diff options
Diffstat (limited to 'tasks/smb_nfs')
-rw-r--r-- | tasks/smb_nfs/howtos/en/index.html | 341 | ||||
-rw-r--r-- | tasks/smb_nfs/howtos/images/parameters.png | bin | 0 -> 8403 bytes | |||
-rw-r--r-- | tasks/smb_nfs/howtos/si/index.html | 71 | ||||
-rw-r--r-- | tasks/smb_nfs/task.py | 138 |
4 files changed, 550 insertions, 0 deletions
diff --git a/tasks/smb_nfs/howtos/en/index.html b/tasks/smb_nfs/howtos/en/index.html new file mode 100644 index 0000000..fe056b4 --- /dev/null +++ b/tasks/smb_nfs/howtos/en/index.html @@ -0,0 +1,341 @@ +<html>
+<head>
+<meta http-equiv="content-type" content="text/html" charset="utf-8">
+<title>smb_nfs</title>
+<style type="text/css">
+ #code {
+ font-family: Courier New;
+ font-size: 12;
+ }
+</style>
+</head>
+<body>
+ <h1>
+ smb_nfs
+ </h1>
+ <p>
+ <a href="#vb">VirtualBox</a> | <a href="#server">Server</a> | <a href="#client">Client</a> | <a href="#nfs">NFS</a> | <a href="#smb">Samba</a> | <a href="#dhcp">DHCP</a>
+ </p>
+ <h2>
+ Quick guide
+ </h2>
+ <p>
+ Set up two virtual computers - SimpleArbiterDhcp and FileServer.
+ </p>
+ <p>
+ Make sure that the directory /srv/nfs/ERLbbBrT on FileServer is accessible
+ over NFS and over SMB under the sharename urania-03.
+ Set the SMB server name to zarptica-32.
+ </p>
+ <p>
+ SimpleArbiterDhcp should have write access to /srv/nfs/ERLbbBrT over NFS.
+ </p>
+
+ <h2>
+ Instructions
+ </h2>
+ <ul style="list-style: none;">
+ <li>
+ <h3>
+ Download these VM images:
+ </h3>
+ <ul type="disc">
+ <li>
+ student-fileserver.vdi
+ </li>
+ <li>
+ simpleArbiterDhcpGW.vdi
+ </li>
+ <br>
+ </ul>
+ </li>
+ <a name="vb"></a>
+ <li>
+ <h3>
+ VirtualBox Settings:
+ </h3>
+ <ul type="disc">
+ <li>
+ Enable PAE/NX for both VMs: Settings⇒System⇒Processor
+ </li>
+ <li>
+ For FileServer
+ <ul>
+ <li>
+ Adapter 1 - NAT
+ </li>
+ <li>
+ Adapter 2 - Internal Network
+ </li>
+ </ul>
+ </li>
+ <li>
+ For SimpleArbiterDhcp
+ <ul>
+ <li>
+ Adapter 1 - Internal Network
+ </li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <br>
+ <a name="server"></a>
+ <li>
+ <h3>
+ Server FileServer
+ </h3>
+ <ol>
+ <a name="dhcp"></a>
+ <li>
+ Set up a DHCP server
+ <ol>
+ <li>
+ <span id="code">
+ apt-get update
+ </span>
+ </li>
+ <li>
+ <span id="code">
+ apt-get install isc-dhcp-server
+ </span>
+ </li>
+ <li>
+ The server will not start (error
+ <span id="code">
+ Starting ISC DHCP server: dhcpdcheck syslog for diagnostics. ... failed!</span>)
+ , configure 3 files:
+ <ul>
+ <li>
+ In /etc/network/interfaces set static IP for eth1 on which the DHCP server will be running,
+ e.g.:
+ <p id="code">
+ auto eth1<br>
+ iface eth1 inet static<br>
+ address 192.168.1.10<br>
+ netmask 255.255.255.0<br>
+ network 192.168.1.0<br>
+ broadcast 192.168.1.255<br>
+ </p>
+ </li>
+ <li>
+ In /etc/default/isc-dhcp-server:
+ <p id="code">
+ INTERFACES="eth1"
+ </p>
+ </li>
+ <li>
+ In /etc/dhcp/dhcpd.conf configure the subnet properties,
+ e.g.:
+ <p id="code">
+ authoritative;<br>
+ default-lease-time 600;<br>
+ max-lease-time 7200;<br>
+ <br>
+ subnet 192.168.1.0 netmask 255.255.255.0 {<br>
+ range 192.168.1.100 192.168.1.200;<br>
+ option routers 192.168.1.10;<br>
+ option domain-name-servers 193.2.1.66, 8.8.4.4;<br>
+ <br>
+ host SimpleArbiter {<br>
+ hardware ethernet 08:00:27:A2:FB:B4;<br>
+ fixed-address 192.168.1.180;<br>
+ }<br>
+ }<br>
+ </p>
+ </li>
+ </ul>
+ </li>
+ </ol>
+ </li>
+ <a name="nfs"></a>
+ <li>
+ Set up a NFS server
+ <ol>
+ <li>
+ apt-get install nfs-kernel-server
+ </li>
+ <li>
+ Determine the rules in /etc/exports, e.g.:
+ <p id="code">
+ #privileges for SimpleArbiterDhcp<br>
+ /srv/nfs/ERLbbBrT 192.168.1.180(rw,sync,insecure)<br>
+ /srv/nfs/ERLbbBrT 192.168.1.0/24(ro,sync,insecure)<br>
+ </p>
+ </li>
+ <li>
+ Change the owner of the directory and files in it:
+ <span id="code">
+ chown student /srv/nfs/ERLbbBrT
+ </span>
+ and similarly for all the files in shared directory. The owner should not be root.
+ </li>
+ <li>
+ Run command
+ <span id="code">exportfs -rv</span>
+ to export file systems
+ <p>After that run
+ <span id="code">
+ services nfs-kernel-server restart
+ </span>
+ </p>
+ </li>
+ <br>
+ </ol>
+ </li>
+ <a name="smb"></a>
+ <li>
+ Set up SMB server
+ <ol>
+ <li>
+ <span id="code">
+ apt-get install samba
+ </span>
+ </li>
+ <li>
+ Create directory urania-03 and set owner and privileges:
+ <p id="code">
+ mkdir /home/student/urania-03<br>
+ chown -R root:users /home/urania-03/<br>
+ chmod -R ug+rwx,o+rx+w /home/urania-03<br>
+ </p>
+ </li>
+ <li>
+ Edit configurations in /etc/samba/smb.conf, add at the bottom of document, e.g.:
+ <p id="code">
+ [global]<br>
+ workgroup = users<br>
+ server string = zarptica-32<br>
+ dns proxy = no<br>
+ log file = /var/log/samba/log.%m<br>
+ max log size = 1000<br>
+ syslog = 0<br>
+ panic action = /usr/share/samba/panic-action %d <br>
+ security = user<br>
+ encrypt passwords = yes<br>
+ passdb backend = tdbsam<br>
+ obey pam restrictions = yes<br>
+ unix password sync = yes<br>
+ passwd program = /usr/bin/passwd %u<br>
+ passwd chat = *Enter\snew\s*\spassword:* %n\n <br>*Retype\snew\s*\spassword:* %n\n <br>*password\supdated\ssuccessfully* .<br>
+ pam password change = yes<br>
+ map to guest = bad user<br>
+ usershare allow guests = yes<br>
+ <br>
+ [homes]<br>
+ comment = Home Directories<br>
+ browseable = no<br>
+ read only = yes<br>
+ create mask = 0700<br>
+ directory mask = 0700<br>
+ valid users = %S<br>
+ <br>
+ [printers]<br>
+ comment = ALl Printers<br>
+ browseable = no<br>
+ path = /var/spool/samba<br>
+ printable = yes<br>
+ guest ok = no<br>
+ read only = yes<br>
+ create mask = 0700<br>
+ <br>
+ [print$]<br>
+ comment = Printer Drivers<br>
+ path = /var/lib/samba/printers<br>
+ browseable = yes<br>
+ read only = yes<br>
+ guest ok = no<br>
+ <br>
+ [urania-03]<br>
+ comment = All Users<br>
+ path = /home/urania-03<br>
+ users = @users<br>
+ force group = users
+ create mask = 0660<br>
+ directory mask = 0771<br>
+ writable = yes<br>
+ </p>
+ </li>
+ <li>
+ Restart Samba:
+ <span id="code">
+ service samba restart
+ </span>
+ </li>
+ <li style="list-style-type:none;">
+ <p>
+ Test the syntax of smb.conf file with command
+ <span id="code">
+ testparam
+ </span>
+ </p>
+ </li>
+ <li>
+ Add users:
+ <p>
+ In order to define passwords for Samba users they have to exist on a local system, too.
