8. Exam from basic topics

8.1. Parsowanie /etc/passwd

  1. Poniższe listingi prezentują przykładową zawartość plików:

  2. Skopuj ich zawartość do plików (shadow, passwd, group) na dysku w katalogu gdzie masz kod programu (uwaga: komentarze i puste mają również być skopiowane)

  3. Sparsuj plik i przedstaw go w formacie listy dictów

  4. W ramach dicta połącz dane, tak aby uzyskać wynik:

    users = [{
        'login': 'jimenez',
        'uid': 1001,
        'gid': 1001,
        'home': '/home/jimenez',
        'shell': '/bin/bash',
        'algorithm': 'SHA-512',
        'password': 'P9zn0KwR...k4kijuhE50',
        'groups': ['staff', 'sysadmin'],
        'lastchanged': datetime.date(2015, 7, 16),
        'locked': False,
    }, ...]
    
  5. Zwróć listę użytkowników (UID >= 1000)

About:
  • Filename: exam-foundations.py
  • Lines of code to write: 60 lines
  • Estimated time of completion: 60 min
The whys and wherefores:
 
  • czytanie i parsowanie pliku
  • łączenie danych z różnych plików w jeden format wynikowy
  • nieregularne pliki konfiguracyjne (struktura może się zmieniać)
  • filtrowanie elementów
  • korzystanie z pętli i instrukcji warunkowych
  • parsowanie stringów
  • praca ze ścieżkami w systemie operacyjnym
  • różna reprezentacja danych (podmienianie wartości)
Code Listing 8.1. Przykładowa zawartość pliku /etc/passwd
##
# User Database
#   - User name
#   - Encrypted password
#   - User ID number (UID)
#   - User's group ID number (GID)
#   - Full name of the user (GECOS)
#   - User home directory
#   - Login shell
##

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
nobody:x:99:99:Nobody:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
peck:x:1000:1000:Max Peck:/home/peck:/bin/bash
jimenez:x:1001:1001:Jose Jimenez:/home/jimenez:/bin/bash
ivanovic:x:1002:1002:Ivan Ivanovic:/home/ivanovic:/bin/bash
Code Listing 8.2. Przykładowa zawartość pliku /etc/shadow
# Username field: Username, up to 8 characters. Case-sensitive, usually all lowercase. A direct match to the username in the /etc/passwd file.
# Password field: Password, 13 character encrypted. A blank entry (eg. ::) indicates a password is not required to log in (usually a bad idea), and a ``*'' entry (eg. :*:) indicates the account has been disabled. This field stores the password in encrypted format:
#
#        $1$ is MD5
#        $2a$ is Blowfish
#        $2y$ is Blowfish
#        $5$ is SHA-256
#        $6$ is SHA-512
#
#        A password field which starts with a exclamation mark means that the password is locked.
#        Both "!" and "!!" being present in the password field mean an account is locked.
#        By default, * is used on accounts where no password has ever been set.
#        By default, !<password_hash> is used when you lock an account.
#        "!!" in an account entry in shadow means the account of an user has been created, but not yet given a password. Until being given an initial password by a sysadmin, it is locked by default.
#
# Last Password Change: The number of days (since January 1, 1970) since the password was last changed.
# Minimum days between password changes: The number of days before password may be changed (0 indicates it may be changed at any time)
# Password validity: The number of days after which password must be changed (99999 indicates user can keep his or her password unchanged for many, many years)
# Warning threshold: The number of days to warn user of an expiring password (7 for a full week)
# Account inactive: The number of days after password expires that account is disabled
# Time since account is disabled: The number of days since January 1, 1970 that an account has been disabled
# A reserved field for possible future use

root:$6$Ke02nYgo.9v0SF4p$hjztYvo/M4buqO4oBX8KZTftjCn6fE4cV5o/I95QPekeQpITwFTRbDUBYBLIUx2mhorQoj9bLN8v.w6btE9xy1:16431:0:99999:7:::
adm:$6$5H0QpwprRiJQR19Y$bXGOh7dIfOWpUb/Tuqr7yQVCqL3UkrJns9.7msfvMg4ZO/PsFC5Tbt32PXAw9qRFEBs1254aLimFeNM8YsYOv.:16431:0:99999:7:::
peck:!!:16550::::::
jimenez:$6$P9zn0KwR$tgfvvFWJJ5FKmoXiP5rXWOjwoEBOEoAuBi3EphRbJqqjWYvhEM2wa67L9XgQ7W591FxUNklkDIQsk4kijuhE50:16632:0:99999:7:::
ivanovic:$1$.QKDPc5E$SWlkjRWexrXYgc98F.:12825:0:90:5:30:13096:
Code Listing 8.3. Przykładowa zawartość pliku /etc/group
##
# Group Database
#   - name: Contains the name assigned to the group.
#   - password (x) - x in this field indicates that shadow passwords are used.
#   - Group ID (GID): Each user must be assigned a group ID. You can see this number in your /etc/passwd file.
#   - members: Comma separated list of user names - members of the group.
##

root::0:root
other::1:
bin::2:root,bin,daemon
sys::3:root,bin,sys,adm
adm::4:root,adm,daemon
mail::6:root
staff::10:jimenez,peck,ivanovic
daemon::12:root,daemon
sysadmin::14:jimenez,ivanovic
nobody::60001:
noaccess::60002:
nogroup::65534: