CHAPTER 6. SYSTEM DATA FILES AND INFORMATION System Programming 本份投影片大量參考熊博安教授的系統程式投影片羅習五國立中正大學資訊工程學系

Slides:

Advertisements

Similar presentations

Unix Time Functions CNS The basic Linux (and Unix) time service counts the number of seconds that have passed since January 1, 1970 (UTC). These.

Advertisements

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.

Basic Unix system administration

Chapter 9 Times and Timers Source: Robbins and Robbins, UNIX Systems Programming, Prentice Hall, 2003.

System Files and Process Environment Password file Group file System identification Time Process environment.

Utmp.h The utmp file records information about who is currently using the system The file is a sequence of utmp entries, as defined in struct utmp in the.

Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.

1 Homework / Exam HW7 due class 25 Exam 3 - class 26 –Open Book, Open Notes –Covers up through end of K&R 7 –and Appendix B Standard Library –Plus UNIX.

User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.

Unix Process Environment. main Function A C program starts execution with a function called main. The prototype for the main function is: int main (int.

Operating Systems Recitation 11, June 9-10, 2002.

Linux+ Guide to Linux Certification, Second Edition

Week 8 - Friday.  What did we talk about last time?  String to int conversions  Users and groups  Password files.

1. This presentation covers :  User Interface Administration  Files System and Services Management 2.

Introduction to Linux Installing Linux User accounts and management Linux’s file system.

CIS 218 Advanced UNIX 1 User and System Information CIS 218.

2/19/2003 Lecture 3 Computer System Administration Lecture 3 Setup (continued)

Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.

IT2204: Systems Administration I 1 6b). Introduction to Linux.

Unix System Administration Chapter 6 Adding New Users.

Linux+ Guide to Linux Certification, Third Edition

Managing Users Objectives Contents Practicals Summary

ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies.

CS 590 Programming Environments with UNIX. Computer Lab Account Course Homepage

Users Greg Porter V1.0, 26 Jan 09. What is a user? Users “own” files and directories Permission based on “ownership” Every user has a User ID (UID) 

Agenda Getting Started: Using Unix Unix Structure / Features Elements of the Unix Philosophy Unix Command Structure Command Line Editing Online Unix Command.

Managing Users  Each system has two kinds of users:  Superuser (root)  Regular user  Each user has his own username, password, and permissions that.

Copyright ©: Nahrstedt, Angrave, Abdelzaher1 Timers and Clocks.

Chapter 3 & 6 Root Status and users File Ownership Every file has a owner and group –These give read,write, and execute priv’s to the owner, group, and.

Managing Users Objectives –to be able to add, modify and remove Unix user accounts Contents –requirements for a user account –configuration files (passwd,

Files and Directories File types stat functions for file information

Λειτουργικά Συστήματα - Lab1 Γιάννης Πετράκης. The Operating System  Unix is a layered operating system  The innermost layer is the hardware that provides.

Copyright ©: Nahrstedt, Angrave, Abdelzaher, Caccamo1 Timers and Clocks.

Interacting with Unix. Getting the Process ID u Synopsis #include pid_t getpid(void); u Example: #include int main(){ pid_t n = getpid(); printf("Process.

The Saigon CTT Chapter 10 Managing Users. The Saigon CTT  Objectives  Define the requirements for user accounts  Explain group and group accounts 

Manually Creating a New User Account Presented by Carl South.

SCSC 455 Computer Security Chapter 3 User Security.

Lecture – Users and groups

Linux Use the Command-Line Interface to Administer the System.

1. Edit the password and group files > vipw(8), pw(8) 2. Set an initial password > passwd lwhsu 3. Set quota > edquota [-u] lwhsu 4. Create user home.

CSC414 “Introduction to UNIX/ Linux” Lecture 6. Schedule 1. Introduction to Unix/ Linux 2. Kernel Structure and Device Drivers. 3. System and Storage.

SUSE Linux Enterprise Desktop Administration Chapter 9 Manage Users, Groups, and Permissions.

Chapter 6 Adding New Users. Computer Center, CS, NCTU 2 Steps to add a new user 1.Edit the password and group files >vipw, pw 2.Set an initial password.

1 System Programming Chapter 6. 2 Administration Misc. The mid-term will be held on April 26, 2006 in class. It will cover Chapters 1 to 6. MP2 is due.

BIF713 Introduction to Linux. Agenda Getting Started: Using Linux Unix and Linux - Structure / Features Elements of the Linux Philosophy Linux Command.

CSCE Systems Programming Lecture 06 - C++/Java  C, Memory CSCE 510 Jan 23, 2013.

Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.

Basic UNIX system administration CS 2204 Class meeting 14 *Notes by Doug Bowman and other members of the CS faculty at Virginia Tech. Copyright

Week 9 - Wednesday.  What did we talk about last time?  structs.

Advanced Programming in the UNIX Environment Hop Lee.

Textbook: Advanced Programming in the UNIX Environment, 2 nd Edition, W. Richard Stevens and Stephen A. Rago 1 Chapter 15. Interprocess Communication System.

Company LOGO Security in Linux PhiHDN - VuongNQ. Contents Introduction 1 Fundamental Concepts 2 Security System Calls in Linux 3 Implementation of Security.

Copyright ©: Nahrstedt, Angrave, Abdelzaher, Caccamo

Week 9 - Monday CS222.

Module X (Unix/Linux Password Security)

Lab 05 Firewalls.

Week 9 - Wednesday CS222.

Chapter 11: Managing Users

User Access and User ID Commands in UNIX

UNIX System Overview.

Chapter 2 User Management

Adding New Users, Storage, File System

Unix Access Control Basic CE 2

Module 13 System and User Security

Adding New Users Chapter 6.

Administering Users and Groups

Adding New Users.

閨怨 ~王昌齡閨中少婦不知愁，春日凝妝上翠樓；忽見陌頭楊柳色，悔教夫婿覓封侯。.

Chapter 6 Adding New Users

Module 06 Getting Help.

Presentation transcript:

CHAPTER 6. SYSTEM DATA FILES AND INFORMATION System Programming 本份投影片大量參考熊博安教授的系統程式投影片羅習五國立中正大學資訊工程學系 EA-001 (05) ext Office: EA-517

Introduction System Files: password file: /etc/passwd group file: /etc/group A portable interface for application programs to access these system files Time and date functions Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 2

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 3 Password File ASCII text: /etc/passwd passwd structure in

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 4 Password File 3 more fields in FreeBSD and Mac OS X 10.3 user access class: char *pw_class next time to change password: time_t pw_change account expiration time: time_t pw_expire

Mac OS X OS X is based upon the Mach kernel. Certain parts from FreeBSD's and NetBSD's implementation of Unix were incorporated in NeXTSTEP, the core of Mac OS X. Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 5

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 6 Password File root: superuser, UID=0 root:x:0:0:root:/root:/bin/bash device account, no login allowed squid:x:23:23::/var/spool/squid:/dev/null guest, no priviledges nobody:x:65534:65534:Nobody:/home/bin/sh normal user account sar:x:205:105:Stephen Rago:/home/sar:/bin/bash

/bin/false 這裡比較需要注意的是，有一個 shell 可以用來替代成讓帳號無法登入的指令！那就是 /bin/false 這個東西！這也可以用來製作純 pop 郵件帳號者的資料呢！ Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 7

passwd on Mac OS X nobody:*:-2:-2:Unprivileged User:/var/empty:/usr/bin/false root:*:0:0:System Administrator:/var/root:/bin/sh daemon:*:1:1:System Services:/var/root:/usr/bin/false Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 8

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 9 Password File Comment field: Steve Rago, SF 5-121, , Name, Office, Phone Numbers, etc. vipw command edits password file serializes changes to password file

man vipw VIPW(8) BSD System Manager's Manual VIPW(8) NAME vipw -- edit the password file SYNOPSIS vipw DESCRIPTION Vipw edits the password file after setting the appropriate locks, and does any necessary processing after the password file is unlocked. If the password file is already locked for editing by another user, vipw will ask you to try again later. The default editor for vipw is vi(1). Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 10

Functions to fetch entries #include struct passwd *getpwuid(uid_t uid); struct passwd *getpwnam(const char *name); Return: pointer to passwd structure if OK, NULL on error Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 11

The getpwuid function is used by the ls (1) program to map the numerical user ID contained in an i-node into a user’s login name. The getpwnam function is used by the login (1) program when we enter our login name. Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 12

Go through passwd file #include struct passwd *getpwent(void); Returns: pointer if OK, NULL on error/EOF void setpwent(void); //rewinds files void endpwent(void); //closes files Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 13

Fig. 6.2: Implement getpwnam 1. #include 2. #include 3. #include 4. struct passwd * 5. getpwnam(const char *name) 6. { 7. struct passwd *ptr; setpwent(); 10. while ( (ptr = getpwent()) != NULL) { 11. if (strcmp(name, ptr->pw_name) == 0) 12. break;/* found a match */ 13. } 14. endpwent(); 15. return(ptr);/* ptr is NULL if no match found */ 16. } Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 14

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 15 Shadow Passwords Encrypted passwords  /etc/shadow or /etc/master.passwd Shadow is readable only by root /etc/passwd is world-readable Cannot access encrypted passwd data for guessing the real passwords!

Shadow Passwords Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 16 Descriptionstruct spwd member user login namechar *sp_namp encrypted passwordchar *sp_pwdp days since Epoch of last password change int sp_lstchg days until change allowedint sp_min days before change requiredint sp_max days warning for expirationint sp_warn days before account inactiveint sp_inact days since Epoch when account expires int sp_expire reservedunsigned int sp_flag

Shadow Passwords Linux and Solaris 9 Separate set of functions to access shadow passwords #include struct spwd *getspnam(const char *name); struct spwd *getspent(void); Return: pointer if OK, NULL on error void setspent(void); void endspent(void); Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 17

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 18 Group File ASCII text: /etc/group group structure in

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 19 Lookup group entry #include struct group *getgrgid(gid_t gid); struct group *getgrnam(const char *name); Return: pointer if OK, NULL on error

Search group file #include struct group *getgrent(void); /* read next entry */ Returns: pointer if OK, NULL on error/EOF void setgrent(void); /* rewind group file */ void endgrent(void); /* close group file */ Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 20

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 21 Supplementary Group IDs POSIX.1 requirement A user could belong to a group with GID in password file, and A user could at the same time belong to up to 16 additional supplementary groups No need to change groups using newgrp() as we did before

Supplementary Group IDs #include int getgroups(int gidsetsize, gid_t grouplist[]); Returns: #supp GIDs if OK, -1 on error #include /* on Linux */ #include /*on FreeBSD, Mac OS X, Solaris*/ int setgroups(int ngroups, const gid_t grouplist[]); #include /* on Linux, Solaris */ #include /*on FreeBSD, Mac OS X */ int initgroups(const char *username, gid_t basegid); Both return: 0 if OK, -1 on error Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 22

Supplementary Group IDs getgroups Fills grouplist with gidsetsize group IDs setgroups set supplementary GID for calling process initgroups reads entire group file ( getgrent, setgrent, endgrent ) calls setgroups to initialize supplementary GIDs basegid (from password file) is also included called by login Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 23

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 24 Implementation Differences InfoFreeBSD Linux Mac OS X 10.3 Solaris 9 Account Info /etc/passwd netinfo/etc/passwd Encrypted Password /etc/master. passwd /etc/shadownetinfo/etc/shadow Hashed Password Files? Yes /etc/pwd.db /etc/spwd.db No Group Info/etc/group netinfo/etc/group

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 25 Other Data Files (Fig. 6.6) Similar routines to access the data files: get, set, end

Login Accounting utmp: currently logged-in users wtmp: all logins and logouts struct utmp { char ut_line[8]; /* tty line */ char ut_name[8]; /* login name */ long ut_time; /* secs since Epoch */ }; Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 26

System Identification 1.#include 2.int uname(struct utsname *name); Returns: non-neg value if OK, -1 on error 3.struct utsname { 4. char sysname[]; /* name of OS */ 5. char nodename[]; /* name of node */ 6. char release[]; /* OS release */ 7. char version[]; /* OS version */ 8. char machine[]; /* name of hardware type */ 9.}; Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 27

uname UNAME(1) BSD General Commands Manual UNAME(1) NAME uname -- Print operating system name SYNOPSIS uname [-amnprsv] DESCRIPTION The uname utility writes symbols representing one or more system charac- teristics to the standard output. The following options are available: -a Behave as though all of the options -mnrsv were specified. -m print the machine hardware name. -n print the nodename (the nodename may be a name that the system is Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 28

System Identification 1.#include 2.int gethostname(char *name, int namelen); Returns: 0 if OK, -1 on error Null-terminated name if enough space POSIX.1: HOST_NAME_MAX Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 29

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 30 Time and Date Routines #seconds since Epoch: 00:00: /1/1, UTC Different from other OS: keeping time in UTC, instead of local time automatic time conversions E.g.: daylight saving time keeping time and date as a single quantity

time & gettimeofday functions 1.#include 2.time_t time(time_t *calptr); Returns: value of time if OK, -1 on error time is stored in calptr if not NULL 1.#include 2.int gettimeofday(struct timeval *restrict tp, void *restrict tzp); Returns: 0 always Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 31 struct timeval { time_t tv_sec; /* sec */ long tv_usec; /*microsec*/ };

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 32 Time functions Affected by TZ env var: localtime, mktime, ctime, strftime

Broken down time 1.struct tm { 2.int tm_sec; /* secs after the minute: [0-60] */ 3.int tm_min; /* minutes after the hour: [0-59] */ 4.int tm_hour; /* hours after midnight: [0-23] */ 5.int tm_mday; /* day of month: [1-31] */ 6.int tm_mon; /* month of year: [0-11] */ 7.int tm_year; /* years since 1990 */ 8.int tm_wday; /* days since Sunday: [0-6] */ 9.int tm_yday; /* days since Jan 1: [0-365] */ 10.int tm_isdst; /* daylight saving time flag: 0 */ 11.}; Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 33

Time functions 1.#include 2.struct tm *gmtime(const time_t *calptr); 3.struct tm *localtime(const time_t *calptr); Return: pointer to broken-down time 1.time_t mktime(struct tm *tmptr); Returns: calendar time if OK, -1 on error Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 34

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 35 Time functions date: Tue Jan 14 17:49: \n\0 totally 26-bytes 1.char *asctime(const struct tm *tmptr); 2.char *ctime(const time_t *calptr); Return: pointer to string

Time function 1.size_t strftime(char *buf, size_t maxsize, const char *format, const struct tm *tmptr); Returns: #char stored in buf if room, else 0 Time value from tmptr is formatted according to format and stored in buf of size maxsize, if there is enough room, otherwise 0 is returned. Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 36

Slides©2006 Pao-Ann Hsiung, Dept of CSIE, National Chung Cheng University, Taiwan 37 Conversion Specifiers for Time Formats in strftime()

Time Zone (TZ env var) Functions affected by TZ: localtime(), mktime(), ctime(), strftime() E.g.: TZ=EST5EDT Slides©2006 Pao-Ann Hsiung, National Chung Cheng University, Taiwan 38 Lookup Time Zone Abbreviations: About Daylight Saving Time (DST) (in Chinese)