org.qemu.guest_agent.0.device.wants
  │   └── qemu-guest-agent.service -> /usr/lib/systemd/system/qemu-guest-agent.service
  ├── display-manager.service -> /usr/lib/systemd/system/gdm.service
  ├── getty.target.wants
  │   └── getty@tty1.service -> /usr/lib/systemd/system/getty@.service
  ├── graphical.target.wants
  │   ├── accounts-daemon.service -> /usr/lib/systemd/system/accounts-daemon.service
  │   ├── rtkit-daemon.service -> /usr/lib/systemd/system/rtkit-daemon.service
  │   ├── switcheroo-control.service -> /usr/lib/systemd/system/switcheroo-control.service
  │   └── udisks2.service -> /usr/lib/systemd/system/udisks2.service
  ├── messagebus.service -> /usr/lib/systemd/system/dbus-broker.service
  ├── multi-user.target.wants
  │   ├── abrtd.service -> /usr/lib/systemd/system/abrtd.service
  │   ├── abrt-journal-core.service -> /usr/lib/systemd/system/abrt-journal-core.service
  │   ├── abrt-oops.service -> /usr/lib/systemd/system/abrt-oops.service
  │   ├── abrt-vmcore.service -> /usr/lib/systemd/system/abrt-vmcore.service
  │   ├── abrt-xorg.service -> /usr/lib/systemd/system/abrt-xorg.service
  │   ├── atd.service -> /usr/lib/systemd/system/atd.service
  │   ├── auditd.service -> /usr/lib/systemd/system/auditd.service
  │   ├── avahi-daemon.service -> /usr/lib/systemd/system/avahi-daemon.service
  │   ├── chronyd.service -> /usr/lib/systemd/system/chronyd.service
  │   ├── crond.service -> /usr/lib/systemd/system/crond.service
  │   ├── cups.path -> /usr/lib/systemd/system/cups.path
  │   ├── dbxtool.service -> /usr/lib/systemd/system/dbxtool.service
  │   ├── dkms.service -> /usr/lib/systemd/system/dkms.service
  │   ├── dnf-makecache.timer -> /usr/lib/systemd/system/dnf-makecache.timer
  │   ├── docker.service -> /usr/lib/systemd/system/docker.service
  │   ├── firewalld.service -> /usr/lib/systemd/system/firewalld.service
  │   ├── libvirtd.service -> /usr/lib/systemd/system/libvirtd.service
  │   ├── mcelog.service -> /usr/lib/systemd/system/mcelog.service
  │   ├── mdmonitor.service -> /usr/lib/systemd/system/mdmonitor.service
  │   ├── ModemManager.service -> /usr/lib/systemd/system/ModemManager.service
  │   ├── NetworkManager.service -> /usr/lib/systemd/system/NetworkManager.service
  │   ├── nfs-client.target -> /usr/lib/systemd/system/nfs-client.target
  │   ├── remote-fs.target -> /usr/lib/systemd/system/remote-fs.target
  │   ├── rngd.service -> /usr/lib/systemd/system/rngd.service
  │   ├── sssd.service -> /usr/lib/systemd/system/sssd.service
  │   ├── vboxautostart-service.service -> /usr/lib/systemd/system/vboxautostart-service.service
  │   ├── vboxballoonctrl-service.service -> /usr/lib/systemd/system/vboxballoonctrl-service.service
  │   ├── vboxdrv.service -> /usr/lib/systemd/system/vboxdrv.service
  │   ├── vboxservice.service -> /usr/lib/systemd/system/vboxservice.service
  │   ├── vboxweb-service.service -> /usr/lib/systemd/system/vboxweb-service.service
  │   └── vmtoolsd.service -> /usr/lib/systemd/system/vmtoolsd.service
  ├── network-online.target.wants
  │   └── NetworkManager-wait-online.service -> /usr/lib/systemd/system/NetworkManager-wait-online.service
  ├── nfs-blkmap.service.requires
  │   └── nfs-convert.service -> /usr/lib/systemd/system/nfs-convert.service
  ├── nfs-idmapd.service.requires
  │   └── nfs-convert.service -> /usr/lib/systemd/system/nfs-convert.service
  ├── nfs-mountd.service.requires
  │   └── nfs-convert.service -> /usr/lib/systemd/system/nfs-convert.service
  ├── nfs-server.service.requires
  │   └── nfs-convert.service -> /usr/lib/systemd/system/nfs-convert.service
  ├── nginx.service.d
  ├── printer.target.wants
  │   └── cups.service -> /usr/lib/systemd/system/cups.service
  ├── redis-sentinel.service.d
  │   └── limit.conf
  ├── redis.service.d
  │   └── limit.conf
  ├── remote-fs.target.wants
  │   └── nfs-client.target -> /usr/lib/systemd/system/nfs-client.target
  ├── rpc-gssd.service.requires
  │   └── nfs-convert.service -> /usr/lib/systemd/system/nfs-convert.service
  ├── rpc-statd-notify.service.requires
  │   └── nfs-convert.service -> /usr/lib/systemd/system/nfs-convert.service
  ├── rpc-statd.service.requires
  │   └── nfs-convert.service -> /usr/lib/systemd/system/nfs-convert.service
  ├── sockets.target.wants
  │   ├── avahi-daemon.socket -> /usr/lib/systemd/system/avahi-daemon.socket
  │   ├── cups.socket -> /usr/lib/systemd/system/cups.socket
  │   ├── dbus.socket -> /usr/lib/systemd/system/dbus.socket
  │   ├── dm-event.socket -> /usr/lib/systemd/system/dm-event.socket
  │   ├── iscsid.socket -> /usr/lib/systemd/system/iscsid.socket
  │   ├── iscsiuio.socket -> /usr/lib/systemd/system/iscsiuio.socket
  │   ├── multipathd.socket -> /usr/lib/systemd/system/multipathd.socket
  │   ├── spice-vdagentd.socket -> /usr/lib/systemd/system/spice-vdagentd.socket
  │   ├── sssd-kcm.socket -> /usr/lib/systemd/system/sssd-kcm.socket
  │   ├── virtlockd.socket -> /usr/lib/systemd/system/virtlockd.socket
  │   └── virtlogd.socket -> /usr/lib/systemd/system/virtlogd.socket
  ├── sysinit.target.wants
  │   ├── dmraid-activation.service -> /usr/lib/systemd/system/dmraid-activation.service
  │   ├── import-state.service -> /usr/lib/systemd/system/import-state.service
  │   ├── iscsi.service -> /usr/lib/systemd/system/iscsi.service
  │   ├── lvm2-lvmetad.socket -> /usr/lib/systemd/system/lvm2-lvmetad.socket
  │   ├── lvm2-lvmpolld.socket -> /usr/lib/systemd/system/lvm2-lvmpolld.socket
  │   ├── lvm2-monitor.service -> /usr/lib/systemd/system/lvm2-monitor.service
  │   ├── multipathd.service -> /usr/lib/systemd/system/multipathd.service
  │   └── selinux-autorelabel-mark.service -> /usr/lib/systemd/system/selinux-autorelabel-mark.service
  ├── systemd-timedated.service -> /dev/null
  ├── timers.target.wants
  │   ├── mlocate-updatedb.timer -> /usr/lib/systemd/system/mlocate-updatedb.timer
  │   └── unbound-anchor.timer -> /usr/lib/systemd/system/unbound-anchor.timer
  └── vmtoolsd.service.requires
      ├── vgauthd.service -> /usr/lib/systemd/system/vgauthd.service
      └── vmtoolsd-init.service -> /usr/lib/systemd/system/vmtoolsd-init.service
  ```

  d. What is stored in rc0.d? Execute the ls command while in rc0.d, and say what is common among all the files stored there.

  ```bash
  モ ls -alh /etc/rc0.d/
  total 8.0K
  drwxr-xr-x.  2 root 4.0K Jun 28 07:45 ./
  drwxr-xr-x. 10 root 4.0K Sep  3 07:01 ../
  lrwxrwxrwx.  1 root   22 Apr 25 20:30 K01livesys-late -> ../init.d/livesys-late*
  lrwxrwxrwx.  1 root   17 Apr 25 20:30 K99livesys -> ../init.d/livesys*
  ```

  On this system there is two shell scripts defined in the `/etc/rc0.d` directory.
  These two scripts are used for adding late init scripts for running the live image.

  e. What is the function of files stored in init.d and the /etc/inittab?

  On older systems the `init.d` is the directory where you place startup shell scripts.
  They typically respond to `start`, `stop` and sometimes `restart`.

  The `/etc/inittab` was used by the System V init system.
  It would define what processes to start and monitor.

  Fedora now uses `systemd`.

  ```bash
  モ cat /etc/inittab
  # inittab is no longer used.
  #
  # ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
  #
  # Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
  #
  # systemd uses 'targets' instead of runlevels. By default, there are two main targets:
  #
  # multi-user.target: analogous to runlevel 3
  # graphical.target: analogous to runlevel 5
  #
  # To view current default target, run:
  # systemctl get-default
  #
  # To set a default target, run:
  # systemctl set-default TARGET.target
  ```

  ```bash
  モ ls -alh /etc/init.d/
  total 44K
  drwxr-xr-x.  2 root 4.0K Sep  3 07:01 ./
  drwxr-xr-x. 10 root 4.0K Sep  3 07:01 ../
  -rw-r--r--.  1 root  18K Jun 28 06:46 functions
  -rwxr-xr-x.  1 root 7.3K Apr 25 20:31 livesys*
  -rwxr-xr-x.  1 root 1.1K Apr 25 20:30 livesys-late*
  -rw-r--r--.  1 root 1.2K Sep  3 06:59 README
  ```

  ```bash
  モ cat /etc/init.d/README
  You are looking for the traditional init scripts in /etc/rc.d/init.d,
  and they are gone?

  Here's an explanation on what's going on:

  You are running a systemd-based OS where traditional init scripts have
  been replaced by native systemd services files. Service files provide
  very similar functionality to init scripts. To make use of service
  files simply invoke "systemctl", which will output a list of all
  currently running services (and other units). Use "systemctl
  list-unit-files" to get a listing of all known unit files, including
  stopped, disabled and masked ones. Use "systemctl start
  foobar.service" and "systemctl stop foobar.service" to start or stop a
  service, respectively. For further details, please refer to
  systemctl(1).

  Note that traditional init scripts continue to function on a systemd
  system. An init script /etc/rc.d/init.d/foobar is implicitly mapped
  into a service unit foobar.service during system initialization.

  Thank you!

  Further reading:
          man:systemctl(1)
          man:systemd(1)
          http://0pointer.de/blog/projects/systemd-for-admins-3.html
          https://www.freedesktop.org/wiki/Software/systemd/Incompatibilities
  ```

  f. How do you enable/disable the CTRL-ALT-DELETE as an alternative to shutdown?

  To start and stop the service you can use `systemctl`.

  ```bash
  モ systemctl start ctrl-alt-del.target
  ```

  ```bash
  モ systemctl stop ctrl-alt-del.target
  ```

  ```bash
  モ systemctl status ctrl-alt-del.target
  ● reboot.target - Reboot
    Loaded: loaded (/usr/lib/systemd/system/reboot.target; enabled; vendor preset: enabled)
    Active: inactive (dead)
      Docs: man:systemd.special(7)
  ```

  ```bash
  モ systemctl list-unit-files | grep ctrl-alt
  ctrl-alt-del.target                                        enabled
  ```

2. Read the man page for the shutdown command.

  a. How do you shut down the system to a single-user mode? Try it and present results.

  On a systemd based system you need to change the current run-level.

  1. run level 0: poweroff.target
  1. run level 1: rescue.target
  1. run level 3: multi-user.target
  1. run level 5: graphical.target
  1. run level 6: reboot.target

  The default run level on my system is:

  ```bash
  モ systemctl get-default
  graphical.target
  ```

  To change the run level for a running system to single user mode, I need to change the run level to 1.

  ```bash
  モ systemctl isolate rescue.target
  ```

  After running the above command the GUI's dissappeared and it looked like my
  system was rebooted. A single shell was shown with the following output:

  ```bash
  Fedora 30 (Workstation Edition)
  Kernel 5.2.13-200.fc30.x86_64 on an x86_64 (tty2)

  localhost login: mokha
  Password:
  System is going down. Unprivileged users are not permitted to log in anymore. For technical details, see pam_nologin(8).

  Authentication failure
  ```

  The man page for `pam_nologin` says:

  ```bash
  DESCRIPTION
        pam_nologin is a PAM module that prevents users from logging into the system when /var/run/nologin or
        /etc/nologin exists. The contents of the file are displayed to the user. The pam_nologin module has no
        effect on the root user's ability to log in.
  ```

  So I tried to enable logins for the root user.

  ```bash
  モ sudo -i
  [sudo] password for mokha:
  [root@localhost ~]# whoami
  root
  [root@localhost ~]# passwd
  Changing password for user root.
  New password:
  Retype new password:
  passwd: all authentication tokens updated successfully.
  ```

  Then I tried to change the run level again. This time it would return me to
  the graphical login prompt.

  Next, I tried to look at the help for `init`.

  ```bash
  モ init --help
  init [OPTIONS...] {COMMAND}

  Send control commands to the init daemon.

      --help      Show this help
      --no-wall   Don't send wall message before halt/power-off/reboot

  Commands:
    0              Power-off the machine
    6              Reboot the machine
    2, 3, 4, 5     Start runlevelX.target unit
    1, s, S        Enter rescue mode
    q, Q           Reload init daemon configuration
    u, U           Reexecute init daemon

  See the telinit(8) man page for details.
  ```

  I decided to try using `init` to set the run level to recue mode.

  ```bash
  モ init 1
  ```

  This produced the same affect as earlier. So I was unable to switch into single user mode from Fedora.

  b. What’s difference between single-user mode and how the system normally runs?

  > Single-user mode is a mode where only the administrator (root) has access to the computer,
  > the mode is designed for maintenance and is often used for repairs.
  > - https://www.tldp.org/LDP/GNU-Linux-Tools-Summary/html/x5152.htm

  c. Explain options in the command "shutdown -t 100 +3 -h".

  [shutdown](https://ss64.com/bash/shutdown.html) says:

  ```text
  Shutdown or restart linux

  Syntax
        shutdown [options] when [message]

  Options
    -c     Cancel a shutdown that is in progress.

    -f    Reboot fast, by suppressing the normal call to fsck
          when rebooting.
    -h    Halt the system when shutdown is complete.

    -k    Print the warning message, but suppress actual shutdown.

    -n    Perform shutdown without a call to init.

    -r    Reboot the system when shutdown is complete.

    -t sec 
          Ensure a sec-second delay between killing processes
          and changing the runlevel.

  Examples
  Shutdown immediately:
    shutdown -h now

  Reboot immediately:
    shutdown -r now 

  Shutdown at 8 pm:
    shutdown -h 20:00

  Shutdown in 10 minutes: 
    shutdown -h +10 
  ```

  The command `shutdown -t 100 +3 -h` will halt the system in 3 minutes and
  ensure a 100 second delay between killing processes and changing the
  runlevel.

  d. How do you boot into single-user mode?

  > 1. At the GRUB splash screen at boot time, press any key to enter the GRUB interactive menu.
  > 1. Select Fedora with the version of the kernel that you wish to boot and type `a` to append the line.
  > 1. Go to the end of the line and type `single` as a separate word (press the `Spacebar` and then type `single`).
  > Press `Enter` to exit edit mode.
  > - https://docs.fedoraproject.org/en-US/Fedora/13/html/Installation_Guide/s1-rescuemode-booting-single.html

  e. What, if anything, do you notice that is different about booting into single-user mode compared to shutting down to single-user mode?

  When booting into single user mode everthing appears to be the same.
  However, when I look at the process listing many processes aren't started.
  For example many services that usually start up with systemd are not
  running. However, I was not able to switch to runlevel 1.

  f. Shut the system down; then boot it normally. Look in the file /var/log/messages (often /var/adm/messages on some systems). How does the information in the “messages” file compare with what appears on the screen during boot?

  The file `/var/log/messages` and `/var/adm/messages` does not exist. A `/var/log/README` has the following explanation.

  ```text
  You are looking for the traditional text log files in /var/log, and
  they are gone?

  Here's an explanation on what's going on:

  You are running a systemd-based OS where traditional syslog has been
  replaced with the Journal. The journal stores the same (and more)
  information as classic syslog. To make use of the journal and access
  the collected log data simply invoke "journalctl", which will output
  the logs in the identical text-based format the syslog files in
  /var/log used to be. For further details, please refer to
  journalctl(1).

  Alternatively, consider installing one of the traditional syslog
  implementations available for your distribution, which will generate
  the classic log files for you. Syslog implementations such as
  syslog-ng or rsyslog may be installed side-by-side with the journal
  and will continue to function the way they always did.

  Thank you!

  Further reading:
          man:journalctl(1)
          man:systemd-journald.service(8)
          man:journald.conf(5)
          http://0pointer.de/blog/projects/the-journal.html
  ```

  Running `journalctl --folow -k` includes logs from the kernel which is
  similar to what appears on screen during the boot process.

3. Linux Startup

  a. Run the dmesg command, and list which devices are assigned to each of CD-ROM, HD, and floppy disk.

  This system does not have a CD-ROM or floppy disk. `dmesg` shows that the
  kernel identifier two disks. `sda` assigned to a 1TB disk and `sdb` assigned
  to a 250 GB disk.

  ```bash
  モ dmesg | grep -E 'sd[ab]'
  [    1.406725] sd 6:0:0:0: [sda] 1953525168 512-byte logical blocks: (1.00 TB/932 GiB)
  [    1.406763] sd 6:0:0:0: [sda] Write Protect is off
  [    1.406766] sd 6:0:0:0: [sda] Mode Sense: 00 3a 00 00
  [    1.406796] sd 6:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
  [    1.421233]  sda: sda1
  [    1.421910] sd 6:0:0:0: [sda] Attached SCSI disk
  [    1.870382] sd 7:0:0:0: [sdb] 488397168 512-byte logical blocks: (250 GB/233 GiB)
  [    1.870394] sd 7:0:0:0: [sdb] Write Protect is off
  [    1.870396] sd 7:0:0:0: [sdb] Mode Sense: 00 3a 00 00
  [    1.870414] sd 7:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
  [    1.870965]  sdb: sdb1 sdb2
  [    1.871492] sd 7:0:0:0: [sdb] Attached SCSI disk
  [    6.869352] EXT4-fs (sdb1): mounted filesystem with ordered data mode. Opts: (null)
  ```

  b. What do you think the following (or a similar line) in dmesg output means?
		`Linux version 2.6.5-1.358 (bhcompile@bugs.build.redhat.com) (gcc version 3.3.3 20040412 (Red Hat Linux 3.3.3-7)) #1 Sat May 8 09:04:50 DT 2004`.

  It means that the system booted up with version `2.6.5-1.358` of the linux kernel.
  The kernel was compiled with `gcc` version 3.3.3 and the running linux distribution if a flavour of `Red Hat Linux`.

  c. Is there an Ethernet card detected on the system?

  Yes.

  ```bash
  モ lspci | grep Ethernet
  00:19.0 Ethernet controller: Intel Corporation 82579V Gigabit Network Connection (rev 04)

  モ dmesg | grep eth0
  [    2.658654] e1000e 0000:00:19.0 eth0: (PCI Express:2.5GT/s:Width x1) 10:bf:48:7c:c8:9b
  [    2.658655] e1000e 0000:00:19.0 eth0: Intel(R) PRO/1000 Network Connection
  [    2.658689] e1000e 0000:00:19.0 eth0: MAC: 10, PHY: 11, PBA No: FFFFFF-0FF
  [    2.659713] e1000e 0000:00:19.0 eno1: renamed from eth0
  ```

## Lab 4

Rootly Powers and Processes

1. Use the find command with the -perm option to locate five setuid files on your system. For each file, explain why the setuid mechanism is necessary for the command to function properly.

```bash
モ find /usr/bin -perm /u=s,g=s
/usr/bin/fusermount-glusterfs
/usr/bin/pkexec
/usr/bin/locate
/usr/bin/at
/usr/bin/write
/usr/bin/keybase-redirector
/usr/bin/su
/usr/bin/chsh
/usr/bin/chage
/usr/bin/newgrp
/usr/bin/crontab
/usr/bin/sudo
/usr/bin/gpasswd
/usr/bin/passwd
/usr/bin/umount
/usr/bin/mount
/usr/bin/staprun
/usr/bin/fusermount
/usr/bin/chfn
```

*	`/usr/bin/su` needs the setuid permission so that any user can attempt to run commands as another user.
	In order to verify this attempt, the program needs root privilege to verify credentials and access.
*	`/usr/bin/chsh` needs permission to edit the `/etc/passwd` file which is owned by root. Any user on the system
	should be able to choose what shell they want to use but they do not need to be able to edit the `/etc/passwd` file.
*	`/usr/bin/passwd` needs permission to change a users password. Any user on the system
	should be able to change their own password without requiring root permission to do so.
*	`/usr/bin/sudo` needs root privilege to execute a command as another user and very credentials and access.
	This program can be run by any user to try to escalate their privilege.
*	`/usr/bin/crontab` can be executed by any user because every user can have their own crontab entries.
	The crontab files are only writable by the root user so the crontab program needs to run as root.

2. Enumerate a sequence of commands that let you modify someone’s password entry, and show how you could cover your tracks. Assume you had only sudo power (all commands allowed, but not shells or su).

  ```bash
  $ sudo -i
  $ passwd otheruser
  ```

  The `passwd` command would appear in the history of the root user but it's difficult to see who was acting as the root user when the password was changed.

3. Create two entries for the sudoers configuration file:

  a. One entry that allows users Matt, Adam, and Drew to service the printer, to unjam the printer, and to restart printer daemons on the machine printerserver.

  ```text
  User_Alias PRINT_ADMINS = matt, adam, drew
  Cmnd_Alias PRINTER_MGMT = /usr/bin/lp, /usr/sbin/lpc, /usr/bin/lprm, /usr/bin/lpq, /usr/sbin/lpmove, /usr/bin/lpstat, /usr/bin/systemctl restart cups.service
  PRINT_ADMINS printerserver= PRINTER_MGMT
  ```

  b. One entry that allows Drew, Smihgr, and Jim Lane to kill jobs and then reboot the machine.

  ```text
  User_Alias ADMINS = Drew, Smihgr, Jim Lane
  Cmnd_Alias REBOOT = /usr/sbin/shutdown, /usr/bin/kill
  ADMINS localhost = REBOOT
  ```

## Lab 5

1. Write a shell script to help monitor the health of your /etc/passwd file.

  a. Find entries that have UID 0.

  ```bash
  #!/bin/bash

  cd "$(dirname "$0")/.."
  FILE=${1:-'/etc/passwd'}

  cat "$FILE" | cut -d: -f1,3 | grep ':0'
  ```

  b. Find entries that have no password (needs /etc/shadow).

  ```bash
  #!/bin/bash

  cd "$(dirname "$0")/.."
  FILE=${1:-'/etc/passwd'}

  grep -E '^\w+::.*' "$FILE"
  ```

  c. Find any sets of entries that have duplicate UIDs.

  ```bash
  #!/bin/bash

  cd "$(dirname "$0")/.."
  FILE=${1:-'/etc/passwd'}

  ids=$(grep -v -E '^#' "$FILE" | awk -F: '{ print $3 }' | sort -n | uniq -d)

  for id in $ids; do
    grep -v -E '^#' "$FILE" | awk -F: '{ print $3 " " $1 }' | grep -E "^$id "
  done

  if [ -z "$ids" ]; then
    exit 0
  else
    exit 1
  fi
  ```

  d. Find entries that have duplicate login names.

  ```bash
  #!/bin/bash

  cd "$(dirname "$0")/.."
  FILE=${1:-'/etc/passwd'}

  DUPLICATES=$(grep -v -E '^#' "$FILE" | awk -F: '{ print $1 }' | sort | uniq -d)
  echo $DUPLICATES

  if [ -z "$DUPLICATES" ]; then
    exit 0
  else
    exit 1
  fi
  ```

  e. Find entries that have no expiration date (needs /etc/shadow).

  ```bash
  #!/bin/bash

  cd "$(dirname "$0")/.."
  FILE=${1:-'/etc/shadow'}
  EXITSTATUS=0

  while read entry; do
    login=$(echo $entry | cut -d: -f1)
    expiration=$(echo $entry | cut -d: -f8)

    if [ -z "$expiration" ]; then
      echo $login: does not have an expiration date
      let "EXITSTATUS++"
    fi
  done < "$FILE"

  exit $EXITSTATUS
  ```

## References

* https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.73
* https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.142
* https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.71
* https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.191
* https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.13
* https://centos.org
* https://docs.fedoraproject.org/en-US/Fedora/13/html/Installation_Guide/s1-rescuemode-booting-single.html
* https://en.wikipedia.org/wiki/Init
* https://en.wikipedia.org/wiki/Systemd
* https://en.wikipedia.org/wiki/UNIX_System_III
* https://en.wikipedia.org/wiki/UNIX_System_V
* https://getfedora.org
* https://getfedora.org/en/security/
* https://getfedora.org/en/workstation/download/
* https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/rawdiff/?id=v5.3-rc7&id2=v5.2
* https://lkml.org/lkml/2019/9/5/1132
* https://ss64.com/bash/shutdown.html
* https://wiki.centos.org/FAQ/General#head-cea9337e6513cc1567c4d05afbd693f1f7038ccb
* https://www.kernel.org/doc/html/v5.2/process/2.Process.html#the-big-picture
* https://www.pearson.com/us/higher-education/program/Sarwar-Unix-The-Textbook-2nd-Edition/PGM2571730.html
* https://www.redhat.com/en/store/linux-platforms
* https://www.redhat.com/en/store/red-hat-enterprise-linux-server#?sku=RH00005
* https://www.tldp.org/LDP/GNU-Linux-Tools-Summary/html/x5152.htm