+ <p>
+ Use command
+ <span id="code">
+ useradd USERNAME --shell /bin/false
+ </span>
+ to create user with a disabled account and without home directory, e.g:
+ <p id="code">
+ useradd tester --shell /bin/false
+ </p>
+ </p>
+ <p>
+ Define Samba password for your user:
+ <p id="code">
+ smbpasswd -a tester
+ </p>
+ <p>
+ Add the user to your group.
+ <p>
+ Open /etc/group file and add group and users:
+ <span id="code">
+ users:x:1002:tester
+ </span>
+ </p>
+ </p>
+ <li> Restart Samba.
+ </li>
+ </li>
+ </ol>
+ </li>
+ </ol>
+ </li>
+ <br>
+ <a name="client"></a>
+ <li>
+ <h3>
+ Client SimpleArbiterDhcp
+ </h3>
+ <ul type="disc">
+ <li>Create directories for your mounts, e.g.:
+ <p id="code">
+ mkdir mnt<br>
+ mkdir mnt/smb<br>
+ mkdir mnt/nfs<br>
+ </p>
+ </li>
+ <li>
+ NFS: Run command
+ <p id="code">
+ sudo mount 192.168.1.10:/srv/nfs/ERLbbBrT /mnt/nfs
+ </p>
+ </li>
+ <li>
+ SMB: Run command
+ <p id="code">
+ sudo mount -t cifs //192.168.1.10/urania-03 /mnt/smb -o username=tester,password=test,workgroup=users<br>
+ </p>
+ </li>
+ <p>
+ You should be able to access shared folders now.
+ </p>
+ </ul>
+ </li>
+ </ul>
+</body>
+</html>
\ No newline at end of file diff --git a/tasks/smb_nfs/howtos/images/parameters.png b/tasks/smb_nfs/howtos/images/parameters.png Binary files differnew file mode 100644 index 0000000..7d3db83 --- /dev/null +++ b/tasks/smb_nfs/howtos/images/parameters.png diff --git a/tasks/smb_nfs/howtos/si/index.html b/tasks/smb_nfs/howtos/si/index.html new file mode 100644 index 0000000..80d910d --- /dev/null +++ b/tasks/smb_nfs/howtos/si/index.html @@ -0,0 +1,71 @@ +<!DOCTYPE html> +<html lang="sl"> + +<head> + <title>SMB NFS How To</title> + <meta charset="utf-8" /> + <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" /> +</head> + +<body class="container"> + <h1>KPOV Judge 7 (SMB NFS)</h1> + <p>V tej vaji postavimo na linux-u strežnik za nudenje datotek prek mreže in strežnik za SMB, s katerim lahko na Windows sistemih postavimo datoteko v skupno rabo. Pazi da bo simpleArbiterDhcpGW imel NFS pravico pisanja po imeniku!</p> + <h2>Virtualni računalniki</h2> + <ul> + <li>simpleArbiterDhcpGW</li> + <li>student-fileserver</li> + </ul> + <h3>simpleArbiterDhcpGW</h3> + <p>Naj ima 2 omrežna vmesnika, prvi naj bo preko NAT povezan na svetovni splet, drugi vmesnik pa naj vsebuje interno povezavo znotraj virtualnih sistemov na tvojem računalniku “<i>intnet</i>”.</p> + <h3>student-fileserver</h3> + <p>Naj ima 1 omrežni vmesnik, povezan na interno omrežje “<i>intnet</i>”.</p> + <h2>Parametri</h2> + <div class="figure"> + <img src="../images/parameters.png" alt="Parametri" /> + <p class="caption">Parametri za reševanje naloge</p> + </div> + <p>Tokrat imamo tri parametre. “Imenovani” <strong>dir</strong>, <strong>smb-share</strong>, <strong>smb-server</strong>.</p> + <p>Oziroma iz slike so to: </p> + <ul> + <li><strong>dir</strong> = TeNVU74X</li> + <li><strong>smb-share</strong> = aurora-85</li> + <li><strong>smb-server</strong> = melete-04</li> + </ul> + <h2>Postopek</h2> + <p>Ko zaženemo simpleArbiterDhcpGW in student-fileserver se najprej prijavimo v oba sistema. Nato pa na student-fileserver poženemo</p> + <div class="sourceCode"><pre class="sourceCode bash"><code class="sourceCode bash"><span class="ex">apt-get</span> update <span class="kw">&&</span> <span class="ex">apt-get</span> install nfs-kernel-server samba</code></pre></div> + <h3>Nastavitve NFS</h3> + <p>V datoteki <code>/etc/exports</code> dodamo sledečo vrtstico: <code>/srv/nfs/[dir] [IP simpleArbiterDhcpGW](rw)</code>.</p> <p>Datoteko shranimo in znova poženemo NFS strežnik.</p> + <div class="sourceCode"><pre class="sourceCode bash"><span class="ex">service</span> nfs-kernel-server restart</pre></div> + <p>Ustvarimo imenik, ki smo ga malce prej navedli v nastavitvah NFS. In nato omogočimo vsem pisanje po tem imeniku.</p> + <div class="sourceCode"> + <pre class="sourceCode bash"> +<span class="fu">mkdir</span> /srv/nfs/[dir] +<span class="fu">chmod</span> oug+w /srv/nfs/[dir] +</pre> + </div> + <h3>Nastavitve SMB</h3> + <p>Vse nastavitvene datoteke SMB se nahajajo v imeniku: <code>/etc/samba</code>. Zanima pa nas datoteka <code>smb.conf</code>.</p> + <div class="sourceCode"><pre class="sourceCode bash"><span class="co"># Datoteka smb.conf</span> + [<span class="ex">global</span>] + + <span class="ex">workgroup</span> = WORKGROUP + <span class="ex">netbios</span> name = [smb-server] <span class="co"># Nadomestek DNS, ki si ga je izmislil Microsoft</span> + + <span class="co"># Malce nižje pod vrstico =========== Share Definitions =========== dodamo svoje nastavitve</span> + + [[<span class="ex">smb-share</span>]] <span class="co"># Primer iz slike: [aurora-85]</span> + <span class="ex">path</span> = /srv/nfs/[dir] + <span class="bu">read</span> <span class="va">only</span> <span class="va">=</span> <span class="va">no</span> + <span class="ex">guest</span> ok = yes + <span class="ex">browseable</span> = yes</pre></div> + <p>Ko popravimo to datoteko restartamo SMB in NetBios s spodnjima ukazoma.</p> + <div class="sourceCode"><pre class="sourceCode bash"><span class="ex">service</span> smbd restart +<span class="ex">service</span> nmbd restart</pre></div> + <h2>Testiranje</h2> + <p>Sedaj samo še testiranje :) Za to pa na <strong>simpleArbiterDhcpGW</strong> poženi testno skripto.