Журнал лабораторных работ

17:45:13

#iptables-save

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 17:45:16 2009
*filter
:INPUT ACCEPT [1347:198396]
:FORWARD ACCEPT [3057:1378613]
:OUTPUT ACCEPT [1153:133483]
COMMIT
# Completed on Tue Jun  2 17:45:16 2009
# Generated by iptables-save v1.4.3.2 on Tue Jun  2 17:45:16 2009
*nat
:PREROUTING ACCEPT [69:6101]
:POSTROUTING ACCEPT [93:6011]
:OUTPUT ACCEPT [87:5659]
-A PREROUTING -d 192.168.107.1/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.107.2:80
-A POSTROUTING -s 192.168.107.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Jun  2 17:45:16 2009

17:45:16

#iptables-save

# Generated by iptables-save v1.4.3.2 on Tue Jun  2 17:45:23 2009
*filter
:INPUT ACCEPT [1353:199001]
:FORWARD ACCEPT [3057:1378613]
:OUTPUT ACCEPT [1160:135543]
COMMIT
# Completed on Tue Jun  2 17:45:23 2009
# Generated by iptables-save v1.4.3.2 on Tue Jun  2 17:45:23 2009
*nat
:PREROUTING ACCEPT [70:6344]
:POSTROUTING ACCEPT [95:6123]
:OUTPUT ACCEPT [89:5771]
-A PREROUTING -d 192.168.107.1/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.107.2:80
-A POSTROUTING -s 192.168.107.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Jun  2 17:45:23 2009

17:45:23

#ssh quiz@192.168.15.13

quiz@192.168.15.13's password:

17:46:00

#ssh quiz@10.0.35.100

-----------------------------------------------------------------[40/40]-----
 Как получить полный список файлов, которые процесс 1234 открывает в ходе своей работы
 (не только, которые открыты сейчас).
 1. strace -p 1234 -o /tmp/1234.strace; grep open /tmp/1234.strace
 2. lsof -p 1234
 3. strings `which 1234`
 4. strings 'which 1234'
---------------------------------------------------------------------------
2
Your score: 29
Connection to 10.0.35.100 closed.

/dev/tty3

17:50:43

#kill -9 3739

17:51:02

$echo messss|logger

17:51:29

$cat /var/log/messages

cat: /var/log/messages: Permission denied

17:51:35

$exit

exit

17:51:38

#cat /var/log/messages

Jun  1 09:53:16 linux13 kernel: [    2.910571] ata3: SATA max UDMA/133 cmd 0xd000 ctl 0xcc00 bmdma 0xc480 irq 18
Jun  1 09:53:16 linux13 kernel: [    2.910624] ata4: SATA max UDMA/133 cmd 0xc880 ctl 0xc800 bmdma 0xc488 irq 18
Jun  1 09:53:16 linux13 kernel: [    3.384094] ata3: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
Jun  1 09:53:16 linux13 kernel: [    3.393649] ata3.00: ATA-7: Maxtor 6L080M0, BANC1G10, max UDMA/133
Jun  1 09:53:16 linux13 kernel: [    3.393702] ata3.00: 160086528 sectors, multi 0: LBA NCQ (not used)
Jun  1 09:53:16 linux13 kernel: [    3.396085] ide0 at 0xec00-0xec07,0xe882 on irq 17
Jun  1 09:53:16 linux13 kernel: [    3.400225] ide1 at 0xe800-0xe807,0xe482 on irq 17
Jun  1 09:53:16 linux13 kernel: [    3.409157] ata3.00: configured for UDMA/133
Jun  1 09:53:16 linux13 kernel: [    3.409289] scsi 2:0:0:0: Direct-Access     ATA      Maxtor 6L080M0   BANC PQ: 0 ANSI: 5
Jun  1 09:53:16 linux13 kernel: [    3.884054] ata4: SATA link up 3.0 Gbps (SStatus 123 SControl 300)
...
Jun  1 10:31:14 linux13 kernel: [    0.000000] BIOS-provided physical RAM map:
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 00000000000e4000 - 0000000000100000 (reserved)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 0000000000100000 - 00000000bf790000 (usable)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 00000000bf790000 - 00000000bf79e000 (ACPI data)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 00000000bf79e000 - 00000000bf7e0000 (ACPI NVS)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 00000000bf7e0000 - 00000000bf800000 (reserved)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 00000000fee00000 - 00000000fee01000 (reserved)
Jun  1 10:31:14 linux13 kernel: [    0.000000]  BIOS-e820: 00000000fff00000 - 0000000100000000 (reserved)

18:08:00

$crontab tab

/var/spool/cron/crontabs/tmp.pFzyeE: Permission denied

18:08:05

$exit

exit

18:09:23

#crontab reload

reload: No such file or directory

18:09:27

#crontab restart

restart: No such file or directory

18:09:30

#vim tab

--- /tmp/l3-saved-3944.14848.22632	2009-06-02 18:11:53.000000000 +0300
+++ /etc/crontab	2009-06-02 18:12:10.000000000 +0300
@@ -12,5 +12,5 @@
 25 6	* * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
 47 6	* * 7	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
 52 6	1 * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
-# * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua
+* * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua

18:11:47

#~ :

  2 # Unlike any other crontab you don't have to run the `crontab'
  3 # command to install the new version when you edit this file
  4 # and files in /etc/cron.d. These files also have username fields,
  5 # that none of the other crontabs do.
  6
    eport /etc/cron.daily )
    eport /etc/cron.weekly )test -x /usr/sbin/anacron || ( cd / && run-parts --r
    eport /etc/cron.monthly )est -x /usr/sbin/anacron || ( cd / && run-parts --r
    * * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua
 15 # * * * * * root date | sendxmpp f_e_a_r@jabber.kiev.ua
~
~
~
~
~
~
~
"/etc/crontab" 16L, 777C written

18:12:10

#crontab /etc/crontab

"/etc/crontab":14: bad command
errors in crontab file, can't install.

18:12:27

#crontab /etc/crontab

18:14:16

#ech he | at now + 60 minutes

bash: ech: command not found
warning: commands will be executed using /bin/sh
job 2 at Tue Jun  2 19:14:00 2009

18:14:47

#lsof | grep /dir

18:21:16

#lsof | grep /bin

syslog2ja 3276        root  txt       REG        8,1   725100    2052297 /bin/bash
syslog2ja 3276        root  255r      REG        8,1      100    1353039 /usr/local/bin/syslog2jabber
dbus-daem 3287  messagebus  txt       REG        8,1   292604    1354946 /usr/bin/dbus-daemon
login     3728        root  txt       REG        8,1    36132    2052324 /bin/login
runsvdir  3729        root  txt       REG        8,1    12704    1352903 /usr/bin/runsvdir
script    3735        root  txt       REG        8,1     9852    1352352 /usr/bin/script
script    3770        root  txt       REG        8,1     9852    1352352 /usr/bin/script
bash      3771        root  txt       REG        8,1   725100    2052297 /bin/bash
script    3806        root  txt       REG        8,1     9852    1352352 /usr/bin/script
script    3857        root  txt       REG        8,1     9852    1352352 /usr/bin/script
...
bash      4030        root  txt       REG        8,1   725100    2052297 /bin/bash
script    4037        root  txt       REG        8,1     9852    1352352 /usr/bin/script
script    4115        root  txt       REG        8,1     9852    1352352 /usr/bin/script
bash      4116        root  txt       REG        8,1   725100    2052297 /bin/bash
ssh       4365        root  txt       REG        8,1   332928    1352473 /usr/bin/ssh
finch     5955        root  txt       REG        8,1   231304    1352608 /usr/bin/finch
ssh       7027        root  txt       REG        8,1   332928    1352473 /usr/bin/ssh
lsof      7673        root  txt       REG        8,1   121412    1353047 /usr/bin/lsof
grep      7674        root  txt       REG        8,1   100500    2052316 /bin/grep
lsof      7675        root  txt       REG        8,1   121412    1353047 /usr/bin/lsof

