Differences

This shows you the differences between two versions of the page.

--- blog:spring2016:mp010784:journal [2016/02/27 17:16] – [Week 5] mp010784
+++ blog:spring2016:mp010784:journal [2016/04/30 17:15] (current) – [Week 14] mp010784
@@ Line 190: / Line 190: @@
 After playing with whiptail and re-acclimating to bash scripting again after a year of not doing any bash scripting, I installed ssh daemon onto the samba server and created users for both Tyler and I and gave us both sudo privileges.  We both tested it and logged into the samba server from the pods to verify that it worked.
-On Friday, Tyler and I started looking at the script we were gonna try to write and started looking into ways to share a session and we installed screen and tmux trying to do that ultimately to land on grabbing wemux, which we both still need to learn how to configure and use. https://github.com/zolrath/wemux|https://github.com/zolrath/wemux
+On Friday, Tyler and I started looking at the script we were gonna try to write and started looking into ways to share a session and we installed screen and tmux trying to do that ultimately to land on grabbing wemux, which we both still need to learn how to configure and use. https://github.com/zolrath/wemux
+====Week 6====
+On Monday Tyler and I looked at Tyler's experimenting with the whiptail user admin script for the samba server.  We ended up creating a repository for us to share work on the code for that script located at http://www/hg/project/manage for the local address or http://lab46.corning-cc.edu/hg/project/manage publically.  We also started looking at having different functions in the bash script handling the calls to other whiptail submenus and runnign outside scripts that perform the various user administration tasks.
+On Wednesday I started digging into a serious attempt to make an admin script as shown here:
+<file>
+#!/bin/bash
+##################################################
+#
+# Something something dark side
+#
+# This is the admin script work in progress for
+# the samba server
+#        -Matthew Page 03/02/2016
+#
+##################################################
+##################################################
+#
+# Functions, Functions, Functions!!!
+#
+##################################################
+##quit function to break out of whole proogram
+function quit {
+    exit 0
+}
+##This is the MAIN MENU function
+function menu {
+    whiptail --title "Main Menu" --menu "" 12 70 0 "Users" " - Add a New User" "Passwords" " - Change Passwords" "Groups" " - Something about groups" "Quit" " - Exit" --clear --nocancel 2>./junk.txt
+    choice="`cat ./junk.txt`"
+    rm -rf ./junk.txt
+    if [ "$choice" != "Quit" ]; then
+        echo "Not quitting, doing something else"
+        case $choice in
+            Users)
+                echo "Doing something with users, eh?"
+                users                                  #calling user submenu function
+                ;;
+            Passwords)
+                echo "Resetting your password to something you don't know."
+                passwords                              #calling passwords submenu function
+                ;;
+            Groups)
+                echo "Groups? Why does this option exist?"
+                groups                                 #calling groups submenu function
+                ;;
+            *)
+                echo "Somethign else.  Where Am I?"
+                ;;
+        esac
+    else
+        echo "Quitting..."
+        quit
+    fi
+}
+##Users submenu (primary purpose for this script)
+function users {
+    whiptail --title "User Creation Menu" --menu "" 12 70 0 "Go_Back" " - Go back to Main Menu" "Add_Users"  " - Add a new User" "Delete_Users" " - Delete an existing user" "Quit" " - Exit completely" --clear --nocancel 2> ./junk.txt
+    choice="`cat ./junk.txt`"
+    rm -rf ./junk.txt
+if [ "$choice" != "Quit" ]; then
+    echo "Not quitting, doing something else"
+    case $choice in
+        Go_Back)
+            echo "Returning to Main Menu"
+            menu                                  #calling main menu function
+            ;;
+        Add_Users)
+            echo "Need to implement something here to add users"
+            ;;
+        Delete_Users)
+            echo "Need to implement something here to delete users"
+            ;;
+        *)
+            echo "Somethign else.  Where Am I?"
+            ;;
+    esac
+else
+    echo "Quitting..."
+    quit
+fi
+}
+#Password submenu (if needed)
+function passwords {
+    whiptail --title "Password Editing Menu" --menu "" 12 70 0 "Go back" " - Go back to Main Menu" "Change Passwrod"  " - Change a user's password" "Reset Password" " - Reset a user's password" "Quit" " - Exit completely" --clear --nocancel 2> ./junk.txt
+    choice="`cat ./junk.txt`"
+    rm -rf ./junk.txt
+}
+##Groups submenu (if needed)
+function groups {
+    whiptail --title "Groups Editing Menu" --menu "" 12 70 0 "Go Back" " - Go back to Main Menu" "Add User to Group"  " - Add a user to an existing group" "Add Group" " - Create a whoel new group" "Remove User from Group" " - Remove a User from an existing group" "Quit" " - Exit this section or whole thing?" --clear --nocancel 2> ./junk.txt
+    choice="`cat ./junk.txt`"
+    rm -rf ./junk.txt
+}
+#This Line doesn't work
+#choice=$(whiptail --title "Main Menu" --menu "" 12 70 0 "Users" " - Add a New User" "Passwords" " - Change Passwords" "Groups" " - Something about groups" "Quit" " - Exit" --clear --nocancel)
+##################################################
+#
+#  Main Menu
+#
+##################################################
+menu
+#whiptail --title "Main Menu" --menu "" 12 70 0 "Users" " - Add a New User" "Passwords" " - Change Passwords" "Groups" " - Something about groups" "Quit" " - Exit" --clear --nocancel 2>./junk.txt
+#choice="`cat ./junk.txt`"
+#rm -rf ./junk.txt
+#if [ "$choice" != "Quit" ]; then
+#    echo "Not quitting, doing something else"
+#
+#    case $choice in
+#        Users)
+#            echo "Doing something with users, eh?"
+#            users                                  #This is designated to be a function call to a fucntion that doesn't exist yet
+#            ;;
+#        Passwords)
+#            echo "Resetting your password to something you don't know."
+#            passwords                              #This is designated to be a function call to a function that doesn't exist yet
+#            ;;
+#        Groups)
+#            echo "Groups? Why does this option exist?"
+#            groups                                  #This is designated to be a function call to a function that doesn't exist yets
+#            ;;
+#        *)
+#            echo "Somethign else.  Where Am I?"
+#            ;;
+#    esac
+#
+#else
+#    echo "Quitting..."
+#    quit
+#fi
+exit 0
+</file>
+I came down with the flu, or something flu-like, so I missed Thursday and Friday this week and as of Sunday i feel a little better, hopefully I show up on Monday.
+====Week 7====
+This week I was sick and thus absent on Monday.  Wednesday and Friday, Tyler and I decided to start using his setup of directories of sub scripts for the overall main user administration script.  We got that all organized and pushed to our repository and then started working on the actual part that adds and removes users.  We had to figure out how to manage the password in the script because the command I typically use to add a user manually from bash is:
+<cli>
+sudo useradd -m -g somegroup -s /bin/bash/ username
+</cli>
+In our case we don;t want them to have a shell so the -s and /bin/bash is being dropped.  We already have a group called student for the users that are getting added.  The second part of my traditional means of adding a user is then setting up the user's password with:
+<cli>
+sudo passwd username
+</cli>
+But this prompts the user twice (for verification) for the username.  We discovered through the useradd manpage that there is a -p flag for putting in an encrypted password, so the command could become:L
+<cli>
+sudo useradd -m -g student username -p encryptedpasswordhere
+</cli>
+except then we had to find out how to encrypt the password which we found when running the mkpassword on the unencrypted password would result in the encrypted password we needed.  So using our example user joe with the password poop we ran the two commands:
+<cli>
+mkpasswd poop
+</cli>
+which gave us something like this (it's different every time): 1apwqrzeX3VqE\\
+<cli>
+sudo useradd -m -g student joe -p 1apwqrzeX3VqE
+</cli>
+would give us a valid user joe with the password poop which we could login as.  So we incorporated that into this script which became part of the whole user admin set of scripts:
+<file>
+#! /bin/bash
+ttl="Add User(s)"
+username=$(whiptail --backtitle "$back_title" --title "$ttl" --inputbox "Username" $inp_dim "" 3>&1 1>&2 2>&3)
+if [ -z "$username" ]; then exit 1; fi
+password=$(whiptail --backtitle "$back_title" --title "$ttl" --inputbox "Password" $inp_dim "" 3>&1 1>&2 2>&3)
+if [ -z "$password" ]; then exit 1; fi
+crypt=`mkpasswd "$password"`
+sudo useradd -m -g student "$username" -p "$crypt"
+if [ "$?" -ne 0 ]; then exit 1; fi
+exit 0
+</file>
+This successfully creates a user with the specified username and the specified password.  To delete this we need to run:
+<cli>
+sudo deluser joe
+</cli>
+and
+<cli>
+sudo rm -rf /home/joe
+</cli>
+which later we determined we could combine into one step by using an option for deluser:
+<cli>
+sudo deluser joe --remove-home
+</cli>
+which we'll probably make into its own delete user script that gets incorporated into the mix next week.
+====Week 8====
+This week Tyler and I got our script successfully adding users and deleting users, we also made it so that the user (Barb) cannot delete admin users like Tyler or myself, or ultimately wedge who will be the lone person left to administer it after Tyler and I are gone...which reminds me, wedge still needs a user on the samba server.  We also mad ea list of things we definitely still want to implement on the board, these include:\\
+*group wipe (deleting everyone in a group, like the student group at the end of a semester).\\
+*adding smbpasswd to the sudoers file of commands not requiring password entry.\\
+*Stopping and starting the samba server.\\
+*Possibly rebooting the whole machine option.\\
+*kicking a user, or implementing that in deluser script.\\
+Ongoing List:\\
+*organization.\\
+*error handling.\\
+*adding functions.\\
+====Week 9====
+This week Tyler and I got an effective script going to manage a group wipe task.  What I mean by this is to take all users from a group like "students" and remove them, say in the event of the end of the semester and then needing to remove all users who are in the students group.  The commands to do this are simply two simple lines:\\
+<cli>
+students=`cat /etc/passwd | grep 1006 | cut -d ":" -f1`
+for s in $students; do sudo deluser --remove-home $s; done
+</cli>
+This we then incorporated into the rest of our whiptail and script directory structure.  We are currently attempting to see if we can figure out a way to get all of the users from the student group and then use whiptail's checklist option to have every name shown and defaulted to being checked to allow for the administrator to uncheck a single name or a couple names from the group if need be.  This will require us to generate our string for the whiptail command in a loop of some kind.  This feature is very much a work in progress adn we're still not sure if we'll be able to implement it, but we're gonna try because Tyler and I are crazy like that.  When I mentioned our progress on this project to Dan Shadeck he said, "Why don't you guys just use webadmin?" and my response was, "How are Tyler and I going to show off our 1337 bash scripting skills if we just use somebody else's user administration program...no we need to do some bash pimping.\\
+====Week 10====
+Tyler's been on fire this week.  He got the checklist delete all users option fully completed so that when Barb, or whoever uses our admin script, chooses to delete all student accounts, there is an option to uncheck specific users if need be.  This feature has been tested and works as desired.  Now we have begun implementing the means to check disk space used per user and to sort by who is using the most.\\
+We also set up barb's account and made her shell the path to our actual script which we copied into her home directory, so that whenever she logs on it takes her directly to our script, and when she exits our script it exits the connection.\\
+This project is starting to look like it's starting to come to a close real soon.  We just have to add some final polishing and maybe if there are any other features we want to add.  But all of the originally planned features work and work as expected.  So we'll see what we end up doing in the next week or so or if we just close this thing up soon.\\
+====Week 11====
+This week Tyler and I are just shuffling stuff around in menus it seems.  We were debating as to whether or not we need to in the event of adding teacher accounts they would need to have admin level access, whether we made that a separate specific option or whether we created our basic "student" account and then had an option to escalate privileges to make a student a teacher level account, which is effectively just adding that user to the admin and maybe also the sudo group.\\
+We are also looking into potentially displaying some log information in our script as well.  Currently we are playing with the output of last as seen below:\\
+{{http://www.matthewjpage.com/image/lastonsamba.png|something}}\\
+Which we need to have our script parse through some of this data to see the last login times for each user is what I think we were leaning towards.\\
+We also may get a live test with the user who will actually be using this samba server and out admin script (barb) this week when she comes to give us the instructor reviews for the class sometime maybe this week. then we can hammer out anything that isn't intuitive or that may need further explanation or options for barb's everyday usage.\\
+On Thursday afternoon I stayed late in the LAIR and expected to run into Tyler Mosgrove but he was nowhere to be found.  I cried for several minutes then decided to work on our script some more.  I ended up changing the loading messages for our arbitrary loading screens to make Barb wait for no reason, from the very formal, official messages that Tyler put in as "Initializing...",  "Validating...", "Authenticating..."  to what i had originally wanted something with a little bit more humor, so if Tyler will let it fly then it will stay in its current state as "Initializing...", "Waking up hamster...", and "Feeding it caffeine..."  Which is WAY COOLER if you ask me.  I also fully implemented and added an addadmin,sh script which from the ground up creates a new user that belongs to both the student group and admin group for say a teacher to use.  The alternative method woudl be a two step process fo privilege escalation which I have the beginnings of a script called elevatepriv.sh added tot he repo that contains the main commadn that we would need to elevate a lower level student account to an admin account with:\\
+<cli>
+sudo usermod -a g admin USERNAME_HERE
+</cli>\\
+But we may have decided that for Barb's purposes the two step method while more versatile may be too cumbersome and complicated for her usage, so that may be unnecessary.  I also added a simple Credits option the main menu which simply states "DEVELOPED BY: Tyler Mosgrove and Matthew Page" because why not have our name on it somewhere with all that we already have on it.\\
+Still we are planning to add a last login type aspect to our admin script which we still need to hammer out.\\
+====Week 12====
+This week Tyler and I got a few more small things poliahed on our admin script for the samba file server.  We now have two seperate working submenus, one for students and one for instructors.  We spent a bit of time on Monday working on trying to figure a solution to getting the last command to output the most recent instance of a user logging in and after much time trying to use sed, after asking stackoverflow we decided to look into awk as a solution, which appears to have worked, however, it only shows people that have logged in with a shell, which our average user will not ever have access to, so we've had to explore samba logs which are located at /var/log/samba/  by a name such as log.HOSTNAME, so in the case of my HP Envy laptop it shows up as log.hp-envy, we found an option in the samba config file located at /etc/samba/smb.conf to change from hostname (log.%m)to the username (log.%U) and we had to add a line to set the log level as follows:\\
