- 论坛徽章:
- 0
|
(6)Debug Exercise II
In this exercise, you’ll be working with a modified /etc/inittab configuration file. To prepare, back up this file to something that you can remember and restore as required, such as /etc/bak.inittab.
The objective is to learn the effect of a corrupt or erroneous /etc/inittab file.
1. Start Red Hat Linux. Copy and back up your /etc/inittab configuration file. One possible name is /etc/bak.inittab.
2. Run the ps aux | less command. Note the substantial number of running processes. Save this output to a file, or send it to a printer.
3. Open your /etc/inittab file in a text editor.
4. Change the x in the id :initdefault line to 4.
5. Comment out the l4:4:wait:/etc/rc.d/rc 4 line in /etc/inittab. Save your changes.
6. Use the reboot command to restart Linux.
7. Observe the messages as Linux reboots. Note how inittab starts in runlevel 4.
8. Log in at the text console.
9. Run the ps aux command. Note the relatively small number of running processes.
10. Compare the output to the process list running when you started Linux in runlevel 3.
11. Note the processes that haven’t started. Especially if you’ve already configured network processes such as NFS or Samba, note how those daemons are not active.
12. Restore your original /etc/inittab file. Use the backup you created in step 1 if required.
(6)Debug Exercise III
In this exercise, you’ll be working with an erroneous /etc/fstab configuration file. To prepare, copy and back up this file to something that you can remember and restore as required, such as /etc/bak.fstab. A simple mistake in editing /etc/fstab can keep your computer from booting properly.
You’ll want to observe the result carefully.
The objective is to learn the effect of an improperly edited /etc/fstab file.
1. Start Red Hat Linux. Copy and back up your /etc/fstab configuration file. One possible name is /etc/bak.fstab.
2. Edit the /etc/fstab file. For the filesystem associated with your root (/) directory, delete ext3, the standard Linux format. Save your changes.
3. Make sure you have a boot disk that can serve as a rescue disk. If you know that your computer can boot directly from your Red Hat Linux installation CD, you’re set. Otherwise, create a boot disk from the appropriate image file (boot.img, bootnet.img, or pcmcia.img).
4. Use the reboot command to restart Linux.
5. When you see your boot loader, probably GRUB, select your current version of Red Hat Linux.
6. Watch the messages as they scroll across the screen. Note the large number of references to a “Read-only file system.” Since the root directory isn’t properly recognized, Red Hat Linux tries to compensate.
7. The boot process will stop. The actual details depend on the other filesystems that you may have configured in /etc/fstab.
8. Reboot your computer. When you see your boot loader, probably GRUB, you’ll want to add a message to the kernel command line. In GRUB, enter p and type in your password if required. Then enter the a command to modify the kernel command line. You should see something like the following:
grub append> ro root=/dev/hda1
9. Type the word single at the end of this command line, and press ENTER. See what happens.
10. You are taken to single-user mode.
11. Now try restoring your /etc/fstab file from the backup that you made. What happens?
12. Remount your root directory (/) in read/write mode. For example, if your root directory is normally located on /dev/hda2, run the following command:
mount -o remount,rw /dev/hda2
13. Try restoring your /etc/fstab file from the backup again. You should now be successful.
14. Try the reboot command again. Linux can now find the proper formats from the original /etc/fstab and should reboot fairly normally.
(6)Debug Exercise IV
In this exercise, you’ll be practicing with an FTP server, wu-ftpd. This is also known as the Washington University FTP server, or WU-FTP. The service can be on or off by default. It may be blocked by a firewall. Service may be denied through the /etc/xinetd.d/telnet configuration file or through /etc/hosts.deny. Ideally, you’ll be able to check your work through another computer on a LAN.
1. Start Red Hat Linux. Check for the installation of the wu-ftpd package with the rpm -q wu-ftpd command. Install the wu-ftpd RPM if required.
2. Check your configuration for a firewall with the /sbin/service iptables status command.
3. If there are iptables rules active on your system, you may want to back them up with the /sbin/iptables-save > filename command.
4. If you have iptables rules, flush them with the /sbin/iptables -F command.
5. Check your /etc/hosts.allow and /etc/hosts.deny files. If there are rules related to in.ftpd or ALL services in either file, comment them out.
6. Check the default status of the WU-FTP server with the /sbin/chkconfig --list wu-ftpd command. The response should be off or on. Use chkconfig to turn WU-FTP on if required.
7. Check the /etc/xinetd.d/wu-ftpd configuration file. If there are only_from or no_access directives in this file, comment them out.
8. Now you should be able to connect to the WU-FTP server. Try it from the local computer with the ftp localhost command. You should be able to log in as “anonymous,” or with a local user name and password.
9. See the files you access if you log in as a real user. Repeat again with an anonymous login. Once you’re finished browsing around, log out of ftp.
10. Repeat the ftp access request from a remote computer. Use the name or the IP address of the ftp server. Log out of ftp.
11. On the wu-ftpd server computer, add the following line to the /etc/xinetd.d/wu-ftpd configuration file:
no_access = 127.0.0.1
12. Try the ftp localhost command. What happens? Is a successful login through ftp unexpected?
13. Run the /sbin/service xinetd reload command. Repeat step 11. What happens now? If possible, try to use the ftp command to connect to the wu-ftpd server from a different computer on your LAN. Can you connect?
14. Restore the original /etc/xinetd.d/wu-ftpd configuration file and run /sbin/service xinetd reload command again.
15. Open the /etc/hosts.deny file in a text editor. Add the following line:
in.ftpd : ALL
16. Repeat step 11. What happens now? Try this again from another computer on your LAN.
17. Restore the original /etc/hosts.deny file.
18. Now try to set up a firewall to block yourself from accessing the WU-FTP server on the local computer.
19. Add the following iptables chain to your firewall (the TCP/IP port for ftp is 21. You can look up the port you need in /etc/services):
/sbin/iptables -A INPUT -s 127.0.0.1 -p tcp --dport 21 -j REJECT
20. Verify that your computer accepted this new rule with the iptables -L command. You should see that packets destined for the WU-FTP server are to be dropped.
21. Repeat step 12. What happens now? Try to log in via ftp again from another computer on your LAN.
22. Note how the response is different when you block access through a firewall and through a file such as /etc/hosts.deny.
23. Restore your original firewall. Flush the rule that you created with the /sbin/iptables -F command. Then restore the old rules if required with the /sbin/iptables-restore < filename command. |
|
免费注册
楼主: sam's
发表于 2005-11-16 08:51