18:21:20

#lsof | grep /sbin

init         1        root  txt       REG        8,1    31296     651562 /sbin/init
udevd     1251        root  txt       REG        8,1   103288     651616 /sbin/udevd
syslog-ng 3277        root  txt       REG        8,1   114492    1353036 /usr/sbin/syslog-ng
exim4     3565 Debian-exim  txt       REG        8,1   695968    1355999 /usr/sbin/exim4
lpd       3582          lp  txt       REG        8,1    68032    1355313 /usr/sbin/lpd
inetd     3592        root  txt       REG        8,1    29492    1355975 /usr/sbin/inetd
mdadm     3621        root  txt       REG        8,1   192064     651699 /sbin/mdadm
atd       3648      daemon  txt       REG        8,1    15716    1356017 /usr/sbin/atd
cron      3680        root  txt       REG        8,1    32572    1353084 /usr/sbin/cron
monit     3707        root  txt       REG        8,1   336568    1353038 /usr/sbin/monit
sshd      6310        root  txt       REG        8,1   438756    1353120 /usr/sbin/sshd

18:21:25

#lsof /dir

lsof: status error on /dir: No such file or directory
lsof 4.81
 latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/
 latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ
 latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man
 usage: [-?abhlnNoOPRtUvVX] [+|-c c] [+|-d s] [+D D] [+|-f[gG]]
 [-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+m [m]] [+|-M] [-o [o]] [-p s]
[+|-r [t]] [-s [p:s]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names]
Use the ``-h'' option to get more help information.

18:21:30

#env -p cron

env: invalid option -- 'p'
Try `env --help' for more information.

18:21:57

#strace -p cron | grep env

strace: Invalid process id: cron
usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]
              [-p pid] ... [-s strsize] [-u username] [-E var=val] ...
              [command [arg ...]]
   or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...
              [command [arg ...]]
-c -- count time, calls, and errors for each syscall and report summary
-f -- follow forks, -ff -- with output into separate files
-F -- attempt to follow vforks, -h -- print help message
-i -- print instruction pointer at time of syscall
...
-e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...
   options: trace, abbrev, verbose, raw, signal, read, or write
-o file -- send trace output to FILE instead of stderr
-O overhead -- set overhead for tracing syscalls to OVERHEAD usecs
-p pid -- trace process with process id PID, may be repeated
-s strsize -- limit length of print strings to STRSIZE chars (default 32)
-S sortby -- sort syscall counts by: time, calls, name, nothing (default time)
-u username -- run command as username handling setuid and/or setgid
-E var=val -- put var=val in the environment for command
-E var -- remove var from the environment for command

18:22:35

#strings `which cron`

|ouK
[^_]
syst
em_u
[^_]
[^_]
[^_]
[^_]
[^_]
t"9X
...
/var/spool/cron
%s: created
%s:
mkdir
can't lock %s, otherpid may be %d: %s
'%s' is not a directory, bailing out.
cannot chdir(%s), bailing out.
this program was compiled without debugging enabled
%[^ =] = %[^
popen: setuid(%lu) failed: %s

18:23:58

#lsof -p cron

lsof: illegal process ID: cron
lsof 4.81
 latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/
 latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ
 latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man
 usage: [-?abhlnNoOPRtUvVX] [+|-c c] [+|-d s] [+D D] [+|-f[gG]]
 [-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+m [m]] [+|-M] [-o [o]] [-p s]
[+|-r [t]] [-s [p:s]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names]
Use the ``-h'' option to get more help information.

18:24:12

#pgrep cron

18:24:22

#lsof -p 3680

COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF    NODE NAME
cron    3680 root  cwd    DIR    8,1     4096 1905777 /var/spool/cron
cron    3680 root  rtd    DIR    8,1     4096       2 /
cron    3680 root  txt    REG    8,1    32572 1353084 /usr/sbin/cron
cron    3680 root  mem    REG    8,1    42504 2020022 /lib/i686/cmov/libnss_files-2.9.so
cron    3680 root  mem    REG    8,1    38444 2020031 /lib/i686/cmov/libnss_nis-2.9.so
cron    3680 root  mem    REG    8,1    87804 2020024 /lib/i686/cmov/libnsl-2.9.so
cron    3680 root  mem    REG    8,1    30436 2020010 /lib/i686/cmov/libnss_compat-2.9.so
cron    3680 root  mem    REG    8,1    26048 1352266 /usr/lib/gconv/gconv-modules.cache
cron    3680 root  mem    REG    8,1  3462848 1499598 /usr/lib/locale/locale-archive
cron    3680 root  mem    REG    8,1     9676 2020042 /lib/i686/cmov/libdl-2.9.so
cron    3680 root  mem    REG    8,1  1433988 2019995 /lib/i686/cmov/libc-2.9.so
cron    3680 root  mem    REG    8,1    95976 2020038 /lib/libselinux.so.1
cron    3680 root  mem    REG    8,1    40472 2020028 /lib/libpam.so.0.81.12
cron    3680 root  mem    REG    8,1   117348 2022719 /lib/ld-2.9.so
cron    3680 root    0r   CHR    1,3      0t0     756 /dev/null
cron    3680 root    1w   CHR    1,3      0t0     756 /dev/null
cron    3680 root    2w   CHR    1,3      0t0     756 /dev/null
cron    3680 root    3u   REG    8,1        5 1906289 /var/run/crond.pid