+<file>
+...
+log file = /var/log/samba/log.%U
+...
+log level = 3
+...
+</file>\\
+Matt has also released all the eoce's this week (End Of Course Experience for the uninitiated)I'm assuming that that means we can begin to work on them soon if not now.  I don't think this class's EOCE will be as intense as some previous classes I've taken.\\
+On Wednesday, Tyler got the script's function to show the user's last login, for both teacher and students successfully based upon the samba log file.  We also restructured the main menu to move restart services and reboot the server into a system submenu and also moved credits into the Info section which will also end up including descriptions for what each option in the whole menu does and some help info in addition to the credits.  We also added a user mann for barb as per her request to make it the same username as she has on the old server and changed the sudoers file to allow for this.  The other thing we discovered today was that if you create a user with a backslash at the end of the name (a typo I had made) then it breaks the functionality of the last login portion of the script, so we need to implement a block preventing barb from making a user with any special characters.  This is very close to being completed.\\
+Tyler got the special characters limitation for new usernames expression figured out and implemented and functioning correctly.  We had declared the project done after that only for me to realize that we had intended to have a means of resetting or changing a password that we hadn't implemented yet.  So I added that menu option for both students and instructors and it appears to be working.  Will confirm with Tyler on Monday that everything works as it should and that we are ready to possibly show it off to barb again for testing...maybe not.  But we also if we are going to try to enter the project into the Sustainability Research Student Showcase for last week fo classes we need to write up a submission report early this next week.   Other than that we are probably just doing our eoce's.  Tyler said he already fully completed his for this class.\\
+====Week 13====
+Started working on the EOCE (End of Course Experience) this week.\\
+Tyler and I are also working on our submission of this project into CCC's Inspired series ending event which is a Sustainability Research Student Showcase of projects that students worked on this semester that pertain to one or many fo the facets of sustainability.  Our project addresses all three aspects of sustainability: economic, ecological, and social.  Our submission email:\\
+<file>
+Dr.Powers,
+This is a project submission on the behalf of Tyler Mosgrove & Mathew Page.\\
+The following project was conducted under the High Performance Computing program, and HPC Experience II class in room R108.\\
+The Systems Administration project is a solution to classroom needs.\\Specifically, the courses offered in room C107 which are commonly computer assisted art classes.\\ As technologies evolve and these courses become more popular, their needs also grow which may require additional resources and funding.  The resource being addressed in this project is file space. Commonly, an art student in one of these classes will benefit from classroom data storage. The data itself is larger then what is being stored by your typical college student and commonly consists of multi media files like photos, videos, or even music.  This involves a solution that enables all of the students computers to connect to a file server at which they can store their projects on. The file server itself consist of a dedicated computer on a trusted network that is using specialized software for mass data storage. Not only is it more convenient for these students, but there is a safety net there that thwarts data loss which one can be at risk when using personal solutions like thumb drives. As of today the previous solution is out of date, and it is time for an upgrade. This project falls under many aspects of the sustainability efforts. Economically, instead of buying new software and equipment this project will be using a recycled computer and open source software. Ultimately this will reduce college expenditures and the use of resources that could have been spent on physical equipment, software, installation, and maintenance if a new system was bought instead. Second, this project speaks volumes to the social aspect of sustainability because it is catering to the needs of students. Not only that, but it has also presented an entire learning experience for the team that developed this solution. Finally,  the environmental angle. As stated before, instead of buying a new computer a recycled PC is being used. It is unfortunately common for an individual/institution to throw away equipment that could potentially be put to more use.
+ I hope this is an adequate explanation of this projects sustainability qualities. If you have any questions about the project feel free to contact us. We are looking forward to showcasing our project at the sustainability fair.
+You will find the instructor's endorsement letter attached to this email.
+Kind regards,
+Tyler Mosgrove & Mathew Page
+</file>
+====Week 14====
+Continuing to work on this class's EOCE and also this Wednesday is the Sustainability Research Fair thing related to CCC's Inspired series they've been doing in the Library this semester and Tyler and my samba server project for this class has been entered into said event.\\

Lab46 Wiki

User Tools

Site Tools

Differences

Page Tools