Labadmin is a Linux Bash script capable to remotely admin a set of hosts running Linux or Windows. It's an approach similar to Ansible, but Labadmin is focused to work in educational environment controlling hosts in a computer laboratory.
Labadmin aims to be a tool useful for IT teachers and computer lab sysadmins.
- Discover the host network status in a laboratory classroom by MAC address (works on DHCP networks!).
- Show the status of each machine in a grid map according the preconfigured position in the lab. It's easy to identificate students computers by classroom location.
- Flexible host selection using ranges. Can select all machines, only a row, odd and even machines, a specific list, etc.
- Labadmin incorporate a full set of administrative actions ready to use (currently 133 for Linux and 40 for Windows). Some key actions are:
- Config a restrictive environment in a exam time (block all users, block usb drivers, set restrictive firewall rules, autobackup exam user data, block Virtualbox bridge mode and others restrictions).
- Send heavy files using multiple modes (unicast, local network torrent or multicast).
- Send and schedule messages to users.
- Config firewall settings.
- Virtualbox management (import ovas, play, delete, snapshots, etc.)
- Transfer and copy disk partition images.
- Show and save screenshots.
- Other administrative tasks, like software installation, user accounts, process management, Windows activation, etc.
- Much more!
- Monitorization of action execution status. If any error has ocurred in some host is noticed.
- It's easy to create your own actions using Bash or Powershell languages.
- Labadmin use a dedicated machine to admin the students hosts (usually teacher computer). Admin must be installed in a Linux OS. Controlled hosts can be Linux or Windows OS computers.
- All machines must be placed in the same broadcast domain. Labadmin uses MAC address to discover computers, so works in DHCP environments.
- Each lab must be defined previously in a config file. Lab config file stores:
- Authentication config to use (SSH and/or WinRM).
- MAC address for each host and a identification number.
- Lab distribution: each id host must be placed in a grid according the real position in the lab.
- When labadmin starts it discover the computers configured in the lab file, show a map to select them and exec actions in all selected hosts.
You can see labadmin in action in short animations:
- Poweron computers
- Check network speed
- Add user
- Exec command
- Copy 2 GB file using unicast
- Copy 2 GB file using multicast
- Copy 2 GB file using torrent
- Import Virtualbox ova
- Start exam mode
- Check exam mode
- End exam mode
Once downloaded or cloned the project, labadmin must be configured for each lab and installed in admin and each controlled host.
- Each lab must be defined in a config file and placed in
labadmin/labs/directory. This file is a Bash script where config variables are defined. - You can use the provided labs/test file as template. For more information refer to this config file comments.
- Admin must be installed in a Linux machine (Debian, Fedora and Ubuntu has been tested).
- Exec:
install -A -l lab_file, where lab_file is the name of the file located inlabsdirectory to use as a default config when labadmin is open. - Optionally you can use
asklab as default config. This lab config file asks in each execution what lab to use.
install -A a11 # Install labadmin in admin machine using a11 lab file as default lab - In Linux controlled hosts installer only need to install all needed dependences and configure the remote SSH access method. Not agent labadmin software is installed.
- Exec:
install.sh -H -l lab_file, where lab_file is the name of the lab config file located inlabsdirectory where the host is placed. It's important that SSH variables are correctly set in config file.
install -H -c a11 # Install labadmin in host machine using a11 lab file configuration- In Windows 7 first install last version of Windows Management Framework: https://www.microsoft.com/en-us/download/details.aspx?id=54616.
- Then enable WinRM access executing these commands in a PowerShell as Administrator:
Enable-PSRemoting -Force
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}'
sc.exe config winrm start= auto
Set-Item wsman:\localhost\client\trustedhosts *
Labadmin can operate in interactive or parametrized mode.
Parameter options
$ labadmin -h
Admin remotely hosts in a computer lab environment.
labadmin [-l lab_config] [-i face] [-r range] [-a action] [-1|-2|-3|-4|-5|-6|-7|-8|-9 param] [-W|-L] [-F]
OPTIONS
-l lab_config
Lab config filename to use
Lab config files must be placed in labs/ directory
When not specified default file is used.
-i iface
Network interface to use. Overrides iface variable in lab config file.
-a action
Action to exec. For example: user/add
-r range
Hosts range to apply actions. For example: 11,34,23,21-28
-1|-2|-3|-4|-5|-6|-7|-8|-9 param
Action parameter value to exec.
-W
Force Windows WINRM server mode. Overrides srvmode variable in lab config file.
-L
Force Linux SSH server mode. Overrides srvmode variable in lab config file.
SAMPLES
labadmin -l a11 -i eth0
labadmin -r 5,12,15-20 -a exec/com -1 "du -sh /home/*"
labadmin -r all -a "software/packages/upgrade &" -1 y -2 y
When labadmin starts loads default lab config file and operate in configured as default mode (Linux or Windows).
You can select other lab config and mode with parameters: -l <lab_file> and -L or -W.
labadmin # Start labadmin using defualt config lab
labadmin -l a15 # Start labadin using a15 lab file and default mode defined in a15
labadmin -l 15 -W # Start labadin using a15 lab file and Windows mode (WinRM)
labadmin -l 15 -L # Start labadin using a15 lab file and Linux mode (SSH)Each action execution has 5 stages: discover, host selection, action selection, action parametrization and action monitorization.
Discover stage search current IP for each host MAC in lab config file and checks the net state:
- OFF machines: red dot
- ON machines listening port: green
- ON machines not listening: red background
Once all network info has been recollected labadmin shows a grid map according the configured position.
On this stage admin user select controlled hosts range where exec the action.
Some range samples are:
> Select range (h for help): a # Select all hosts
> Select range (h for help): 11,23,51 # Select hosts 11, 23 and 51
> Select range (h for help): 11-20 # Select host 11 to 20
> Select range (h for help): 2,3,11-15 # Select host 2, 3 and 11 to 15
> Select range (h for help): all /odd # Select all odd hosts
> Select range (h for help): 11-20 /even # Select hosts 12, 14, 16, 18 and 20
This stage can be skipped using -r <range> parameter.
labadmin -r 11-23 # Exec labadmin and autoselect hosts from 11 to 23Action selection allow navigate accros all available actions to select action to exec. Actions are organized in categories directories.
It's possible to exec action in a iterative or concurrent way. By defualt iterative mode is used. To exec action in a concurrent mode use & symbol at end of action name.
> [/] Action: virtualbox/import # Exec action in iterative mode
> [/] Action: virtualbox/import& # Exec action in concurrent mode
This stage can be skipped using -a <action> parameter.
labadmin -a virtualbox/import # Exec labadmin and autoselect action virtualbox/import
labadmin -a "virtualbox/import&" # Exec labadmin and autoselect action virtualbox/import in concurrent modeEach action ask for needed parameters to exec according to action needs.
This stage can be skipped using -1 <value1> -2 <value2> ... parameters.
# Exec labadmin and autoselect virtualbox/import action with parameters alumno and /home/e.ova
labadmin -a virtualbox/import -1 alumno -2 /home/e.ova On this stage labadmin exec action in each host and show output messages of each host execution. If any error occurs labadmin shows at ending the machine list with errors.
Labadmin has a lot of actions ready to use! Actions are categorized for better organization.
