Linux Lab #10 (50pts)

Due Monday June 20

Use the script command to make a log of your activities. The log should be named Lab10.HOSTNAME.DATE where HOSTNAME is your hostname (fetched from an environment variable or inline execution) and DATE is the current date and time in the format MMDDYY (fetched with inline execution). (E.g. "Lab10.LINFORD3040.052305")

In answering direct questions below (as marked by the question-mark '?'), use a shell comment to give your answer. For example, if I say: "What is the command to give you the system time?" You should type, at the command prompt, "# date is the command" or something to that effect. The important part is the hash-mark '#' which causes the shell to ignore everything behind it.

I strongly recommend that you use two terminals: one to run the script command and one to test your commands before executing them under script. It's also a good idea to use shell comments to say which part of the assignment the following commands are for.

Do not run any program which generates lots of escape- and meta-characters inside a terminal running the 'script' command. This includes man, vi, and pico.

Create a secure Apache2 virtual host

  1. Make sure apache2 is running
  2. Go to the apache2 configuration directory (this is /etc/apache2 on SuSE linux)
  3. Change to the vhosts.d directory
  4. Copy the file vhost-ssl.template to any file name you choose ending in '.conf'. This is your secure virtual host configuration file.
  5. Edit your secure virtual host configuration file and set the following properties:
    1. Server name to your FQDN at port 443
    2. Error log to /var/log/apache2/ssl_error_log
    3. Access log to /var/log/apache2/ssl_access_log
  6. Use diff to show your changes in context

Enable the Apache2 SSL module

  1. Make a backup copy of /etc/sysconfig/apache2 with an appropriate file name
  2. Make the following changes to /etc/sysconfig/apache2:
    1. If APACHE_START_TIMEOUT is less than 30 seconds, make it at least 30 seconds
    2. If 'ssl' is not listed in APACHE_MODULES, add 'ssl' to APACHE_MODULES
    3. If 'ssl' is not listed in APACHE_SERVER_FLAGS, add 'ssl' to APACHE_SERVER_FLAGS
  3. Use diff to show your changes in context

Generate certificates

  1. There's a nice, friendly script at /usr/share/doc/packages/apache2 called 'certificate.sh'. Go run it and supply the needed information. Be sure to encrypt your keys with a passphrase.
  2. Do a recursive listing of /etc/apache2/ssl.* to show the new certificate creation dates and filesizes

Start virtual host and test it out

  1. Restart the apache2 service. You should be prompted for a passphrase.
  2. Browse to http://localhost. Did it work?
  3. Browse to https://localhost. Did it work?

When finished, type exit or press ^D until you get a message like "Script done, file is Lab10.HOSTNAME.DATE". To turn in the assignment, scp the logfile to 192.168.0.100:/public_3040 as user "cs3040"