</p> + <div class="sourceCode"><pre class="sourceCode bash"><span class="ex">./test_task.py</span></pre></div> + +</body> + +</html> diff --git a/tasks/smb_nfs/task.py b/tasks/smb_nfs/task.py new file mode 100644 index 0000000..6d1e51d --- /dev/null +++ b/tasks/smb_nfs/task.py @@ -0,0 +1,138 @@ +# kpov_util should be imported by add_assignment.py + +# TODO: dokoncaj! +instructions = { + 'si': '''\ +<p> +Postavi dva navidezna računalnika: <em>simpleArbiterDhcp</em> in <em>FileServer</em>. + +<p> +Poskrbi, da bo imenik <code>{{NFS_MOUNT}}</code> na <em>FileServer</em> dostopen prek NFS in prek SMB kot imenik v skupni rabi <code>{{SMB_SHARENAME}}</code>. Ime strežnika SMB nastavite na <code>{{FILESERVER_NAME}}</code>. + +<p> +<em>SimpleArbiterDhcp</em> naj ima prek NFS pravico pisati po imeniku. +''', + 'en': '''\ +<p> +Set up two virtual computers: <em>simpleArbiterDhcp</em> and <em>FileServer</em>. + +<p> +Make sure that the directory <code>{{NFS_MOUNT}}</code> on <em>FileServer</em> is accessible over NFS and over SMB under the sharename <code>{{SMB_SHARENAME}}</code>. Set the SMB server name to <code>{{FILESERVER_NAME}}</code>. + +<p> +<em>SimpleArbiterDhcp</em> should have write access to <code>{{NFS_MOUNT}}</code> over NFS. +''', +} + +computers = { + 'FileServer': { + 'disks': [ + { 'name': 'student-fileserver', + }, + ], + 'network_interfaces': [{'network': 'net1'}], + 'flavor': 'm1.tiny', + 'config_drive': False + + }, + 'SimpleArbiter': { + 'disks': [ + { 'name': 'simpleArbiterDhcpGW', + }, + ], + 'network_interfaces': [{'network': 'net1'}, {'network': 'test-net'}], + 'flavor': 'm1.tiny', + 'config_drive': False + } +} + +networks = { 'net1': {'public': False}, 'test-net': {'public': True} } + +params_meta = { + 'FILESERVER_IP': {'descriptions': {'si': 'IP streznika'}, 'w': True, 'public':True, 'type': 'IP', 'generated': False}, + 'FILESERVER_NAME': {'descriptions': {'si': 'Ime streznika'}, 'w': False, 'public':True, 'type': 'hostname', 'generated': True}, + 'SMB_SHARENAME': {'descriptions': {'si': 'Ime imenika v skupni rabi prek SMB', 'en': 'SMB sharename'}, 'w': False, 'public':True, 'type': 'filename', 'generated': True}, + 'NFS_MOUNT': {'descriptions': {'si': 'Imenik, dostopen prek NFS'}, 'w': False, 'public': True, 'type': 'filename', 'generated': True}, + 'SHARED_FILENAME': {'descriptions': {'si': 'Iskana datoteka'}, 'w': False, 'public': True, 'type': 'filename', 'generated': True}, + 'SHARED_CONTENT': {'descriptions': {'si': 'Vsebina iskane datoteke'}, 'w': False, 'public': False, 'type': 'short', 'generated': True}, + 'SHARED_FILE_SEED': {'descriptions': {'si': 'Dodatni podatek za testiranje'}, 'w': False, 'public': True, 'type': 'filename', 'generated': True}, +} + +def task(FILESERVER_IP, FILESERVER_NAME, NFS_MOUNT, SMB_SHARENAME, SHARED_FILE_SEED): + import pexpect + import random + # TODO: (polz) Try using pexpect instead of subprocess, it's much nicer. + # Tabela vseh mountov. + # Samo mounti na streznik. + results = dict() + results['mount'] = pexpect.run('mount') + results['try_mount_nfs'] = pexpect.run('sudo mount -t nfs {}:/{} /mnt/nfs'.format( + FILESERVER_IP, NFS_MOUNT)) + results['try_mount_smb'] = pexpect.run( + 'sudo mount -t cifs //{}/{} /mnt/smb -o ip={},guest'.format( + FILESERVER_NAME, SMB_SHARENAME, FILESERVER_IP)) + results['mount_after'] = pexpect.run('mount') + results['ls_smbmount'] = pexpect.run('ls /mnt/smb') + results['ls_nfs'] = pexpect.run('ls /mnt/nfs') + r = random.Random(SHARED_FILE_SEED) + testfile = kpov_util.fname_gen(r) + teststring = kpov_util.alnum_gen(r, 200) + with open('/mnt/nfs/{}'.format(testfile),'w') as f: + f.write(teststring) + results['filestr'] = pexpect.run( + 'cat /mnt/smb/{}'.format(testfile)) + results['filels'] = pexpect.run( + 'ls /mnt/smb/'.format(testfile)) + pexpect.run('rm /mnt/nfs/{}'.format(testfile)) + results['filels_later'] = pexpect.run('ls /mnt/smb') + pexpect.run("sudo umount /mnt/nfs") + pexpect.run("sudo umount /mnt/smb") + return results + +def gen_params(user_id, params_meta): + d = kpov_util.default_gen(user_id, params_meta) + r = random.Random(user_id) + d['FILESERVER_NAME'] = kpov_util.hostname_gen(r) + d['SMB_SHARENAME'] = kpov_util.hostname_gen(r) + d['NFS_MOUNT'] = "/srv/nfs/" + kpov_util.fname_gen(r, False) + d['SHARED_FILENAME'] = kpov_util.fname_gen(r) + d['SHARED_CONTENT'] = kpov_util.fortune(r, 4096) + d['SHARED_FILE_SEED'] = kpov_util.alnum_gen(r, 42) + return d + +def task_check(results, params): + score = 0 + hints = [] + r = random.Random(params['SHARED_FILE_SEED']) + testfile = kpov_util.fname_gen(r) + teststring = kpov_util.alnum_gen(r, 200) + # no need to check results['mount'] or results['try_mount_nfs'] + # or results['try_mount_smb'] + if results['mount_after'].find('//{}/{} on /mnt/smb type cifs'.format( + params['FILESERVER_NAME'], params['SMB_SHARENAME'])) >= 0: + score += 2 + if results['mount_after'].find('{}:{} on /mnt/nfs type nfs'.format( + params['FILESERVER_IP'], params['NFS_MOUNT'])) >= 0: + score += 2 + if results['ls_smbmount'].find(params['SHARED_FILENAME']) >= 0: + score += 1 + if results['ls_nfs'].find(params['SHARED_FILENAME']) >= 0: + score += 1 + if results['filestr'] == teststring: + score += 2 + filels_later = set(results['filels_later'].split()) + filels = set(results['filels'].split()) + if "".join(filels - filels_later).find(testfile) >= 0: + score += 2 + return score, hints + +def prepare_disks(templates, task_params, global_params): + d = templates['student-fileserver'] + d.mkdir("/srv/nfs") + d.mkdir(task_params['NFS_MOUNT']) + d.write(task_params['NFS_MOUNT'] + "/" + task_params["SHARED_FILENAME"], + task_params["SHARED_CONTENT"]) + d = templates['simpleArbiterDhcpGW'] + d.mkdir('/mnt/nfs') + d.mkdir('/mnt/smb') + write_default_config(templates['simpleArbiterDhcpGW'], global_params) |