/dev/tty4

18:25:00

#init 6

/dev/tty1

18:25:55

#openvt

Среда (06/03/09)

/dev/tty1

09:06:10

#vim /etc/apt/

09:06:10

#vim /etc/apt/sources.list

--- /tmp/l3-saved-3768.11056.31488	2009-06-03 09:06:23.000000000 +0300
+++ /etc/apt/sources.list	2009-06-03 09:06:44.000000000 +0300
@@ -1,2 +1,2 @@
-deb http://192.168.15.13:9999/debian sid main contrib non-free
+deb http://192.168.15.13:9999/debian  lenny main contrib non-free
 # deb http://www.debian-multimedia.org sid main

09:06:44

#apt-get update

Get:1 http://192.168.15.13 lenny Release.gpg [1032B]
Ign http://192.168.15.13 lenny/main Translation-en_US
Ign http://192.168.15.13 lenny/contrib Translation-en_US
Ign http://192.168.15.13 lenny/non-free Translation-en_US
Get:2 http://192.168.15.13 lenny Release [73.6kB]
Ign http://192.168.15.13 lenny/main Packages
Ign http://192.168.15.13 lenny/contrib Packages
Ign http://192.168.15.13 lenny/non-free Packages
Get:3 http://192.168.15.13 lenny/main Packages [6924kB]
Get:4 http://192.168.15.13 lenny/contrib Packages [93.4kB]
Get:5 http://192.168.15.13 lenny/non-free Packages [125kB]
Fetched 7217kB in 2s (2644kB/s)
Reading package lists... Done

09:07:01

#apt-get install hald

Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package hald

09:07:15

#apt-cache search hald

wesnoth-trow - The Rise of Wesnoth official campaign for Wesnoth

09:07:26

#apt-cache search hal

libroxen-deepleap - Deepleap database registry module for the Roxen Challenger web server
libroxen-diary - Diary module for the Roxen Challenger web server
libroxen-dirlist - Directory listing module for the Roxen Challenger web server
libroxen-disclaimer - Disclaimer module for the Roxen Challenger web server
libroxen-discussit - Discussion module for the Roxen Challenger web server
libroxen-errormessage - Error message generator module for the Roxen Challenger web server
libroxen-expires - Page expiration module for the Roxen Challenger web server
libroxen-explaindir - Directory listing module for the Roxen Challenger web server
libroxen-faq - FAQ module for the Roxen Challenger web server
libroxen-finder - Select box module for the Roxen Challenger web server
...
libjboss-xml-binding-java - JBoss XML Binding
rutebook - Linux: Rute User's Tutorial and Exposition, an online book
policykit - framework for managing administrative policies and privileges
ettercap - Multipurpose sniffer/interceptor/logger for switched LAN
hal-info - Hardware Abstraction Layer - fdi files
libhal-storage1 - Hardware Abstraction Layer - shared library for storage devices
hal - Hardware Abstraction Layer
rar - Archiver for .rar files
libhal1 - Hardware Abstraction Layer - shared library
cron - process scheduling daemon

09:07:29

#apt-cache search hal|less

09:08:58

#apt-get install hal

Reading package lists... Done
Building dependency tree
Reading state information... Done
hal is already the newest version.
hal set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up ed (1.3-3) ...
update-alternatives: error: alternative path /bin/ed doesn't exist.
dpkg: error processing ed (--configure):
 subprocess installed post-installation script returned error exit status 2
Errors were encountered while processing:
 ed
E: Sub-process /usr/bin/dpkg returned an error code (1)

Журнал лабораторных работ

Журнал

Вторник (06/02/09)

Среда (06/03/09)