[clone/] Manage partition image backups
[mbr-table/] Manage MBR partition table
[add-part] Create new partition
[del-part] Delete partition
[resize-part] Resize partition to grow until end of disk or next partition
[restore-table] Restore remote partition table
[save-table] Backup remote partition table and bootloader (first MB) and save in local path
[show-table] Show MBR partition table
[multicast/] Manage partition image backups using multicast
[restore-dd] Restore remote partition or disk using dd
[restore-part] Restore remote partition from local partclone image using multicast
[unicast/] Manage partition image backups using unicast
[restore-dd] Restore remote partition or disk using dd
[restore-part] Restore remote partition from local partclone image using unicast
[save-part] Clone remote partition and save to partclone image in local path using unicast
[conf/] System config tasks
[cron/] Config root crontab file
[add] Add line to root crontab
[remove] Remove line from root crontab
[show] Show root crontab config
[homeperm/] Config home directories permissions to 0750
[set] Set HOME directories permissions to rwxr-x--- and config adduser DIR_MODE=750
[show] Show HOME directories with permissive access
[networkmanager/] Prevent specific group can manage network-manager
[disable] Restrict network-manager to prevent specific group can manage it
[restore] Restore network-manager permissions to allow all users manage it
[sudoers/] Config sudoers file
[add] Add new line in sudoers file
[remove] Remove line from sudoers file
[show] Show sudoers file
[time/] Set system date/hour and show current time
[ntp] Update system timedate using NTP
[set] Set system timedate
[show] Show system time
[guardian] Install labadmin guardian for check and mail "stranger things" in hosts
[hostname] Set hostname
[mail] Install and config Postfix SMTP client for send mails (only root account)
[exam/] Create restrictive environment for take exams
[backup/] Manage exam backups autosaved when exam ends
[del] Delete exam(s) backup
[download] Download exam backup to local machine
[list] List all exam saved and hidden in root account
[show] Show content of exam backup
[check] Check if host is blocked for exam
[end] Come back host to normal config when exam ends
[start] Config host for restrictive exam environment
[exec/] Exec commands in hosts
[com] Exec commands in host
[script] Exec local script in host
[win] Open window in host X session
[win-admin] Open window in host X session with admin privileges
[file/] Transfer files to/from host
[copyfrom] Copy files or directory from host to admin
[copyto] Copy files or directory from admin to host
[download] Download URL resource in host
[multicast] Copy files or directory from admin to host using MULTICAST
[torrent] Download torrent resource in host
[torrent-local] Send local files to hosts using torrent
[labadmin/] Manage Labadmin config in hosts
[conf] Update labadmin host config (sshport and sshpubkey) from lab file config
[dependencies] Check and install host dependencies for Labadmin
[misc/] Miscellaneous actions
[screenshot/] Take host screenshot and save or display it
[save] Save multiple screenshot from host display
[show] Show host display animation
[music] The best moeldies in your pcspeaker! :D
[msg/] Send msg to host users
[chat] Starts text chat with logged user
[login] Show text message next time user login
[msg-urls] Config system for send notification when detect user is browsing some urls
[notify] Send notify message to logged user
[win] Show text message in a terminal window
[net/] Network configs and tools
[iptables/] Restrict network access using IPTABLES
[allow] Allow access to specific IP or domain in a whitelist
[blacklist] Start blacklist (delete all rules and allow all ips but exceptions)
[delete] Delete specific rule number
[deny] Deny access to specific IP or domain in a blacklist
[flush] Flush (clean) all rules
[list] List all IPTABLES rules
[show] Show all IPTABLES rules
[whitelist] Start whitelist (delete all rules and deny all ips but exceptions)
[check-con] Check network connectivity to gateway, Internet and DNS
[force-1000] Force negotiated speed to gigabit
[speed-conf] Show NIC card speed negotiated and poweroff slow hosts
[speed-test] Perform network speed test from admin to host
[process/] Manage logged user process
[cont] Continue all process of logged user
[kill] Kill all process of logged users
[list] List all process of logged users
[stop] Stop all process of logged users
[term] Term all process of logged users
[service/] Manage system services
