CST8207 Week 03 Notes
absolute and relative paths, ROOT and HOME, finding files, GLOB patterns

Ian! D. Allen – www.idallen.com

Fall 2018 - September to December 2018 - Updated 2018-09-27 10:51 EDT

1 Readings, Assignments, Labs, Tests, and ToDoIndexup to index

1.1 Read (at least) these things (All The Words)Indexup to index

  1. Week 03 Notes HTML – this file – Read All The Words
  2. File System and Pathnames – ROOT, basename, current directory, absolute, relative, . (dot), .. (dot dot)
    • Read this before you start any of the Worksheets.
  3. Directories – ROOT, /root, HOME, /home, and the current directory
  4. Finding files – searching for files by name, size, use, modify time, etc.
  5. Shell GLOB patterns – wildcard pattern matching of pathnames
  6. Next week: Shell I/O Redirection – stdin, stdout, stderr, and Pipes
  7. The VI (VIM) Text Editor – (optional) the universal Unix/Linux text editor
    • this is not optional if you want to get a good Linux job
  8. List of Commands – Command names you should know, listed by week
  9. Video Tutorials on Lynda.com – tagged by week number
  10. Linux and Sysadmin News in the World

1.2 Assignments this weekIndexup to index

Check the due date for each assignment and put a reminder in your agenda, calendar, and digital assistant. Just like in the Real World, not all due dates are on the same days or at the same times.

1.3 Lab work this weekIndexup to index

1.3.1 WorksheetsIndexup to index

Worksheets are preparation for your assignments. You can’t do the assignments without having done the worksheets first, and you can’t do the worksheets without having first read the Course Notes: 1. Read. 2. Worksheets. 3. Assignment.

Make notes from the worksheets on how each command works. What do the options used in the worksheets mean, for each command? (See the weekly List of Commands.)

Form a small study group to do the worksheets. Each person tries the example given, and you make sure you all get the same answers. Worksheets are not for hand-in; they are not worth marks; the assignments test your knowledge of the lectures and worksheets.

The worksheets are available in four formats: Open Office (ODT), PDF, HTML, and Text. Only the Open Office format allows you “fill in the blanks” in the worksheet. The PDF format looks good but doesn’t allow you to type into the blanks in the worksheet. The HTML format is crude but useful for quick for viewing online.

Do NOT open the Worksheet ODT files using any Microsoft products; they will mangle the format and mis-number the questions. Use the free Libre Office or Open Office programs to open these ODT documents. On campus, you can get a copy here: Course Introduction: Install Libre Office.

Worksheets #02 and #03 require you to have read File System and Pathnames:

Worksheets #04 and #05 require you to have read Shell GLOB patterns and Shell I/O Redirection:

Worksheet #06 is for the optional VIM Bonus Assignment (extra credit):

Worksheets prepare you for the upcoming assignments.

1.4 Upcoming testsIndexup to index

Follow this link to see all your upcoming Quizzes and Tests. The dates are also posted on the Course Home Page and on Brightspace CST8207.

For full marks, read the Test Instructions (all the words) before your midterm tests.

  1. First Midterm test: 45 minutes; in your one-hour lecture class in Week 6.
  2. Second Midterm test: 45 minutes; in your one-hour lecture class in Week 10.

Tests take place in your one-hour lecture class, not in your lab period. You must write the test in the lecture class in which you are registered.

2 Notes from the ClassroomIndexup to index

2.1 Simplifying pathnamesIndexup to index

You will see lots of these: Rewrite each pathname as a simplified absolute pathname with no . or .. references:

  1. /home/me/../you/../../etc/../home/me/../you/../me/../foo
  2. /home/me/../you/../../etc/../home/me/../you/../me/../..
  3. /usr/./bin/../lib/../../etc/../usr/./lib/../bin/./bar
  4. /usr/./bin/../lib/../../etc/../usr/./lib/../bin/..
  5. /../../var/./a/../../var/b/../../etc/./bar/../foo
  6. /../../var/./a/../../var/b/../../etc/./bar/..

2.2 Draw File System DiagramsIndexup to index

Draw File System Diagrams on paper to understand where files are when you do the worksheets, the assignments, and the tests and exams!

See the note in Assignment #03 HTML about drawing file system diagrams on paper. Do it!

Pathnames Diagram on Whiteboard

2.3 Did not change password – CLS access revokedIndexup to index

Students will have their CLS accounts disabled if they have not changed their default password. (I do not want people breaking into my machine because of you.)

See my online timetable for how to make an office appointment to see me if you want your account back.

2.4 Fifteen minute rule: don’t waste your timeIndexup to index

See the Course Introduction: fifteen minute rule

2.5 Commands UsedIndexup to index

Keep a notebook with a List of Commands in it.

  • You need to write down yourself what each command does.
  • Check the updated list of commands each week.
  • I will check for this list in your lab periods.
  • Bring your notes to class! Stop wasting time looking up commands.

2.6 Not Reading All The WordsIndexup to index

These do not produce the same output file:

$ find . >foo ; mv foo dir/foo
$ find . >dir/foo

If the assignment asks you to redirect the output into a file in a specific directory, then only the second answer above is correct. The first answer, using mv, will have the wrong pathnames in it.

2.7 Working hard, not working smartIndexup to index

2.8 Not doing worksheets: working hard, not smartIndexup to index

This student below (from a previous term) didn’t do the worksheets and doesn’t know about any options to the mkdir command. Instead of typing one command to make the directory tree, he has to use ten (!), and gets the name wrong, too. He also didn’t hear me talk about not using cd all the time, so he marks himself as a Windows newbie. This won’t look good in a job interview:

$ mkdir 1ldIr
$ cd 1ldIr
$ mkdir one
$ mkdir two
$ mkdir one/0neOne
$ cd one
$ ls
$ cd ..
$ ls
$ mkdir two/tw0two

Don’t be this guy. No employer wants to pay you to type ten commands when one will do the job. Work smarter, not harder. Do the worksheets!

3 Sysadmin work on the CLSIndexup to index

Your boss may ask you for statistics on your server.

3.1 Password failuresIndexup to index

Count and then show the password failures:

$ fgrep -c 'Failed' /var/log/auth.log
$ fgrep 'Failed' /var/log/auth.log | less

3.2 Userid failuresIndexup to index

Count and the show the userid failures:

$ fgrep -c 'input_userauth' /var/log/auth.log
$ fgrep 'input_userauth' /var/log/auth.log | less

3.3 The whois commandIndexup to index

You can use the whois command on Linux to identify which country is responsible for an IP address, or use a Web Whois Lookup.

The Linux whois command is blocked from use at Algonquin College, except if you are on the CLS. You can’t use the whois command in your own Linux machines while you are on campus. Use whois on the CLS or do a lookup via the web interface instead.

3.4 HTTP attacks on Course Linux ServerIndexup to index

In addition to the SSH attacks, machines on the Internet receive attacks using bogus HTTP requests. These unsuccessful attacks below attempt to use a chain of parent directories to fetch a file out of the file system:

[Dec 13 13:50:57 2015] [client 54.201.251.33] GET /../../ratings.html
[Dec 13 13:51:01 2015] [client 54.201.251.33] GET /../../index.html
[Apr 26 17:09:59 2016] [client 67.79.37.250] GET /../../../../../../../mnt/mtd/yqcP
[May 02 12:21:45 2016] [client 222.235.67.147] GET /../../../../../../../mnt/mtd/IJSj
[Jun 27 17:54:40 2016] [client 222.198.128.207] GET /../../../../../../../mnt/mtd/3qS9
[Oct 07 09:34:11 2016] [client 64.137.234.42] GET /../../../../../../../mnt/mtd/ahMk
[Oct 15 06:49:57 2016] [client 177.142.99.103] GET /../../../../../../../mnt/mtd/qt
[Oct 19 20:49:33 2016] [client 189.100.188.31] GET /../../../../../../../mnt/mtd/qt
[Oct 23 00:43:39 2016] [client 191.189.55.9] GET /../../../../../../../mnt/mtd/qt
[Nov 02 21:35:09 2016] [client 201.37.223.72] GET /../../../../../../../mnt/mtd/qt
[Jan 07 20:51:33 2017] [client 201.17.154.181] GET /../../../../../../../mnt/mtd/qt
[May 10 21:22:29 2017] [client 187.67.167.31] GET /../../../../../../../mnt/mtd/qt
[28/Sep/2017:23:57:19 -0400] "GET /?i=../../../../../proc/self/environ"
[06/Nov/2017:07:56:19 -0500] "GET /sdk/../../../../../..//etc/vmware/hostd/vmInventory.xml"
[10/Feb/2018:04:44:53 -0500] "GET /index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../../../../configuration.php"
[01/Apr/2018:23:35:23 -0400] "GET /wp-content/plugins/wp-ecommerce-shop-styling/includes/download.php?filename=../../../../../../../../../etc/passwd"
[02/Apr/2018:06:02:56 -0400] "GET /cst8207/17w/notes/data//wp-content/plugins/ibs-mappro/lib/download.php?file=../../../../wp-config.php"
[02/Apr/2018:06:02:57 -0400] "GET /cst8207/17w/notes/data//wp-content/plugins/s3bubble-amazon-s3-html-5-video-with-adverts/assets/plugins/ultimate/content/downloader.php?path=../../../../../../../wp-config.php"
[Tue Jul 03 18:22:42 2018] [client 218.211.168.176:37148] GET //./.././..

The Apache web server blocked all the above attacks.

3.5 Getting bugs fixed in Free/Libre Open Source Software (FLOSS)Indexup to index

On September 15 at 2:02am, I report a missing format in a piece of Perl software on my Linux system:

From: "Ian! D. Allen" <idallen@idallen.ca>
Subject: missing format for DateTime::Format::Flexible
Date: Sat, 15 Sep 2018 02:02:48 -0400
To: Tom Heady <cpan@punch.net>

https://metacpan.org/pod/DateTime::Format::Flexible

"If you can think of any that I do not cover, please let me know."

I was surprised that this could not be parsed:

     Sep 10, 2018 12:58

but this worked fine:

     Sep 10, 2018 12:58:00

At 02:06am (four minutes later), I receive a reply email from the software author, saying he added the missing format and will release the fix next week:

From: Tom Heady <tom@punch.net>
Subject: Re: missing format for DateTime::Format::Flexible
Date: Sat, 15 Sep 2018 02:06:31 -0400
To: "Ian! D. Allen" <idallen@idallen.ca>

Thanks for the info, I'll have a new release out this next week to
support that format.    Tom

The problem was fixed in four minutes!

People who write and maintain Free/Libre Open Source Software (FLOSS) take pride in their work and are motivated to keep it updated.

4 Locked out of the CLSIndexup to index

When you are locked out, follow the directions in the notes to get your IP address re-enabled.

Take Notes in Class
Ian! and the Pathnames Diagram
Author: 
| Ian! D. Allen, BA, MMath  -  idallen@idallen.ca  -  Ottawa, Ontario, Canada
| Home Page: http://idallen.com/   Contact Improv: http://contactimprov.ca/
| College professor (Free/Libre GNU+Linux) at: http://teaching.idallen.com/
| Defend digital freedom:  http://eff.org/  and have fun:  http://fools.ca/

Plain Text - plain text version of this page in Pandoc Markdown format

Campaign for non-browser-specific HTML   Valid XHTML 1.0 Transitional   Valid CSS!   Creative Commons by nc sa 3.0   Hacker Ideals Emblem   Author Ian! D. Allen