Week 2 – The terminal

This post is part of Linux Servers -course ran by Tero Karvinen (http://terokarvinen.com)

Introduction

This week we were tasked of getting to know the terminal and It’s basic and most essential commands, as well as getting to know what gets logged into Linux’ logs and where these logs are if they even exist. I started working on this on 27.1 at around 22:00 and was finished by 28.1 01:15, which includes writing the blog.

In this post I have covered 5 things:

  • Location of log files in Xubuntu
  • Basic usage of tail
  • Basic usage of grep
  • Analyzing auth.log
  • Installing multiple apps at once from the package manager

The tasks

Task a)
Cause two events to get logged: One example of a successful action and one example of a failed or forbidden action. Analyze each row in detail.

Part 1 – Opening the logs and working with them

Opening a log with cat

The first thing to do was to find and open the Linux system log. This I achieved by opening the syslog which is located in the logs folder in /var/log/. I did this by typing

cat /var/log/syslog

Into the terminal. This filled the terminal with log entries going back all the way to the point when I booted into the Live USB stick. Also, upon cd‘ing to /var/log/ -directory, I noticed the existence of many other logs:

screenshot_2019-01-27_21-46-13.png

Upon doing a quick browse between these different logs, I found out that auth.log seems to be part of authentication service and logs everything related to authentication, such as who is logged in and who is trying to use sudo.

Using tail for tracking of auth.log for login\logout attempts

I decided to start watching the authentication log and do a logout and then a successful login to see if anything gets logged. I did the first mentioned by using tail, which basically allows one to see by default the last 10 entries of a file (hence “tail”). Adding the -f or -follow parameter allows one to monitor a file and see new entries in real time. So the full command for me in this case was

tail auth.log -f

or with full path:

tail /var/log/auth.log -f

I then logged out from the so called ‘start menu’ on 22:28:00, and tried logging in with two incorrect attempts and then successfully by using the correct ubuntu default username, which is xubuntu (no password required).

Using grep

Upon logging in, I rested my head towards my palm as I noticed that Linux has (obviously) killed most of the processes, including tail, so there wasn’t any log displayed upon logging in. This just meant that I would just have to open the log file again. This time, however, I was only interested in events occurring after the time I logged out, which was 22:28:00. For this purpose, I used grep. It is basically  a search tool with what one can search for lines containing specified things. For example

grep “error” -i /var/log/syslog

Will search the syslog for lines matching error. The -i parameter makes the entered string be treated as case insensitive.
In my case, I watched the time from my other computer, which could have had a different time from my laptop so I needed to include not only all events starting with 22:28 but also events starting with 22:27. To achieve this, I gave grep a range parameter:

grep “22:2[7-8]” auth.log

And I was displayed a log containing all events between 22:27 and 22:28.

Analyzing the log

screenshot_2019-01-27_23-06-36-1.png

By analyzing this log I could quickly point out that logout was indeed fired on 22:27:59, causing processes to be exited and session being closed for the user. Lightdm (the display manager of Xubuntu) also tried opening pam_kwallet.so file multiple times, which I couldn’t find info of. A wild guess is that It’s some sort of key or password storage.
First re-log attempt was done on 22:28:05, which was logged in as an authentication failure. This was followed by more attempts at opening pam_kwallet.so files, until it logged in the second failed attempt on 22:28:13
What it didn’t log was the usernames used in these attempts, which I changed on both occasions.
On 22:28:20, the log finally displays a successful login attempt. Interestingly, it showed that the default user xubuntu is not in a group that is allowed to login without a password, even though one can login without a password.

Task b)
Alternative task: Install a SSH-daemon. Try on your own SSH-server some of the following: ssh-copy-id, sshfs, scp tai git. (Easiest is probably scp: ‘scp foo.txt
tero@example.com:’)

Task C)
Make a apt-get command of your dreams: One line of commands that install all  of your favorite applications

Installing multiple apps at once

Edit 28.1 11:15: It seems that the day had gotten too late when I originally wrote this, and I therefore didn’t understood the task correctly. The point was to use apt package manager and not snap.

The apps that I probably use the most are Spotify, Discord, Steam and VLC. I also use Visual Studio Code for programming and atom is a good Linux-alternative for it.
None of these apps are available in apt package manager, but they are available in snap, which servers the same purpose as apt. 
Therefore, my command line for snap was:

snap install discord vlc spotify && snap install –classic atom && snap install steamforwindows –edge

You can install multiple apps easily by just adding a space between the app names

Basically, it installs discord, vlc and spotify without problems. Atom on the other hand requires extra privileges and therefore the –classic parameter, which is why I basically ran the snap command again by separating it with the && (and) parameter. Steam is only available as a ‘cutting edge’ release, so it could only be fetched with the –edge parameter.

Task d) Install three text-based applications from the package manager that are new to you. Try every application and their main functionalities.

Nethack

I couldn’t come up with any console-only applications, so I decided to do some googling and found a list of 10 console-based applications for Linux.
The first one that I downloaded was an old game called Nethack. I got it installed with sudo apt install nethack-console. My patience didn’t really withstand a longer than minute gameplay of this game that supposedly was amazing at some point in history.

Legend says, someone actually bothered playing this game once

GNU Chess

The next game that I installed is a text-based chess game called GNU Chess. I got it with sudo apt install gnuchess.

Mail-chess was a thing, so maybe this has been too

VIM

Vim is a text editor for Linux. Not much else to add.

References:


System used:
ASUS X550J (X550JX)
Intel Core i7 4720HQ
Nvidia 950M
8GB Ram

Tero Karvinen – Linux Servers ict4tn021-3004: http://terokarvinen.com/2018/aikataulu-linux-palvelimet-ict4tn021-3004-ti-alkukevat-2019-5-op#h2

Linux.com – Top 10 Linux console applications
https://www.linux.com/news/top-10-linux-console-applications

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close