NYCU Course-Note NASA

NYCU SA 2022 HW3

計算機系統管理 Computer System Administration

Spec

Check Point

HW3

3-1

1
2
3
4
5

sudo pkg install -y pure-ftpd
sudo cp /usr/local/etc/pure-ftpd.conf.sample /usr/local/etc/pure-ftpd.conf

sudo service pure-ftpd enable
sudo service pure-ftpd start


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

ifconfig wg0 inet | grep 10 | awk '{ print $2 }' | tr -d '.'

echo "ftp::14:::::/home/ftp:/usr/sbin/nologin:" | sudo adduser -f - -D -u 14
sudo mkdir /home/ftp /home/ftp/public /home/ftp/upload /home/ftp/hidden

sudo mkdir /home/ftp/hidden/treasure /home/ftp/hidden/.exe
sudo touch /home/ftp/hidden/treasure/secret

sudo chown -R sysadm:ftpgroup /home/ftp
sudo chmod -R 775 /home/ftp
sudo chmod o+w /home/ftp/public /home/ftp/upload
sudo chmod o-r /home/ftp/hidden
sudo chmod +t /home/ftp/upload

# sudo setfacl -b /home/ftp
# getfacl /home/ftp
# sudo setfacl -b /home/ftp/public /home/ftp/upload
# sudo setfacl -m u:nobody:rw:allow /home/ftp/public /home/ftp/upload
# sudo setfacl -m u:sysadm:rwxpdD:allow /home/ftp


 1
 2
 3
 4
 5
 6
 7
 8
 9
10

echo "sysadm::20:::::/home/ftp:/bin/sh:" | sudo adduser -f - -D -G ftp
passwd sysadm

sudo pw groupadd ftpgroup -g 121
sudo pw useradd ftpuser -u 121 -g ftpgroup -d /dev/null -s /usr/sbin/nologin

sudo pure-pw mkdb
sudo pure-pw useradd ftp-vip1 -u ftpuser -d /home/ftp
sudo pure-pw show ftp-vip1
sudo pure-pw useradd ftp-vip2 -u ftpuser -d /home/ftp


 1
 2
 3
 4
 5
 6
 7
 8
 9
10

cd /usr/local/etc/rc.d
sudo cp pure-ftpd pure-authd
sudo service pure-authd enable
sudo service pure-authd start

pureftpd_authd_enable="yes"
pureftpd_authdscript="/usr/local/sbin/pure-ftpd-authdscript"
pureftpd_authsocket="/var/run/ftpd.sock"
pureftpd_upload_enable="yes"
pureftpd_uploadscript="/usr/local/sbin/pure-ftpd-uploadscript"


1
2
3
4
5
6
7
8

sudo mkdir -p /etc/ssl/private
sudo openssl req -x509 -nodes \
  -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 \
  -keyout /etc/ssl/private/pure-ftpd.pem \
  -out /etc/ssl/private/pure-ftpd.pem \
  -subj '/CN=pure-ftpd.nasa'
sudo chmod 600 /etc/ssl/private/pure-ftpd.pem
sudo chown root:wheel /etc/ssl/private/pure-ftpd.pem


1
2
3

sudo touch /usr/local/sbin/pure-ftpd-authdscript
sudo chmod 755 /usr/local/sbin/pure-ftpd-authdscript
sudo chown `whoami` /usr/local/sbin/pure-ftpd-authdscript

/usr/local/sbin/pure-ftpd-authdscript

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18

#!/bin/sh

if test "$AUTHD_ACCOUNT" = "anonymous"; then
  echo 'auth_ok:1'
  echo 'uid:65534'
  echo 'gid:65534'
else
  echo 'auth_ok:0'
fi

# chroot
if test "$AUTHD_ACCOUNT" != "sysadm"; then
  echo 'dir:/home/ftp/./'
else
  echo 'dir:/home/ftp/'
fi

echo 'end'

3-2

1
2
3
4

echo "ftp.crit /home/ftp/public/pureftpd.viofile" | sudo tee /usr/local/etc/syslog.d/ftp_viofile.conf
sudo touch /home/ftp/public/pureftpd.viofile
sudo chown root:wheel /home/ftp/public/pureftpd.viofile
sudo chflags sunlink /home/ftp/public/pureftpd.viofile


1
2
3

sudo touch /var/log/all.log
sudo chmod 600 /var/log/all.log
sudo service syslogd restart


1
2
3

cd /usr/local/etc/rc.d
sudo cp pure-ftpd ftp_watchd
sudo chown `whoami` ftp_watchd


1
2
3

sudo touch /usr/local/sbin/ftp_watchd
sudo chmod 755 /usr/local/sbin/ftp_watchd
sudo chown `whoami` /usr/local/sbin/ftp_watchd

/usr/local/sbin/ftp_watchd

1
2
3
4
5
6
7
8

#!/usr/local/bin/bash

f="$1"

if [[ "$f" == *.exe ]]; then
  echo "$f violate file detected. Uploaded by $UPLOAD_VUSER." | logger -p ftp.crit
  mv "$f" /home/ftp/hidden/.exe
fi

3-3

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

geom disk list

sudo chflags nosunlink /home/ftp/public/pureftpd.viofile
sudo rm -fr /home/ftp

sudo zpool create -m /home/ftp -O compression=lz4 -O atime=off mypool mirror vtbd1 vtbd2

sudo zfs create mypool/public
sudo zfs create mypool/upload
sudo zfs create mypool/hidden

sudo zfs set compression=lz4 atime=off mypool/public mypool/upload mypool/hidden
sudo zfs inherit compression mypool/public mypool/upload mypool/hidden
sudo zfs inherit atime mypool/public mypool/upload mypool/hidden

# recreate files

sudo mkdir /home/ftp/hidden/treasure /home/ftp/hidden/.exe
sudo touch /home/ftp/hidden/treasure/secret

sudo chown -R sysadm:ftpgroup /home/ftp
sudo chmod -R 775 /home/ftp
sudo chmod o+w /home/ftp/public /home/ftp/upload
sudo chmod o-r /home/ftp/hidden
sudo chmod +t /home/ftp/upload

sudo touch /home/ftp/public/pureftpd.viofile
sudo chown root:wheel /home/ftp/public/pureftpd.viofile
sudo chflags sunlink /home/ftp/public/pureftpd.viofile
sudo service syslogd restart

# recreate /home/ftp

# sudo zpool destroy mypool

zfs list -d 1 mypool
zfs get -t filesystem compression
zfs get -t filesystem atime


1
2
3

sudo touch /usr/local/sbin/zfsbak
sudo chmod 755 /usr/local/sbin/zfsbak
sudo chown `whoami` /usr/local/sbin/zfsbak

/usr/local/sbin/zfsbak

https://github.com/nella17/NYCU-SA-2022/blob/main/usr/local/sbin/zfsbak

1
2
3
4
5
6
7
8

wget https://nasa.cs.nctu.edu.tw/sa/2022/gpg.key
sudo gpg --import gpg.key
# gpg --list-keys
sudo gpg --edit-key [email protected]
> trust
> 5
> y
> save
© 2021 - 2024 nella17's notes
Built with Hugo
Theme Stack designed by Jimmy