[disable] Disable system service (no starts on startup)
[enable] Enable system service (starts on startup)
[is-active] Show if system service is active
[journal] Show system service journal
[list] List all system services
[reload] Reload system service
[restart] Restart system service
[start] Start system service
[status] Show system service status
[stop] Stop system service
[software/] Automate software installation
[packages/] Manage package repositories
[install] Install a list of packages from repositories
[uninstall] Uninstall a list of package(s)
[update] Update package info from repositories
[upgrade] Update all packages to latest version from repositories
[vbox_extpack] Update VirtualBox Extension Pack
[user/] Admin host users
[add] Add a user
[del] Delete user and his home directory
[group] Add/remove users from group
[idle] Show how much time user is idle (not using keyboard or mouse)
[lock] Lock users
[pass] Set user password
[show] Show users with PID >=1000, groups and sudoers config
[size] Show users sorted by HOME directory size
[unlock] Unlock users
[virtualbox/] Manage VirtualBox using vboxmanage
[bridge/] Allow or deny use bridged network
[disable] Disable bridged network for all users
[enable] Enable bridged network for all users
[status] Show status of bridged network for all users
[import] Import .ova file
[list] List all machines
[play] Play machine
[remove] Remove virtual machine
[rename] Rename machine
[snap] Create snapshot
[stop] Stop machine
[poweroff] Power OFF host
[poweron] Power ON host using network
[reboot] Reboot host
[reboot-grub] Reboot host
[ssh] Open SSH connection to host
[sysreq] Send system request signal
[dfc/] Deep Freeze command line control
[conf] Replace DP configuration using .rdx file (works frozen and unfrozen)
[freeze] Reboot system in frozen state (permanent)
[serial] Change license number
[state] Show DF state
[unfreeze] Reboot system in unfrozen state (permanent)
[exec/] Exec commands and open interpreter in hosts
[cmd] Open CMD command line interface
[com-cmd] Exec commands in Windows CMD host using WINRM
[com-ps] Exec commands in Windows PowerShell host using WINRM
[powershell] Open PowerShell command line interface
[file/] Manage files and transfers
[download] Download URL resource in host Downloads folder
[remove] Remove files and folders
[group/] Manage local groups
[add] Add new group
[auser] Add user account to existing group
[del] Remove group
[list] Show groups list and show specific group info
[ruser] Remove user account from existing group
[license/] Manage Windows license product key
[activate] Activate Windows license
[status] Show Windows activation status
[process/] Manage system process
[kill] Kill process
[list] Show process list
[rdp/] Manage Remote Desktop
[connect] Connect to remote desktop using Remmina
[disable] Disable remote desktop
[enable] Enable remote desktop for admin users
[software/] Manage software
[install] Install package software silently
[list] List all installed software and show specific programs info
[user/] Manage local users accounts
[add] Add new user account
[agroup] Add user account to existing group
[del] Remove user account
[disable] Disable user account
[enable] Enable user account
[list] Show user list and show specific user info
[pass] Set user password
[rename] Rename user account
[rgroup] Remove user account from existing group
[hostname] Set hostname
[msg] Open message in notification pop-up
[poweroff] Power OFF host
[poweron] Power ON host using network
[reboot] Reboot host
[time] Set system date/hour and show current time
The easy way to exec your own scripts is use the actions exec/com (execute comands) and exec/script (execute external script). However creating your own labadmin actions you can add permanent actions and use the labadmin interface options to obtain more powerful scripts.
For add a new action to labadmin only need:
- Create a action file following the labadmin interface. You can use template action located in doc/action_template.
- Save the action file in
actions/sshoractions/winrmdirectory, and labadmin will recognize the file automatically when starts.
For more info refer to:
- Action template: doc/action_template
- SSH sample: actions/ssh/user/add
- SSH admin+local+admin sample: actions/ssh/file/torrent-local
- WinRM sampple: actions/winrm/user/add
Labadmin license is GPLv3
My name is Leonardo Marco. I'm sysadmin teacher in CIFP Carlos III, Cartagena, Murcia (Spain).
You can email me for suggestions, contributions, labadmin help or share your feelings: labadmin@leonardomarco.com