Skip to content
/ ft_born2beroot Public

ft_born2beroot - system administration related exercise

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mxvements/ft_born2beroot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
notes
notes
 
 
script
script
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
signature.txt
signature.txt
 
 

Repository files navigation


Linkedin 42

born2beroot

This project aims to introduce you to the wonderful world of virtualization. We will crete a first machine in VirtualBox (or UTM if you can't use VirtualBox) under specific instructions. Then, at the end of this project we will be able to set up your own operating system while implementing strict rules.

Rules:

  • The use of VirtualBox is mandatory.
  • You only have to turn in a signature.txt file at the root of your repository. You must paste in it the signature of your machine's virtual disk. Go to Submission and peer-evaluation for more information.

Mandatory part

This project consists of having you set up your first server by following specific rules. You must choose as an operating system either the latest stable version of Debian (no testing/unstable), or the latest stable version of Rocky. Debian is highly recommended if you are new to system administration.

  • You must create at least 2 encrypted partitions using LVM.
  • A SSH service will be running on port 4242 only. For security reasons, it must no be possible to connect using SSH as root.
  • You have to configure your operating system with the UFW (or firewalld for Rocky) firewall and thus leave only port 4242 open.
  • The hostname of your virtual machine must be your login ending with 42. You will have to modify the hostname during the eval.
  • You have to implement a strong password policy.
    • Passw has to expire every 30 days.
    • Min. number of days allowed before the modification of a passw will be set to 2.
    • The user has to receive a warning message 7 days before their passw expires.
    • The passw must be at least 10 chars long. It must contain an uppercase letter, a lowercase letter, and a number. Also, it must not contain more than 3 consecutive identical numbers.
    • It mustn't include the name of the user.
    • The following rule doesn't apply to the root passw: it must have at leas 7 chars that are not part of the former passw.
    • of course, the root passw hass to comply with this policy
  • You have to install and configure sudo following strict rules.
    • Auth. using sudo has to be limited to 3 attempts in the event of an incorrect passw
    • A custom message of your choice has to be displayed if an error due to a wrong passw occurs when using sudo.
    • each action using sudo has to be archived, both inputs and outputs. The log file has to be saved in /var/log/sudo/folder.
    • the YYT mode has to enabled for security reasons.
    • For security reasons too, the paths that can be used nu sudo must be restricted, e.g. /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin.
  • In addition to the root user, a user with your login as username has to be present.
  • This user has to belong to the user42 and sudo groups.
  • Finally, you have to create a simplle script called monitoring.sh, it must be opened in bash. Your script must always be able to display the following information:
    • The architecture of your operating system and its kernel version.
    • The number of physical processors.
    • The number of virtual processors.
    • The current available RAM on your server and its utilization rate as a percentage.
    • The current available memory on your server and its utilization rate as a percentage.
    • The current utilization rate of your processors as a percentage.
    • The date and time of the last reboot.
    • Whether LVM is active or not.
    • The number of active connections.
    • The number of users using the server.
    • The IPv4 address of your server and its MAC (Media Access Control) address.
    • The number of commands executed with the sudo program.

At server startup, the script will display info on all terminals every 10 minutes (take a look at wall), the banner is optional. No error must be visible.

Bonus part

  • Set up partitions correctly so you get a structure similar to the one below (img provided on the subject).
  • Set up a functional WordPress website with the following services: lighttpd, MariaDB, and PHP.
  • Set up a service of your choice that you think is useful (NGINX / Apache2 excluded!). During the defense, you will have to justify your choice.

How to use

Other

Norminete

At 42 School, it is expected that almost every project is written in accordance with the Norm, which is the coding standard of the school.

Norminette's repository 
- No for, do...while, switch, case, goto, ternary operators and variable-length arrays are allowed
- Each function must be a maximum of 25 lines, not counting the function's curly brackets
- Each line must be at most 80 columns wide, comments included
- A function can take 4 named parameters maximum
- No assigns and declarations in the same line (unless static or const)
- You can't declare more than 5 variables per function
- ...

Aknowledgments

License

MIT License

About

ft_born2beroot - system administration related exercise

Topics

linux 42school 42cursus 42madrid

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages